Shulou(Shulou.com)05/31 Report--

This article will explain in detail about the use of DNS-over-HTTPS as a transmission port of C2 framework goDoH is like, the content of the article is of high quality, so the editor to share to you as a reference, I hope you have a certain understanding of the relevant knowledge after reading this article.

What I introduce to you today is a tool called goDoH, which is based on DNS-over-HTTPS, is a remote command control framework, and can use DNS-over-HTTPS as a transmission port.

Tool introduction

GoDoH is a proof-of-concept command and control framework. The tool is developed by Golang and uses DNS-over-HTTP as the transmission medium.

Project dependence

GoDoH code construction requires the use of Dep ([GitHub Portal]), Dep is a dependency management tool for the Go language.

On the macOS platform, we can use Homebrew to install or update Dep:

$brew install dep$ brew upgrade dep

On the Debian platform, we can use apt-get directly to install or update Dep:

$sudo apt-get install go-dep

On the Windows platform, you can directly click [here] to download tarball.

On other platforms, you can use the install.sh script to complete the installation:

$curl https://raw.githubusercontent.com/golang/dep/master/install.sh | sh tool installation

We only need to install the godoh code itself. We can download the project code directly from the releases page of the project. After the download is complete, follow these steps to build the project code:

1. Make sure that Dep is installed:

Go get-v-u github.com/golang/dep/cmd/dep

2. Clone the source code of the project in the src/ directory of $GOPATH in the local device (sensepost/godoh)

3. Run the following command to resolve the dependency:

Dep ensure

4. Run the following command to generate a unique encryption key for communication:

Make key

Use the go build tool, or run the "make" command to build the project code in the build/ directory

The tool uses $godoh-hA DNS (over-HTTPS) C2 Version: dev By @ leonjza from @ sensepostUsage: godoh [command] Usage: godoh [command] Available Commands: agent Connect as an Agent to the DoH C2 c2 Starts the godoh C2 server help Help about any command receive Receive a file via DoH send Send a file via DoH test Test DNS communicationsFlags:-d,-- domain string DNS Domain to use. (ie: example.com)-h,-- help help for godoh-p,-- provider string Preferred DNS provider to use. [possible: google, cloudflare, raw] (default "google") Use "godoh [command]-help" for more information about a command. License agreement

The goDoH project development follows the GNU General Public v3 open source license agreement.

On the use of DNS-over-HTTPS as a transmission port of the C2 framework goDoH is shared here, I hope the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.