Open zichuan9527 opened 1 year ago
1、7.197.41.50: 16:33:38.541410 IP 7.197.41.50.53588 > 7.197.20.145.domain: 1607+ CNAME? 9b2703680c00000000d4137a0d42062ff826beed4df1304a38fccb595ab1.500e041929bce8ab52daf8de0e88da832896b5ec263543c46807b6fe50b4.c4e2320c6fb0faf2288a7e8b02.apple.zichuan.com. (184) 2、7.197.42.181.53: 16:33:38.539749 IP 7.197.20.145.53263 > 7.197.42.181.53: 65044 CNAME? 9b2703680c00000000d4137a0d42062ff826beed4df1304a38fccb595ab1.500e041929bce8ab52daf8de0e88da832896b5ec263543c46807b6fe50b4.c4e2320c6fb0faf2288a7e8b02.apple.zichuan.com. (184) 3、7.197.42.181.53: 16:33:38.669372 IP 7.197.42.181.53 > 7.197.20.145.53263: 65044 1/0/0 CNAME a23c03680c00000000ad528bb560728c785b62d2190ed2220c12a8853d9b6ad.0f056281585340f398b8adb19a2d896b72297e62aa17d5cf3ee47a859f2e8b7.31eddfd8cf92dd2d02dd.apple.zichuan.com. (364) 4、7.197.41.50: 16:33:48.672796 IP 7.197.20.145.domain > 7.197.41.50.53588: 14203 ServFail 0/0/0 (184)
Returning data from the domain name server to the client reports an error, which is why?
sloved,because of my dns server config ever is this:
dnssec-enable yes;
dnssec-validation yes;
Now my /etc/named.conf is:
dnssec-enable no;
dnssec-validation no;
Success!
this is my DNS server config(7.197.20.145): $TTL 1D @ IN SOA zichuan.com. ccc.zichuan.com. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum
apple IN NS cc.bpple.zichuan.com. @ IN NS dns.zichuan.com. dns IN A 7.197.20.145 cc.bpple IN A 7.197.42.181
this is my server terminal(7.197.42.181):
root@kwephis1135679:/opt/zichuan/dnscat2-master/server# ruby ./dnscat2.rb apple.zichuan.com --security=open
New window created: 0 New window created: crypto-debug [DEPRECATION] The trollop gem has been renamed to optimist and will no longer be supported. Please switch to optimist as soon as possible. Welcome to dnscat2! Some documentation may be out of date.auto_attach => false history_size (for new windows) => 1000 Security policy changed: Client can decide on security level New window created: dns1 Starting Dnscat2 DNS server on 0.0.0.0:53 [domains = apple.zichuan.com]...
Assuming you have an authoritative DNS server, you can run the client anywhere with the following (--secret is optional):
./dnscat --secret=d0252c4d50765f39cf2eb5147af31746 apple.zichuan.com
To talk directly to the server without a domain name, run:
./dnscat --dns server=x.x.x.x,port=53 --secret=d0252c4d50765f39cf2eb5147af31746
Of course, you have to figure out yourself! Clients
will connect directly on UDP port 53.
dnscat2> New window created: 1
this is my client terminal(7.197.41.50):
[root@kwephis1136703 client]# ./dnscat apple.zichuan.com --no-encryption
Creating DNS driver: domain = apple.zichuan.com host = 0.0.0.0 port = 53 type = TXT,CNAME,MX server = 7.197.20.145 [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE [[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE
why it dose not work?