Introduction
DNSBin is a tool to test data exfiltration through DNS. It's helpful for testing out of band attacks when testers try to prove that they can execute commands on a targeted server by connecting to a public domain.
Usage
- Generate a random string like
iuhwqerojisdf234df
- Perform a
ping, dig, nslookup, etc
to the domainiuhwqerojisdf234df.test.dnsbin.net
. Note that you have to replace the random string with your string. - DNSBin will receive your DNS query and you can check whether it is successful or
not by requesting to
https://dnsbin.net/verify/test/iuhwqerojisdf234df
. You get the statustrue
if the command is executed successfully and getfalse
for the failed command.
curl https://dnsbin.net/verify/test/iuhwqerojisdf234df
{"status": true}