{"id":16774723,"url":"https://github.com/leonjza/dnsfilexfer","last_synced_at":"2025-03-22T00:30:46.925Z","repository":{"id":14882124,"uuid":"17605723","full_name":"leonjza/dnsfilexfer","owner":"leonjza","description":"File transfer via DNS","archived":false,"fork":false,"pushed_at":"2017-05-21T09:00:15.000Z","size":29,"stargazers_count":71,"open_issues_count":1,"forks_count":15,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-03-18T06:22:49.258Z","etag":null,"topics":["dns","exfiltration"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/leonjza.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2014-03-10T19:35:46.000Z","updated_at":"2025-02-13T18:47:42.000Z","dependencies_parsed_at":"2022-08-03T04:06:31.881Z","dependency_job_id":null,"html_url":"https://github.com/leonjza/dnsfilexfer","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leonjza%2Fdnsfilexfer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leonjza%2Fdnsfilexfer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leonjza%2Fdnsfilexfer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leonjza%2Fdnsfilexfer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/leonjza","download_url":"https://codeload.github.com/leonjza/dnsfilexfer/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244890102,"owners_count":20527030,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dns","exfiltration"],"created_at":"2024-10-13T06:49:56.218Z","updated_at":"2025-03-22T00:30:46.627Z","avatar_url":"https://github.com/leonjza.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"dnsfilexfer - File transfers via DNS\n===========\nJust some code to xfer files via DNS lookups. Supports encrypting the on the wire traffic with a short passphrase and can be used to be parsed purely from the output found in a `tcpdump` using `xxd` and the `-X` flag in the sender.\n\n### Installing\nClone the repo, and install the dependencies as put out in `requirements.txt`:\n\n```\n% git clone https://github.com/leonjza/dnsfilexfer.git\n% cd dnsfilexfer\n% sudo pip install -r requirements.txt\n```\nIn case the installation fails because of `pycrypto`, you might need to install `python-dev` manually.\n\n### Sample Usage:\n\nAssuming the receiver `dns_recv.py` is running (where 192.168.10.1 is the server):\n```\n% echo \"This is a test message that will be sent over DNS\\n Cool eh?\" \u003e /tmp/message\n% cat /tmp/message\nThis is a test message that will be sent over DNS\nCool eh?\n\n% python dns_send.py --server 192.168.10.1 --file /tmp/message --indentifier dns_message_test --secret\nWhat is the secret?\n[INFO] Message is encypted with the secret\n---START OF MESSAGE---\n/lHsvTZT3nJfQgdtUWSpKDqrpKuK+eLrU3bpAp9aNDJt6K/mwEc8sBUaJybPh7r5h2AOkJVezwBBODSV9hFM8w==\n---END OF MESSAGE---\n[INFO] Sending lookup for : 00006:10000000000000000000000000000000000000000000000000.fake.io\n[INFO] Sending lookup for : 0001646e735f6d6573736167655f7465737400000000000000000000.fake.io\n[INFO] Sending lookup for : 00028bf2046ae2144be75d2ce780b3f992e2c368021e.fake.io\n[INFO] Sending lookup for : 00032f6c487376545a54336e4a6651676474555753704b447172704b754b.fake.io\n[INFO] Sending lookup for : 00042b654c7255336270417039614e444a74364b2f6d7745633873425561.fake.io\n[INFO] Sending lookup for : 00054a796250683772356832414f6b4a56657a7742424f4453563968464d.fake.io\n[INFO] Sending lookup for : 000638773d3d.fake.io\n[INFO] Sending lookup for : 00000000000000000000000000000000000000000000000000000000.fake.io\n[INFO] Message sent in 8 requests\n```\n\nOn the server/receiver\n```\n% sudo python dns_recv.py --listen 0.0.0.0 --secret\nPassword:\nWhat is the secret?\n[INFO] Fake DNS server listening on 0.0.0.0 / 53 with a configured secret.\n[INFO] Full resource record query was for: 00006:10000000000000000000000000000000000000000000000000.fake.io.\n[INFO] Processing frame 00006:10000000000000000000000000000000000000000000000000\n[INFO] Full resource record query was for: 0001646e735f6d6573736167655f7465737400000000000000000000.fake.io.\n[INFO] Processing frame 0001646e735f6d6573736167655f7465737400000000000000000000\n[INFO] Full resource record query was for: 00028bf2046ae2144be75d2ce780b3f992e2c368021e.fake.io.\n[INFO] Processing frame 00028bf2046ae2144be75d2ce780b3f992e2c368021e\n[INFO] Full resource record query was for: 00032f6c487376545a54336e4a6651676474555753704b447172704b754b.fake.io.\n[INFO] Processing frame 00032f6c487376545a54336e4a6651676474555753704b447172704b754b\n[INFO] Full resource record query was for: 00042b654c7255336270417039614e444a74364b2f6d7745633873425561.fake.io.\n[INFO] Processing frame 00042b654c7255336270417039614e444a74364b2f6d7745633873425561\n[INFO] Full resource record query was for: 00054a796250683772356832414f6b4a56657a7742424f4453563968464d.fake.io.\n[INFO] Processing frame 00054a796250683772356832414f6b4a56657a7742424f4453563968464d\n[INFO] Full resource record query was for: 000638773d3d.fake.io.\n[INFO] Processing frame 000638773d3d\n[INFO] Full resource record query was for: 00000000000000000000000000000000000000000000000000000000.fake.io.\n[INFO] Processing frame 00000000000000000000000000000000000000000000000000000000\n[OK] Message seems to be intact and passes sha1 checksum of 8bf2046ae2144be75d2ce780b3f992e2c368021e\n[OK] Message was received in 8 requests\n[INFO] Message has been decrypted with the configured secret\nMessage identifier: dns_message_test\n\n---START OF MESSAGE---\nThis is a test message that will be sent over DNS\nCool eh?\n\n---END OF MESSAGE---\n```\n\n### Options\n#### Sender (dns_send.py)\n  `-S` SERVER, `--server`=SERVER specify dns server to send requests to  \n  `-F` FILE, `--file`=FILE specify the file to send  \n  `-I` IDENT, `--indentifier`=IDENT specify a message indentifier  \n  `-X`, `--xxd` Enable questions to be `xxd -r` friendly (60 charslong)  \n  `-s`, `--secret` Set the secret used for the AES encryption  \n  `-d` DOMAIN, `--domain`=DOMAIN fake zone to use for generated lookups  \n  \n#### Receiver (dns_recv.py)\n  `-L` LISTEN, `--listen`=LISTEN specify hostname to listen on  \n  `-p` PORT, `--port`=PORT port number to listen on (Defaults: 53)  \n  `-O` OUT, `--outfile`=OUT specify a message file destination  \n  `-s`, `--secret` Set the secret used for the AES encryption\n\n[Blog Entry](https://leonjza.github.io/2014/03/11/dnsfilexfer-yet-another-take-on-file-transfer-via-dns/)\nContact: [@leonjza](https://twitter.com/leonjza)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fleonjza%2Fdnsfilexfer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fleonjza%2Fdnsfilexfer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fleonjza%2Fdnsfilexfer/lists"}