DNS Data exfiltration — What is this and How to use?

1. What is DNS Data exfiltration and how does it work?

What is DNS Data exfiltration?

Figure 1. A simple definition of DNS Data exfiltration
Figure 2. A DNS resolution flow (source: tcpipguide.com)
Figure 3. A setting of NS records
Figure 4. An example which uses DNS Data exfiltration (source: blogs.akamai.com)
Figure 5. Use CNAME record to send data from outside

2. How to use DNS Data exfiltration?

Follow the first part, to use the DNS Data exfiltration, you must at least have a domain and a name server which is setup to dns package inspection. It’s not complicate but not easy for anyone.

Figure 6. Screenshot of requestbin.net/dns

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store