
Dailydave mailing list archives
INNUENDO DNS CHANNEL Video
From: Dave Aitel <dave () immunityinc com>
Date: Mon, 22 Dec 2014 17:14:46 -0500
Click here to view it: https://vimeo.com/115206626 It is hard to get out of a modern corporate network without a DNS channel. The simplistic benefit of INNUENDO's DNS channel over other random things like DNSCat is that you get encryption, redundancy, and ordering, all as part of the package. And we built in a burst-speed controller as part of the protocol (which I go over a bit in the movie). There's only one public paper I can see with realistic throughput numbers on DNS channels like this (although I distinctly remember Kaminsky playing video over DNS in one of his talks?), and it claims ~1KB/s. With INNUENDO if you push the gauge up you can get 4KB/s, even with our additional signaling overhead. By default we stick to 1KB/s to avoid swamping intermediary DNS servers. In real-world terms: A screenshot is going to take you 33 seconds. Ideally you don't use your DNS channel as a massive exfil channel, but simply as a way to find a better path out of the network. As always, if you're interested in buying or evaluating INNUENDO please email admin () immunityinc com Thanks, Dave Aitel Immunity, Inc.
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- INNUENDO DNS CHANNEL Video Dave Aitel (Dec 22)
- Re: INNUENDO DNS CHANNEL Video Ron Gula (Dec 23)