Skip to content

jeanlucdupont/EXEfromDNS

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
DNS-entries.txt
DNS-entries.txt
 
 
EXEfromDNS.py
EXEfromDNS.py
 
 
README.md
README.md
 
 
securityrabbits.asm
securityrabbits.asm
 
 

Repository files navigation

EXEfromDNS is a proof-of-concept (PoC) that demonstrates how to deliver a Windows executable over DNS using TXT records.

This project consists of:

  • A minimal Windows x86 executable (~2.5 KB) written in assembly (GoAsm)
  • A Python script that reconstructs the binary by querying DNS TXT records

The executable payload is base64-encoded, sliced into chunks, and stored as DNS TXT records under subdomains like: chunk0.securityrabbits.com chunk1.securityrabbits.com ...

This project is intended for educational, research, and red-team use only. Do not use in any unauthorized environment. Misuse of this technique may violate laws or terms of service.

image

About

PoC that downloads an executable from public DNS servers

Resources

Readme
Activity

Stars

22 stars

Watchers

2 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages