Hunnic Cyber - Logo

How to statically compile the dnscat client

In this post I will be explaining the very simple way of statically compiling the dnscat client so that it runs regardless of dependencies.

Firstly, you can grab dnscat from github:

git clone https://github.com/iagox86/dnscat2.git

In the instructions it says the following to compile the client:

$ cd dnscat2/client/
$ make

We can then use the ldd command. The ldd command can be used to show you the shared libraries required by any given program. It is useful for working out when there is a missing dependency and it can be used to list missing functions and objects.

So if we perform that following command:

$ ldd dnscat

We can see that it has a number of dependencies:

 linux-vdso.so.1 => (0x00007ffdd57de000)
  libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f99f4060000)
  /lib64/ld-linux-x86-64.so.2 (0x0000562d48792000)

This means that if you have compromised a host, and want to run the executable on that system it requires that those dependencies are met.

Therefore it would make more sense to compile it statically and have the binary run in most environments.

In order to do so, lets take a look at the Makefile. We can see the following on line 12:

CFLAGS?=--std=c89 -I. -Wall -D_DEFAULT_SOURCE -fstack-protector-all -Wformat -Wformat-security -g

We can simply add a -static flat at the end to compile statically. So you can modify line 12 of the Makefile to be the following:

CFLAGS?=--std=c89 -I. -Wall -D_DEFAULT_SOURCE -fstack-protector-all -Wformat -Wformat-security -g -static

Now when you run make, and ldd the file you should see the following:

$ ldd dnscat
  not a dynamic executable

Hope it saves you some time and google-ing!