ICMP-Ghost-v3.6.2
v3.6.2 update:
Added DNS protocol
Known Issue:
Non-Compliant DNS Tunneling (Wireshark Malformed Packets): Currently, the DNS tunneling module transmits raw Hex/Base32 encoded payloads directly over UDP port 53. Because it lacks strict RFC 1035 headers (e.g., standard Query/Answer structures, QTYPE, QCLASS formatting), packet analyzers like Wireshark and Zeek will flag this traffic as [Malformed Packet].
Workaround/Status: The tunnel is fully operational and reliably transmits data. Full RFC 1035 compliance and fake DNS header wrapping are scheduled for the v4.0 patch to ensure DPI (Deep Packet Inspection) evasion.
u/Pale_Surround_3924 — 2 days ago