|
|
|
|
|
|
by ldarby
923 days ago
|
|
|
No, it's the other way round. You setup this DNS server to serve e.g. evil.com on the global internet. Then if you can control the client, you can just do regular DNS lookups for <longstring>.evil.com, that goes to the victim's DNS server, and that DNS server forwards it to this DNS server, which saves <longstring> (many of them) to a file. Edit: looking closer, this isn't exactly how this tool works, this DNS server assumes the client can send directly to this DNS server, I was assuming it didn't need to do that (and if it sends to the victim's DNS server instead, it's a lot harder to block). If you used it as I thought above, the output filename would just be "evil.com". |
|
|