dfex: DNS File EXfiltration

From securityonline.info

DNS File EXfiltration

Data exfiltration is a common technique used for post-exploitation, DNS is one of the most common protocols through firewalls. We take the opportunity to build a unique protocol for transferring files across the network.

Existing tools have some limitations and NG Firewalls are getting a bit “smarter”, we have been obliged to explore new combinations of tactics to bypass these. Using the good old fashion “HIPS” (Hidden In Plain Sigh) tricks to push files out.

Read more…