search

iagox86 / dnscat2

BSD 3-Clause "New" or "Revised" License
3.43k stars 601 forks source link

/root/dnscat2/server/libs/dnser.rb:828:in `bind': Address already in use - bind(2) for "0.0.0.0" port 53 (Errno::EADDRINUSE) #141

Open rol227 opened 5 years ago

rol227 commented 5 years ago

I'm on an AWS Lightsail Ubuntu 18.04 VPS. I've tried running ruby ./dnscat2.rb to get the dnscat2> prompt.

However, I keep getting the following errors:

Security policy changed: All connections must be encrypted Traceback (most recent call last): 6: from ./dnscat2.rb:208:in "main" 5: from /root/dnscat2/server/tunnel_drivers/tunnel_drivers.rb:24:in "start" 4: from /root/dnscat2/server/tunnel_drivers/tunnel_drivers.rb:24:in "new" 3: from /root/dnscat2/server/tunnel_drivers/driver_dns.rb:251:in "initialize" 2: from /root/dnscat2/server/tunnel_drivers/driver_dns.rb:251:in "new" 1: from /root/dnscat2/server/libs/dnser.rb:828:in "initialize" /root/dnscat2/server/libs/dnser.rb:828:in "bind": Address already in use - bind(2) for "0.0.0.0" port 53 (Errno::EADDRINUSE)

I've used netstat to see that I have a systemd-resolve process listening on port 53. However, I've tried editing the resolved.conf to DNSStubListener=no, and I still get the exact same errors. I've been wracking my brain trying to figure this out for the better part of a day, and I'm not sure what to do. Any ideas?

iagox86 commented 5 years ago

Yeah, your system DNS resolver is listening on port 53, probably working as a cache. You might be able to fix it by passing your public ip address to dnscat2 as an argument:

ruby dnscat2.rb --dns host=your.ip.address.goes.here,port=53,domain= yourdomain.org

Change your.ip.address.goes.here to your own ip, and yourdomain.org to your own domain, obviously. If you don't have a domain you're using, you can just leave out the domain= part.

Alternatively, you can stop the systemd-resolve service, though that may make it impossible to use other services.

Hope that helps!

On Mon, May 13, 2019 at 7:09 PM rol227 notifications@github.com wrote:

I'm on an AWS Lightsail Ubuntu 18.04 VPS. I've tried running ruby ./dnscat2.rb to get the dnscat2> prompt.

However, I keep getting the following errors:

Security policy changed: All connections must be encrypted Traceback (most recent call last): 6: from ./dnscat2.rb:208:in "main" 5: from /root/dnscat2/server/tunnel_drivers/tunnel_drivers.rb:24:in "start" 4: from /root/dnscat2/server/tunnel_drivers/tunnel_drivers.rb:24:in "new" 3: from /root/dnscat2/server/tunnel_drivers/driver_dns.rb:251:in "initialize" 2: from /root/dnscat2/server/tunnel_drivers/driver_dns.rb:251:in "new" 1: from /root/dnscat2/server/libs/dnser.rb:828:in "initialize" /root/dnscat2/server/libs/dnser.rb:828:in "bind": Address already in use - bind(2) for "0.0.0.0" port 53 (Errno::EADDRINUSE)

I've used netstat to see that I have a systemd-resolve process listening on port 53. However, I've tried editing the resolved.conf to DNSStubListener=no, and I still get the exact same errors. I've been wracking my brain trying to figure this out for the better part of a day, and I'm not sure what to do. Any ideas?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/iagox86/dnscat2/issues/141?email_source=notifications&email_token=AAEAQTAWT64ZVXZDPC6WE3LPVINORA5CNFSM4HMUZQK2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4GTR7C4Q, or mute the thread https://github.com/notifications/unsubscribe-auth/AAEAQTD2QOC3YQA23JYCPO3PVINORANCNFSM4HMUZQKQ .

rol227 commented 5 years ago

Thanks for getting back to me so quickly. You're correct in that if I use systemctl stop systemd-resolved then I can use ruby dnscat2.rb with zero problems and I get to the dnscat2> prompt (at the cost of my DNS resolver). Unfortunately, passing the IP address as an argument did not work.

However, I noticed that even if I switch my DNS resolver to something like dnsmasq, I still get a conflict. And it seems like it's pretty common for DNS resolvers to LISTEN on port 53.

I'm wondering if you know how you and/or other people are running both services simultaneously. Or am I completely missing something?

iagox86 commented 5 years ago

For me, I use a special VM or linode instance or similar that's designed for this

On Tue., May 14, 2019, 16:19 rol227, notifications@github.com wrote:

Thanks for getting back to me so quickly. You're correct in that if I use systemctl stop systemd-resolved then I can use ruby dnscat2.rb with zero problems and I get to the dnscat2> prompt (at the cost of my DNS resolver). Unfortunately, passing the IP address as an argument did not work.

However, I noticed that even if I switch my DNS resolver to something like dnsmasq, I still get a conflict. And it seems like it's pretty common for DNS resolvers to LISTEN on port 53.

I'm wondering if you know how you and/or other people are running both services simultaneously. Or am I completely missing something?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/iagox86/dnscat2/issues/141?email_source=notifications&email_token=AAEAQTCYQ32AS5RABGZ7YUDPVNCHLA5CNFSM4HMUZQK2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODVNB77A#issuecomment-492445692, or mute the thread https://github.com/notifications/unsubscribe-auth/AAEAQTESXQMQHXX7ZSAMAXTPVNCHLANCNFSM4HMUZQKQ .

a-validnerd commented 4 years ago

Hello,

I think I may misunderstand how the tool is working (all the tutorials seem to run it with the IP address, not with the domain) so please bear with me. I set up 3 VMs:

This setup is not working, that's why I'm assuming my understanding is wrong. I came here because I can't run the DNScat server and the BIND9 on the Ubuntu host, because they both try to bind on port 53 (which is how I ended up here).

So I guess I'm just looking for confirmation that my understanding is wrong at this point and to get a correct working example that involves a DNS server as well, not just running the client with the IP address where DNScat2 is running.

Thanks for all your work!