Configure DNS Server Using CentOS VM.
- Execute the following commands on the virtual machine:
In this example we run the DNS server on 192.168.10.130. We create two domains "ddm.lan" and "victim.lan", and subdomains "edge.ddm.lan"
and "www.victim.lan"
Install name on DNS Server VM
# yum install bind bind-utils -y
Configure firewall:
# firewall-cmd --zone=public --permanent --add-service=dns
# firewall-cmd --reload
# firewall-cmd --list-all
Config DNS query permission
Edit /etc/named.conf
Modify the following three lines in the option{}
listen-on port 53 { any; };
listen-on-v6 port 53 { any; };
allow-query { any; };
Enable DNS:
# systemctl enable named
# systemctl start named
Add zone
Edit /etc/named.conf, and add the following line at the end of the file:
include "/etc/named/named.conf.local";
Create and edit /etc/named/named.conf.local
Here we use ddm.lan and victim.lan as examples. You need to modify the domains to something else
zone "ddm.lan" {
type master;
file "/etc/named/zones/db.ddm.lan";
};
zone "victim.lan" {
type master;
file "/etc/named/zones/db.victim.lan";
};
Create the following directory and files and check the configuration
# mkdir /etc/named/zones/
# touch /etc/named/zones/db.ddm.lan
# touch /etc/named/zones/db.victim.lan
# named-checkconf
If "named-checkconf" returns nothing you should be good.
Edit zone file
Edit file /etc/named/zones/db.ddm.lan
$TTL 1200
@ IN SOA ns.ddm.lan. admin.ddm.lan. (
1523759211 ; Serial
120 ; Refresh
180 ; Retry
7200 ; Expire
300 ; Negative Cache TTL
)
IN NS ns.ddm.lan. ; define name server - NS record
IN A 192.168.10.130 ; define name server's IP address - A record
ns IN A 192.168.10.130 ; define IP address of a hostname - A record
edge IN A 192.168.10.131 ; IP of reverse proxy server1
IN A 192.168.10.132 ; IP of reverse proxy server2
Check the file by:
named-checkzone ddm.lan /etc/named/zones/db.ddm.lan
Edit file /etc/named/zones/db.victim.lan
$TTL 1200
@ IN SOA ns.victim.lan. admin.victim.lan. (
1523759211 ; Serial
120 ; Refresh
180 ; Retry
7200 ; Expire
300 ; Negative Cache TTL
)
IN NS ns.victim.lan. ; define name server - NS record
IN A 192.168.10.130 ; define name server's IP address - A record
ns IN A 192.168.10.130 ; define IP address of a hostname - A record
www IN A 192.168.10.88 ; IP of the victim website www.victim.lan
Check the file by:
named-checkzone victim.lan /etc/named/zones/db.victim.lan
If no error returned, reload the named:
systemctl reload named
Test DNS
Add the DNS server IP to /etc/resolv.conf on your DDoS cnc VM so that you can visit both domains.
nameserver 192.168.10.130
Now you should be able to visit both the www.victim.lan and the edge.ddm.lan:
# curl http://edge.ddm.lan
And you should get:
<html><head><title>Metasploitable2 - Linux</title></head><body>
<pre>
_ _ _ _ _ _ ____
_ __ ___ ___| |_ __ _ ___ _ __ | | ___ (_) |_ __ _| |__ | | ___|___ \
| '_ ` _ \ / _ \ __/ _` / __| '_ \| |/ _ \| | __/ _` | '_ \| |/ _ \ __) |
| | | | | | __/ || (_| \__ \ |_) | | (_) | | || (_| | |_) | | __// __/
|_| |_| |_|\___|\__\__,_|___/ .__/|_|\___/|_|\__\__,_|_.__/|_|\___|_____|
|_|
Warning: Never expose this VM to an untrusted network!
Contact: msfdev[at]metasploit.com
Login with msfadmin/msfadmin to get started
</pre>
<ul>
<li><a href="/twiki/">TWiki</a></li>
<li><a href="/phpMyAdmin/">phpMyAdmin</a></li>
<li><a href="/mutillidae/">Mutillidae</a></li>
<li><a href="/dvwa/">DVWA</a></li>
<li><a href="/dav/">WebDAV</a></li>
</ul>
</body>
</html>