DNS Manipulation Tryhackme Writeup

This is a Writeup of Tryhackme room “DNS Manipulation”

https://www.tryhackme.com/room/dnsmanipulation

Room link: https://www.tryhackme.com/room/dnsmanipulation
Note: This room is Free

Task 1: Introduction

In this room, we will look into DNS and showcase the techniques used to exfiltrate and infiltrate data. First, we will look at what purposes DNS serves, how it works, and the types of DNS records.

The image below illustrates a basic DNS lookup. Here the client machine reaches out to a DNS server to resolve a Fully Qualified Domain Name (FQDN) to an IP address.

We will then move to how DNS is being used as a “Data Exfiltration” and “Data Infiltration” tool via DNS queries.