Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/al-azif/exploit-host-dns
Docker based DNS component of the Exploit Host
https://github.com/al-azif/exploit-host-dns
docker server shell
Last synced: 8 days ago
JSON representation
Docker based DNS component of the Exploit Host
- Host: GitHub
- URL: https://github.com/al-azif/exploit-host-dns
- Owner: Al-Azif
- License: mit
- Created: 2020-10-24T18:18:01.000Z (about 4 years ago)
- Default Branch: main
- Last Pushed: 2024-05-12T22:26:17.000Z (6 months ago)
- Last Synced: 2024-05-13T03:23:15.895Z (6 months ago)
- Topics: docker, server, shell
- Language: Shell
- Homepage: https://hub.docker.com/r/alazif/exploit-host-dns
- Size: 42 KB
- Stars: 19
- Watchers: 4
- Forks: 8
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Exploit Host DNS
Purpose made DNS Docker file setup for hosting exploits for the web browser for Sony PlayStation devices and the Nintendo Wii/WiiU/Switch.
## Features
### Stand Alone
- Blocks telemetry
- Blocks system updates
- Blocks PlayStation title updates
- Blocks metadata domain, but raw PKG links resolve. Third party tools like OrbisPatches will function
- Pass through for remainder of the internet
- Obviously Sony/Nintendo domains will not resolve
- Access control list for Blacklisting IPs completely and/or Whitelisting IPs for recursive queries
### With Exploit Host HTTP
When used in conjunction with [Exploit Host HTTP](https://github.com/Al-Azif/exploit-host-http) the following additional features are added:
- Enables internet speed tests
- Enables serving custom system updates
- Hijacks default browser landing pages
## Usage
### Command Line
This command will always pull the latest image from Docker Hub, run on the main Docker bridge network, redirect hijacked domains to `192.0.2.2`, IPv6 is disabled (As it's not explicitly enabled), and it will restart if it's not running until you explicitly tell it to stop.
`docker run -d --network bridge -p 53:53/tcp -p 53:53/udp -e REDIRECT_IPV4=192.0.2.2 --restart unless-stopped --pull always alazif/exploit-host-dns:latest`
### Composer
This composer file will do the same as the command above.
```yml
---
version: "3.8"
services:
exploit-host-dns:
image: alazif/exploit-host-dns:latest
network_mode: bridge
ports:
- 53:53/tcp
- 53:53/udp
environment:
REDIRECT_IPV4: 192.0.2.2
pull_policy: always
restart: unless-stopped
```
Start the compose file by calling `docker compose up -d` from the same location as the composer file.
## Options (Environment Variables)
| Option | Default | Type | Info |
|:-------------------|:--------------|:--------|:-----------------------------|
| DEBUG | `false` | boolean | Show debug output for `entrypoint.sh` in the Docker log. |
| AUTOUPDATE_ZONES | `false` | boolean | Update the zone files automatically if `/opt/dns-config-watchdog/zones.json` is modified. |
| SMART_WATCHER | `false` | boolean | How modifications to `/opt/dns-config-watchdog/zones.json` are checked. If `true` uses Python's Watchdog package. If `false` uses a looped shell command to watch for changes. Ignored if `AUTOUPDATE_ZONES` is `false`. |
| LOGGING | `false` | boolean | Enable DNS logging. Logged to `/var/log/named/`. |
| DNS_RESTART | `rndc reload` | string | The command issued within `/opt/dns-config-watchdog/main.py` to restart the DNS server after generating zone files. |
| REDIRECT_IPV4 | none | string | Must have an IPv4, an IPv6, or both specified. This is the address which hijacked domains will be forwarded to. |
| REDIRECT_IPV6 | none | string | Must have an IPv4, an IPv6, or both specified. This is the address which hijacked domains will be forwarded to. |
## TODO
- [ ] Double check/separate IPv4 vs IPv6 support better. Don't assume IPv4 is supported if IPv6 is on, etc.
- [ ] Test Nintendo Wii/WiiU/Switch support.
- [ ] Add/Test Xbox support.