dns-sd

dns-sd can be used to interact with the Multicast DNS (mDNS) and DNS Service Discovery (DNS-SD) protocols. The tool is useful for administrators but can also be abused by malicious actors to discover local network services.

Author: Brendan Chamberlain (@infosecB) Created: 2023-05-19

Discovery network

Paths

/usr/bin/dns-sd

Example Use Cases

Discover SSH hosts

Hosts serving SSH can be discovered using the _ssh._tcp service string.

dns-sd -B _ssh._tcp

Discovery network

Discover web hosts

Hosts serving web services can be discovered using the _http._tcp service string.

dns-sd -B _http._tcp

Discovery network

Discover hosts serving remote screen sharing

Hosts serving remote screen sharing can be discovered using the _rfb._tcp service string.

dns-sd -B _rfb._tcp

Discovery network

Discover hosts serving SMB

Hosts serving SMB can be discovered using the _smb._tcp service string.

dns-sd -B _smb._tcp

Discovery network

Detections

Jamf Protect: Detect dns-sd discovery activity

Resources

Acknowledgements

Chris Ross, Cedric Owens: Farming The Apple Orchards: Living Off The Land Techniques