search

iagox86 / dnscat2

BSD 3-Clause "New" or "Revised" License
3.4k stars 599 forks source link

DNS: RCODE_SERVER_FAILURE #181

Open zichuan9527 opened 1 year ago

zichuan9527 commented 1 year ago

this is my DNS server config(7.197.20.145): $TTL 1D @ IN SOA zichuan.com. ccc.zichuan.com. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum

apple IN NS cc.bpple.zichuan.com. @ IN NS dns.zichuan.com. dns IN A 7.197.20.145 cc.bpple IN A 7.197.42.181

this is my server terminal(7.197.42.181): root@kwephis1135679:/opt/zichuan/dnscat2-master/server# ruby ./dnscat2.rb apple.zichuan.com --security=open New window created: 0 New window created: crypto-debug [DEPRECATION] The trollop gem has been renamed to optimist and will no longer be supported. Please switch to optimist as soon as possible. Welcome to dnscat2! Some documentation may be out of date.

auto_attach => false history_size (for new windows) => 1000 Security policy changed: Client can decide on security level New window created: dns1 Starting Dnscat2 DNS server on 0.0.0.0:53 [domains = apple.zichuan.com]...

Assuming you have an authoritative DNS server, you can run the client anywhere with the following (--secret is optional):

./dnscat --secret=d0252c4d50765f39cf2eb5147af31746 apple.zichuan.com

To talk directly to the server without a domain name, run:

./dnscat --dns server=x.x.x.x,port=53 --secret=d0252c4d50765f39cf2eb5147af31746

Of course, you have to figure out yourself! Clients will connect directly on UDP port 53.

dnscat2> New window created: 1

this is my client terminal(7.197.41.50):

[root@kwephis1136703 client]# ./dnscat apple.zichuan.com --no-encryption

Creating DNS driver: domain = apple.zichuan.com host = 0.0.0.0 port = 53 type = TXT,CNAME,MX server = 7.197.20.145 [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE

why it dose not work?

zichuan9527 commented 1 year ago

1、7.197.41.50: 16:33:38.541410 IP 7.197.41.50.53588 > 7.197.20.145.domain: 1607+ CNAME? 9b2703680c00000000d4137a0d42062ff826beed4df1304a38fccb595ab1.500e041929bce8ab52daf8de0e88da832896b5ec263543c46807b6fe50b4.c4e2320c6fb0faf2288a7e8b02.apple.zichuan.com. (184) 2、7.197.42.181.53: 16:33:38.539749 IP 7.197.20.145.53263 > 7.197.42.181.53: 65044 CNAME? 9b2703680c00000000d4137a0d42062ff826beed4df1304a38fccb595ab1.500e041929bce8ab52daf8de0e88da832896b5ec263543c46807b6fe50b4.c4e2320c6fb0faf2288a7e8b02.apple.zichuan.com. (184) 3、7.197.42.181.53: 16:33:38.669372 IP 7.197.42.181.53 > 7.197.20.145.53263: 65044 1/0/0 CNAME a23c03680c00000000ad528bb560728c785b62d2190ed2220c12a8853d9b6ad.0f056281585340f398b8adb19a2d896b72297e62aa17d5cf3ee47a859f2e8b7.31eddfd8cf92dd2d02dd.apple.zichuan.com. (364) 4、7.197.41.50: 16:33:48.672796 IP 7.197.20.145.domain > 7.197.41.50.53588: 14203 ServFail 0/0/0 (184)

Returning data from the domain name server to the client reports an error, which is why?

zichuan9527 commented 1 year ago

sloved,because of my dns server config ever is this:

dnssec-enable yes;
dnssec-validation yes;

Now my /etc/named.conf is:

dnssec-enable no;
dnssec-validation no;

Success!