Uni-Wi█out-C▄rn®

@mentalist
47 Followers
212 Following
30 Posts
Let me read your thoughts • Helps you with burying things, which are meant to never be found again • present in part time • he/him • they/them • Speaks 🇩🇪 and 🇺🇸 • Keeping only posts not older than three months
Uptime30+ years
Languagesde_DE, en_US
DatacenterDE-RAD-C12.e
Uni-Wi█out-C▄rn®1d ago
k3ym𖺀2d ago

In today's episode of "Can It Run Doom": DNS fucking TXT records.

Some absolute madlad (cough Adam Rice cough) compressed the entire shareware DOOM WAD, split it into around 1,964 chunks, shoved them into Cloudflare TXT records, and wrote a PowerShell script that reassembles and runs the whole goddamn game from DNS queries alone. Nothing touches disk. The DLLs are in DNS. THE FUCKING DLLS ARE IN DNS.

RFC 1035 was written in 1987. Those engineers are spinning in their graves fast enough to generate municipal power.

Bonus: this is a fully functional globally-distributed covert data exfil channel that your NGFW will never fucking see if you're not doing deep DNS inspection. Sleep well.

blog: https://blog.rice.is/post/doom-over-dns/

repo: https://github.com/resumex/doom-over-dns

Also lmao @ every blue team that has never once looked at their DNS query volume. How's that DLP policy working out for you.

It was always DNS.

#infosec #dns #doom #itisalwaysdns

Uni-Wi█out-C▄rn®6d ago
Mar Hicks6d ago
Look at this baby beaver and feel better briefly
Uni-Wi█out-C▄rn®Mar 8
ᴮᵉⁿ ᴿᵒʸᶜᵉVOTE IN THE PRIMARIESMar 7

You may ask:

"Why?"

But the universe whispers back:

"Why not?"

Uni-Wi█out-C▄rn®Mar 7
KplxMar 7
Tired (Archive 2024)
Uni-Wi█out-C▄rn®Feb 17
Lucie / minuteFeb 16
> Unless the system periodically pets the watchdog timer, the watchdog timer assumes a catastrophe
Uni-Wi█out-C▄rn®Jul 7, 2023
Entschuldigt meine Wortkargheit auf dieser Plattform. Die meisten meiner Hottakes fallen im Gefecht in irgendwelchen Chats. Aber ich bin abseits davon ein ganz netter Dude. Ehrlich!