A DNS-over-HTTPS Command & Control Proof of Concept
godoh is a proof of concept Command and Control framework, written in Golang, that uses DNS-over-HTTPS as a transport medium. Currently supported providers include Google, Cloudflare but also contains the ability to use traditional DNS.
All you would need are the
godoh binaries themselves. Binaries are available for download from the releases page as part of tagged releases.
godoh from source, follow the following steps:
- Ensure you have Go 1.13+
- Clone this repository with
git clone https://github.com/sensepost/goDoH.git
make keyto generate a unique encryption key to use for communication
- Build the project with one of the following options:
go buildwhich will drop you a new
godohbinary for the current architecture
makewhich will drop binaries in the
build/directory for various platforms
A DNS (over-HTTPS) C2 By @leonjza from @sensepost Usage: godoh [flags] godoh [command] Available Commands: agent Connect as an Agent to the DoH C2 c2 Starts the godoh C2 server help Help about any command receive Receive a file via DoH send Send a file via DoH test Test DNS communications Flags: -d, --domain string DNS Domain to use. (ie: example.com) -h, --help help for godoh -p, --provider string Preferred DNS provider to use. [possible: googlefront, google, cloudflare, quad9, raw] (default "google") -K, --validate-certificate Validate DoH provider SSL certificates Use "godoh [command] --help" for more information about a command.