Gray Hat Ninja
  • Home
Subscribe
tricks

DNS Egress

Ryan Bentz

Jul 24, 2014 • 1 min read

Well here's a handy trick. We often find in post-exploitation that it can be difficult to egress data. This is especially true in environments where egress filtering is enabled and a host only allows connections over basic ports like 53/DNS.

I came across this trick the other day which I thought was just brilliant. Credit to Ben Clark and his RTFM guide which is getting rave reviews on Amazon for this snippet.

How's that for elegant? When I'm not using srvdir for exfil this will be another trick in my back pocket.

Sign up for more like this.

Enter your email
Subscribe

I tried harder: My OSCP review and advice

A couple weeks ago, I received official word from Offensive Security that I obtained my OSCP -- Offensive Security Certified Professional. Needless to say, I'm thrilled with this outcome as I've been working hard to achieve this. And if you're reading this blog post, you're likely doing the same. During

Ryan Bentz Nov 24, 2014 • 4 min read

F-Response + Volatility = <3

This really is a match made in heaven. F-Response is really slick from a remote memory acquisition standpoint. Combine that with Volatility and you have an easy 30-minute meal recipe for memory forensics and incident response. I set F-Response up to allow me to connect to a domain-joined machine on

Ryan Bentz Sep 4, 2014 • 6 min read

This Should be Fun

So, I've started and stopped blogs many times. But this time is for real. Look for me to post useful anecdotes about my foray into the world of pen testing, security and malware analysis. I'm relatively new in the space, so I'm guessing this blog will be for others who

Ryan Bentz Jul 20, 2014 • 1 min read
Gray Hat Ninja © 2023
Powered by Ghost