karthy Posted July 17, 2023 Share Posted July 17, 2023 Tunneling network traffic over DNS with Iodine Ever found yourself waiting at an airport or a Hotel or wherever and there is a open network, you connect to it. only to find that it is vanity, asking you to pay so that you can use the internet we can bypass this with a neat trick it should work most of the time. what we are going to do is tunnel tcp through dns servers. many captive portals do not block dns requests we can abuse this fact and get internet connection i am going to show you how. but due to the size limitation of dns packet size we should not expect blazing fast internet speeds i mean having basic internet connection is better than having none isn't it? For the whole thing to work, we need control over a domain and be able to edit the zone file. In addition to that, we need a server that we can point our address record (A) to and that will do the communication for/with us. Iodine Most of the work in this setup will be done by a tool called Iodine by kyro.se.Iodine will take care of sending (client) and answering (server) the DNS queries, plus handle fragmentation, compression, encoding, record type to use, etc., and perform a lot of other magic behind the scenes. We essentially only need to take care of starting both the server and the client tool. Prerequisites To summarize the prerequisites again, we need: 1) Control over a domain 2) A server (preferrably with a static IP) 3) A client (for example your computer) The setup Building Iodine Let’s clone Iodine, make and install it: git clone This is the hidden content, please Sign In or Sign Up make make install (I covered make and make install in my previous post) Which gives us the executables /usr/local/sbin/iodined or /usr/local/sbin/iodine, respectively. iodined will be our server component, iodine our client component. Run iodined -v and iodine -v to check your versions. DNS zone setup We will have to create two records in our zone. A NS record and an A record pointing to our server. A record should point to our server NS record should be something like something.domain.tld You can name your subdomain as you like, but remember to keep it as short as possible. Server setup Finally start iodined on your server. The first argument is the IP address inside the tunnel, which can be from any range that you don't use yet (for example 192.168.99.1), and the second argument is the assigned domain (in this case something.domain.tld). Using the -f option will keep iodined running in the foreground, which helps when testing. iodined will open a virtual interface ("tun device"), and will also start listening for DNS queries on UDP port 53. Either enter a password on the commandline (-P pass) or after the server has started. Now everything is ready for the client. Client side All the setup is done, just start iodine. It takes one or two arguments, the first is the local relaying DNS server (optional) and the second is the domain you used (something.domain.tld). If you don't specify the first argument, the system's current DNS setting will be consulted. Resulting commandline in this example situation, adding -r forces DNS tunneling even if raw UDP tunneling would be possible: ./iodine -f -P secretpassword something.domain.tld From either side, you should now be able to ping the IP address on the other end of the tunnel. In this case, ping 192.168.99.1 from the iodine client, and 192.168.99.2 from the iodine server. Socks Proxy setup a socks proxy and point your web browser to it now you should be able to browse the internet freely. Link to comment Share on other sites More sharing options...
.webp.8407a83ac96563f75e1c428a1f0d4c3e.webp)
.webp.9a04cec050a656fab081ac190f971c3f.webp)
Hack Tools Resurrection
Recommended Posts