Browsertunnel - Surreptitiously exfiltrate data from the browser over DNS


Browsertunnel is a tool for exfiltrating data from the browser using the DNS protocol. It achieves this by abusing  dns-prefetch, a feature intended to reduce the perceived latency of websites by doing DNS lookups in the background for specified domains. DNS traffic does not appear in the browser's debugging tools, is not blocked by a page's Content Security Policy (CSP), and is often not inspected by corporate firewalls or proxies, making it an ideal medium for smuggling data in constrained scenarios. It's an old technique—DNS tunneling itself dates back to the '90s, and Patrick Vananti wrote about using dns-prefetch for it in 2016, but as far as I can tell, browsertunnel is the first open source, production-ready client/server demonstrating its use. Because dns-prefetch does not return any data back to client javascript, communication through browsertunnel is only unidirectional. Additionally, some browsers disable dns-prefetch by default, and in those cases, browsertunnel....

September 10, 2020
Notify of
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.
What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4


We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.