Configure DNS Server Using CentOS VM.

  • Execute the following commands on the virtual machine:

In this example we run the DNS server on 192.168.10.130. We create two domains "ddm.lan" and "victim.lan", and subdomains "edge.ddm.lan" and "www.victim.lan"

Configure firewall:

# firewall-cmd --zone=public --permanent --add-service=dns
# firewall-cmd --reload
# firewall-cmd --list-all

Config DNS query permission

Edit /etc/named.conf Modify the following three lines in the option{}

listen-on port 53 { any; };
listen-on-v6 port 53 { any; };
allow-query { any; };

Enable DNS:

# systemctl enable named
# systemctl start named

Add zone

Edit /etc/named.conf, and add the following line at the end of the file:

include "/etc/named/named.conf.local";

Create and edit /etc/named/named.conf.local Here we use ddm.lan and victim.lan as examples. You need to modify the domains to something else

zone "ddm.lan" {
        type master;
        file "/etc/named/zones/db.ddm.lan";
};

zone "victim.lan" {
        type master;
        file "/etc/named/zones/db.victim.lan";
};

Create the following directory and files and check the configuration

# mkdir /etc/named/zones/
# touch /etc/named/zones/db.ddm.lan
# touch /etc/named/zones/db.victim.lan
# named-checkconf

If "named-checkconf" returns nothing you should be good.

Edit zone file

Edit file /etc/named/zones/db.ddm.lan

$TTL    1200
@   IN  SOA ns.ddm.lan.    admin.ddm.lan. (
        1523759211   ; Serial
        120         ; Refresh
        180         ; Retry
        7200        ; Expire
        300         ; Negative Cache TTL
)

        IN  NS  ns.ddm.lan.     ; define name server - NS record
        IN  A   192.168.10.130  ; define name server's IP address - A record
ns      IN  A   192.168.10.130  ; define IP address of a hostname - A record

edge    IN  A   192.168.10.131  ; IP of reverse proxy server1
        IN  A   192.168.10.132  ; IP of reverse proxy server2

Check the file by:

named-checkzone ddm.lan /etc/named/zones/db.ddm.lan

Edit file /etc/named/zones/db.victim.lan

$TTL    1200
@   IN  SOA ns.victim.lan.    admin.victim.lan. (
        1523759211   ; Serial
        120         ; Refresh
        180         ; Retry
        7200        ; Expire
        300         ; Negative Cache TTL
)

        IN  NS  ns.victim.lan.  ; define name server - NS record
        IN  A   192.168.10.130  ; define name server's IP address - A record
ns      IN  A   192.168.10.130  ; define IP address of a hostname - A record

www     IN  A   192.168.10.88   ; IP of the victim website www.victim.lan

Check the file by:

named-checkzone victim.lan /etc/named/zones/db.victim.lan

If no error returned, reload the named:

systemctl reload named

Test DNS

Add the DNS server IP to /etc/resolv.conf on your DDoS cnc VM so that you can visit both domains.

Now you should be able to visit both the www.victim.lan and the edge.ddm.lan:

# curl http://edge.ddm.lan

And you should get:

<html><head><title>Metasploitable2 - Linux</title></head><body>
<pre>

                _                  _       _ _        _     _      ____
 _ __ ___   ___| |_ __ _ ___ _ __ | | ___ (_) |_ __ _| |__ | | ___|___ \
| '_ ` _ \ / _ \ __/ _` / __| '_ \| |/ _ \| | __/ _` | '_ \| |/ _ \ __) |
| | | | | |  __/ || (_| \__ \ |_) | | (_) | | || (_| | |_) | |  __// __/
|_| |_| |_|\___|\__\__,_|___/ .__/|_|\___/|_|\__\__,_|_.__/|_|\___|_____|
                            |_|


Warning: Never expose this VM to an untrusted network!

Contact: msfdev[at]metasploit.com

Login with msfadmin/msfadmin to get started


</pre>
<ul>
<li><a href="/twiki/">TWiki</a></li>
<li><a href="/phpMyAdmin/">phpMyAdmin</a></li>
<li><a href="/mutillidae/">Mutillidae</a></li>
<li><a href="/dvwa/">DVWA</a></li>
<li><a href="/dav/">WebDAV</a></li>
</ul>
</body>
</html>

results matching ""

    No results matching ""