LEGAL DISCLAMER!
The author does not hold any responsibility about the bad use of this script, remember that attacking targets without prior concent its ilegal and punish by law, this script was build to show how resource files can automate tasks.
NativePayload_DNS2 is a C# Code/script for transferring Backdoor Payloads by DNS Traffic (A Records) and Bypassing Anti-viruses by DNS Traffic (A Records)
Where is vulnerability point in this case?
When you want to use Payloads without encryption or Hard coded Payloads inyour backdoor file or (File-systems) you need to transfer Payloads over Network from your system to target computer by some Protocol like HTTP and DNS or … , in this case we want to transfer these Payloads over DNS Traffic also execute these Payloads in Target computer memory so vulnerability point is Payload location and vulnerability point is Anti-viruses methods for Detecting Malware.Because in this case we don’t have Payloads in File-systems so we have Payload in memory and Network Traffic (in this case DNS A Records Traffic).
NativePayload_DNS2
Important Point : in this technique I want to use IPv4 address like a temporary thing for Meterpreter Payloads so detecting this technique is very difficult also Very important
Dependencies:
+ Visual Studio
+ Git and Internet Right?
Usage:
open cmd/console git clone https://github.com/DamonMohammadbagher/NativePayload_DNS2 && cd NativePayload_DNS2 csc NativePayload_DNS2.cs NativePayload_DNS2.exe create example.com "11,22,33,44,55,77,99,WW" then copy a record to etc/hosts now you can analyze it using dnsmasq tool or etc