Data Exfiltration Techniques: DNS Exfiltration | TryHackMe
An overview of data exfiltration methods focusing on DNS exfiltration techniques, with additional resources for cybersecurity certification notes and cheat sheets.
Motasem Hamdan
13.9K views • Sep 7, 2022
About this video
🚀 Cyber Security Certification Notes
https://shop.motasem-notes.net/collections/cyber-security-study-notes
🚀OR Certification Notes with Cheat Sheets
https://buymeacoffee.com/notescatalog/extras
đź’ˇCyber Security Notes | Membership Access
https://buymeacoffee.com/notescatalog/membership
🔥Download FREE Cyber Security 101 Study Notes
https://buymeacoffee.com/notescatalog/e/290985
***
In this video walk-through, we covered Data Exfiltration through DNS protocol and performed C2 through DNS as well.
**********
Receive Cyber Security Field Notes and Special Training Videos
https://www.youtube.com/channel/UCNSdU_1ehXtGclimTVckHmQ/join
*******
Writeup
https://motasem-notes.net/dns-tunneling-explained-tryhackme-dns-data-exfiltration/
TryHackMe Data Exfiltration
https://tryhackme.com/r/room/dataxexfilt
*****
Store
https://buymeacoffee.com/notescatalog/extras
Patreon
https://www.patreon.com/motasemhamdan
LinkedIn
[1]: https://www.linkedin.com/in/motasem-hamdan-7673289b/
[2]: https://www.linkedin.com/in/motasem-eldad-ha-bb42481b2/
Instagram
https://www.instagram.com/motasem.hamdan.official/
Google Profile
https://maps.app.goo.gl/eLotQQb7Dm6aiL8z6
Twitter
https://twitter.com/ManMotasem
Facebook
https://www.facebook.com/motasemhamdantty/
***
0:00 - Introduction to Data Exfiltration over DNS
0:32 - Why Use DNS for Exfiltration?
1:16 - How Data Moves Through Subdomains
2:35 - Key Limitations of DNS Exfiltration
5:11 - Example: Exfiltrating Credit Card Data
5:46 - Requirements for DNS Exfiltration
6:09 - Setting Up a Domain for Exfiltration
8:03 - Configuring a DNS Server
8:27 - Live Scenario: Setting Up the Attacker Machine
10:07 - Opening a Listener on the Attacker Machine
11:09 - Preparing the Victim Machine
12:14 - Converting Data to Base64
14:08 - Splitting Base64 Data for Subdomains
16:22 - Sending DNS Requests with Data
17:06 - Receiving and Decoding Data on the Attacker Side
17:41 - Command and Control (C2) Communication via DNS
18:14 - Creating Text Records for C2 Commands
19:23 - Final Task: Using DNS for Flag Retrieval
20:00 - Summary and Additional Resources
https://shop.motasem-notes.net/collections/cyber-security-study-notes
🚀OR Certification Notes with Cheat Sheets
https://buymeacoffee.com/notescatalog/extras
đź’ˇCyber Security Notes | Membership Access
https://buymeacoffee.com/notescatalog/membership
🔥Download FREE Cyber Security 101 Study Notes
https://buymeacoffee.com/notescatalog/e/290985
***
In this video walk-through, we covered Data Exfiltration through DNS protocol and performed C2 through DNS as well.
**********
Receive Cyber Security Field Notes and Special Training Videos
https://www.youtube.com/channel/UCNSdU_1ehXtGclimTVckHmQ/join
*******
Writeup
https://motasem-notes.net/dns-tunneling-explained-tryhackme-dns-data-exfiltration/
TryHackMe Data Exfiltration
https://tryhackme.com/r/room/dataxexfilt
*****
Store
https://buymeacoffee.com/notescatalog/extras
Patreon
https://www.patreon.com/motasemhamdan
[1]: https://www.linkedin.com/in/motasem-hamdan-7673289b/
[2]: https://www.linkedin.com/in/motasem-eldad-ha-bb42481b2/
https://www.instagram.com/motasem.hamdan.official/
Google Profile
https://maps.app.goo.gl/eLotQQb7Dm6aiL8z6
https://twitter.com/ManMotasem
https://www.facebook.com/motasemhamdantty/
***
0:00 - Introduction to Data Exfiltration over DNS
0:32 - Why Use DNS for Exfiltration?
1:16 - How Data Moves Through Subdomains
2:35 - Key Limitations of DNS Exfiltration
5:11 - Example: Exfiltrating Credit Card Data
5:46 - Requirements for DNS Exfiltration
6:09 - Setting Up a Domain for Exfiltration
8:03 - Configuring a DNS Server
8:27 - Live Scenario: Setting Up the Attacker Machine
10:07 - Opening a Listener on the Attacker Machine
11:09 - Preparing the Victim Machine
12:14 - Converting Data to Base64
14:08 - Splitting Base64 Data for Subdomains
16:22 - Sending DNS Requests with Data
17:06 - Receiving and Decoding Data on the Attacker Side
17:41 - Command and Control (C2) Communication via DNS
18:14 - Creating Text Records for C2 Commands
19:23 - Final Task: Using DNS for Flag Retrieval
20:00 - Summary and Additional Resources
Tags and Topics
Browse our collection to discover more content in these categories.
Video Information
Views
13.9K
Likes
167
Duration
20:13
Published
Sep 7, 2022
User Reviews
4.4
(2) Related Trending Topics
LIVE TRENDSRelated trending topics. Click any trend to explore more videos.