Dave Aitel dave at immunityinc.com
Mon Dec 22 17:14:46 EST 2014

Click here to view it: https://vimeo.com/115206626

It is hard to get out of a modern corporate network without a DNS
channel. The simplistic benefit of INNUENDO's DNS channel over other
random things like DNSCat is that you get encryption, redundancy, and
ordering, all as part of the package. And we built in a burst-speed
controller as part of the protocol (which I go over a bit in the movie).
There's only one public paper I can see with realistic throughput
numbers on DNS channels like this (although I distinctly remember
Kaminsky playing video over DNS in one of his talks?), and it claims
~1KB/s. With INNUENDO if you push the gauge up you can get 4KB/s, even
with our additional signaling overhead. By default we stick to 1KB/s to
avoid swamping intermediary DNS servers.

In real-world terms: A screenshot is going to take you 33 seconds.
Ideally you don't use your DNS channel as a massive exfil channel, but
simply as a way to find a better path out of the network.

As always, if you're interested in buying or evaluating INNUENDO please
email admin at immunityinc.com

Dave Aitel
Immunity, Inc.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20141222/626ba449/attachment.sig>

More information about the Dailydave mailing list