Deep dive into DNS Tunneling

5 min readOct 8

Introduction

Cybercriminals employ this method to circumvent security measures. With the help of the DNS protocol, the attacker in this case was able to send data that has nothing to do with DNS queries or responses. Attackers are able to exfiltrate sensitive data from the server after they have bypassed security safeguards.

It’s perfectly acceptable to say something like “my friend saw you at the park” in everyday conversation. But if we don’t want anyone to see our request directly, we can include some information in our usual message, making it look like a message about a meeting in the park. We employ a DNS tunnel to remain anonymous while the attacker steals sensitive data from within the target firm. DNS tunneling is analogous to sending encrypted communications that appear to be harmless chatter. DNS is designed to keep secrets.

How to bypass network restrictions in DNS tunneling

Sometimes we find that certain online resources are restricted in public settings like schools and offices. In response, administrators at places like companies and schools have begun implementing firewalls and content filters to restrict access to such websites. The following are some of the potential benefits of DNS tunneling in facilitating access to these resources.

To get around the ban, our machine makes a DNS request to a DNS server, asking it to convert “facebook.com” into an IP address. This is a core feature of DNS servers, but the IP address that is returned is then blocked by the network’s firewall. To access the website, we can now submit a request to the DNS server, but instead of sending a standard request, we can send a request that contains encrypted data relating to the website, such as the IP address of a proxy server. So when a request comes in for validation, it looks like a normal request, but it actually contains instructions to visit the restricted domains via the proxy. DNS servers, upon seeing the proxy server’s IP address, will usually allow the request to proceed via it because it appears to be a valid DNS query. Users are now able to gain unrestricted…

Deep dive into DNS Tunneling

Introduction

How to bypass network restrictions in DNS tunneling

Written by Gupta Bless

More from Gupta Bless

Exploiting Local File Inclusion (LFI) Using PHP Wrapper

IN my previous blog related to LFI, I already discussed some basic steps to achieve LFI. Now in this blog I am explaining how we can…

Understanding Prototype Pollution

JavaScript is widely used for client side validation but nowadays also used to build servers or some backend applications. Due to which…

Exploiting File Upload using Null byte

In my previous blog related to FILE upload, I already discussed some basic techniques to bypass whitelisting of file extensions. Now in…

Bypassing Firusing NMAP

Introduction

Recommended from Medium

How to Find First Bug (For Beginners)

As a beginner, you try to find bugs in many websites but still you got nothing. You got Demotivation during bug hunting ,Don’t worry when…

How to find sensitive information in an organization .

Lists

General Coding Knowledge

ChatGPT prompts

Coding & Development

ChatGPT

Use these cheatsheets to increase your CTF speed.

This cheatsheet contains essential commands I always use in CTFs, THM boxes, and in cybersecurity. Includes commands and tools for…

Top Recon Tools for Bug Bounty Hunters

In this blog, we explore top-tier reconnaissance tools that empower bug bounty hunters. From Shodan’s IoT device insights to Waymore’s web…

Host Header Injection lead to Hall of Fame

Intro : Hello Hackers! What’s Up. Welcome to my New Article. Here I will discuss about Host Header Injection that takes me to Hall of Fame…

Unveiling the Mechanics of Session Hijacking: A Step-by-Step Guide to Capture and Exploit Cookies