Categories: Kali Linux

DDoor : Cross Platform Backdoor Using DNS txt Records

DDoor is a cross platform backdoor using dns txt records. It is a cross platform light weight backdoor that uses txt records to execute commands on infected machines.

Features

  • Allows a single txt record to have seperate commands for both linux and windows machines
  • List of around 10 public DNS servers that it randomly chooses from
  • Unpredictable call back times
  • Encrypts txt record using xor with custom password

Linux Features:

  • Anti-Debugging, if ptrace is detected as being attached to the process it will exit.
  • Process Name/Thread names are cloaked, a fake name overwrites all of the system arguments and file name to make it seem like a legitimate program.
  • Automatically Daemonizes
  • Tries to set GUID/UID to 0 (root)

Windows Features:

  • Hides Console Window
  • Stub Size of around 20kb

Installation

To install the dependencies needed for the python generation script run.

pip3 install -r requirements.txt

Make sure to edit config.h and replace the provided domain with yours, you can change the fake name as well as the password.

To create a Linux binary:

Run the compile.sh script, this will create a file called binary in the bin folder.

To Create a Windows Binary:

This project was built using VS 2019, if you open the sln file using VS2019 select the release build and build it.

Also Read – Vulnx : Intelligent Bot Auto Shell Injector That Detect Vulnerabilities In Multiple Types Of CMS

Usage

Run payload_manager.py with python3 to create a hex encoded payload, then update or create a txt record for your domain, make sure that the TTL is set to 300 seconds!!!

$ ./payload_manager.py -h

usage: payload_manager.py [-h] [-l LINUX_CMD] [-w WINDOWS_CMD]
[-d DOMAIN_SEARCH]

ddor, crossplatform dns backdoor

optional arguments:
-h, –help show this help message and exit
-l LINUX_CMD Linux Command
-w WINDOWS_CMD Windows Command
-d DOMAIN_SEARCH Domain to Check Commands On

R K

Recent Posts

How Does a Firewall Work Step by Step

How Does a Firewall Work Step by Step? What Is a Firewall and How Does…

2 hours ago

ROADTools: The Modern Azure AD Exploration Framework

ROADTools is a powerful framework designed for exploring and interacting with Microsoft Azure Active Directory…

3 days ago

How to Enumerate Microsoft 365 Groups Using PowerShell and Python

Microsoft 365 Groups (also known as M365 Groups or Unified Groups) are at the heart…

3 days ago

SeamlessPass: Using Kerberos Tickets to Access Microsoft 365

SeamlessPass is a specialized tool designed to leverage on-premises Active Directory Kerberos tickets to obtain…

4 days ago

PPLBlade: Advanced Memory Dumping and Obfuscation Tool

PPLBlade is a powerful Protected Process Dumper designed to capture memory from target processes, hide…

4 days ago

HikPwn : Simple Scanner For Hikvision Devices With Basic Vulnerability Scanning

HikPwn: Comprehensive Guide to Scanning Hikvision Devices for Vulnerabilities If you’re searching for an efficient…

5 days ago