Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

DFEx - DNS File Exfiltration

Hack In The Box Security Conference via YouTube

Overview

Explore data exfiltration techniques using DNS in this 53-minute conference talk from the Hack In The Box Security Conference. Delve into the development of a unique protocol for transferring files across networks, addressing limitations of existing tools and bypassing next-generation firewalls. Learn about innovative "Hidden In Plain Sight" tactics for pushing files out of secure environments. Presented by Emilio Couto, an experienced security consultant, the talk covers DNS file exfiltration concepts, detection avoidance strategies, the DFEX algorithm, control and data flow diagrams, packet examples, and a demonstration of the MACCHERONI infrastructure. Examine performance metrics, discuss limitations, and gain insights into cutting-edge post-exploitation techniques in network security.

Syllabus

Intro
DNS File Exfiltration?
Avoiding Detection
DFEX Algorithm
Diagram: Control Flow
Diagram: Data Flow
Packet Example
Demo Infra (MACCHERONI)
Performance
Limitations
Conclusion

Taught by

Hack In The Box Security Conference

Reviews

Start your review of DFEx - DNS File Exfiltration

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.