k3ym𖺀2d ago

In today's episode of "Can It Run Doom": DNS fucking TXT records.

Some absolute madlad (cough Adam Rice cough) compressed the entire shareware DOOM WAD, split it into around 1,964 chunks, shoved them into Cloudflare TXT records, and wrote a PowerShell script that reassembles and runs the whole goddamn game from DNS queries alone. Nothing touches disk. The DLLs are in DNS. THE FUCKING DLLS ARE IN DNS.

RFC 1035 was written in 1987. Those engineers are spinning in their graves fast enough to generate municipal power.

Bonus: this is a fully functional globally-distributed covert data exfil channel that your NGFW will never fucking see if you're not doing deep DNS inspection. Sleep well.

blog: https://blog.rice.is/post/doom-over-dns/

repo: https://github.com/resumex/doom-over-dns

Also lmao @ every blue team that has never once looked at their DNS query volume. How's that DLP policy working out for you.

It was always DNS.

#infosec #dns #doom #itisalwaysdns

RainerMar 20

Orrr. Irgendwas stinkt hier.
Komme auf einen Server nicht mehr rauf. Und ich weiß schon #itIsAlwaysDNS 🤨🙄

Aber: #erstmalKaffee

Show threadbobFeb 25
why yes i do know the number of seconds in a day without working it out ;) I blame DNS. #ItIsAlwaysDNS
Grzegorz CichockiMay 7, 2025

I made my #AdGuardHome configuration public.

This is my solution to both store #adguard conf in code and continuously deploy it on many nodes. I also proposed some solutions to easily gather metrics and switch off/on ad protection. Everything is written in README.

https://codeberg.org/cichy1173/adguard-home-cm-repository

#opentofu #terraform #iaac #iac #devops #adblocking #adprotection #dns #ItIsAlwaysDNS

adguard-home-cm-repository

This repository features OpenTofu code integrated with a Forgejo Actions Pipeline, designed to deploy and synchronize the configuration of AdGuard Home across all nodes.

Codeberg.org
Show thread`Da ElfMar 21, 2024

@pseudonym Feckin' DNS, and Certificates, but mostly DNS.

And mine *IS* Automated, still breaks, because ... DNS.

#ItIsAlwaysDNS #SysAdmin

snottFeb 19, 2024
Just been working through learning Caddy, and couldn't get one of my sites working that I know was working yesterday after I made the shift. Decided to give up and wrote a conf for nginx as thats what I know. Lo and behold... certbot has a fit about that same domain as well.

Was in chat with a mate earlier when trying to get Caddy to work he said "DNS right for that domain?" and I was like yes duh of course.

A few minutes after certbot failing I realised I was wrong... and the reason it was working yesterday is that it was still up on the old VPS when I was testing.

Idiot. Fixed shortly after.
IT IS ALWAYS DNS.

#ItIsAlwaysDNS #DNS
not_orthogonalFeb 6, 2024

Do you have your /etc/hosts file built out for those moments when your DNS goes down, but you still need to access your machines via their URL?

#dns #selfhosting #selfhosted #linux #nixos #itisalwaysdns

Show threadStéphane BortzmeyerFeb 3, 2024

Now, #DNS devroom at #FOSDEM. Only DNS this afternoon.

#itIsAlwaysDNS

AlvaroNov 1, 2023
The source of every single problem in IT was published 40 years ago.


#ItIsAlwaysDNS

RE: https://infosec.exchange/users/pgl/statuses/111332374298255851
Peter Lowe (@[email protected])

40 years ago in November 1983, RFCs 882 and 883 were published. Happy birthday #DNS. https://datatracker.ietf.org/doc/html/rfc882

Infosec Exchange
Show threadR. L. Dane  Sep 6, 2023

@OptiplexPrime

#ItIsAlwaysDNS ;)

@benjaminhollon