Skip to content
Tech News
← Back to articles

Can It Resolve Doom? Game Engine in 2k DNS Records

2026-03-24 | original
read original more articles
Why This Matters

This proof-of-concept demonstrates how DNS infrastructure can be repurposed to store and execute complex applications like DOOM, highlighting both innovative uses and potential security risks such as malware distribution and covert data exfiltration. It underscores the importance for the tech industry and consumers to be aware of DNS abuse and implement better monitoring to prevent malicious exploitation.

Key Takeaways

Original text by Adam Rice

The article “DOOM Over DNS” demonstrates an unusual proof-of-concept showing how the classic game DOOM can be stored and executed entirely using DNS infrastructure. The author exploits the fact that DNS TXT records allow arbitrary text data and are rarely validated or monitored in depth. By Base64-encoding binary files, splitting them into chunks, and storing them across thousands of TXT records in a DNS zone, the author turns DNS into a distributed file storage system.

To make the idea practical, a modified C# port of DOOM (managed-doom) was used so the compiled .NET assemblies could be loaded directly from memory instead of the filesystem. The project compresses the DOOM WAD and engine binaries, uploads the encoded chunks into roughly 2,000 DNS TXT records, and then uses a PowerShell loader (~250 lines) to query these records, reassemble the data in memory, and execute the game without writing anything to disk.

The result is a fully working DOOM instance launched entirely from DNS queries. Beyond being a humorous technical experiment, the article highlights how DNS infrastructure can be abused as a global, distributed storage and delivery channel, which has implications for malware staging, covert payload distribution, and forensic evasion.

If you’ve ever poked at one of my CTF challenges, you’ve probably noticed a pattern – I love hiding payloads in TXT DNS records. I stash the malicious code in a TXT record, have the implant query for it at runtime, and now suddenly the payload is being delivered by the same infrastructure that resolves grandmas-cookie-recipes.com . It’s trivially easy to set up and surprisingly annoying to catch forensically, because who’s flagging the historic contents of TXT records?

I’ve always suspected the technique could go further than staging shellcode. TXT records are just arbitrary text fields with no validation. If you can store a payload, you can store a file. If you can store a file, you can store a program. And if you can store a program… well, it can probably run DOOM.

WTF is DNS

For the blissfully uninitiated, DNS is the system that turns domain names into IP addresses. You type google.com and DNS tells your browser where to go. It’s one of the oldest protocols on the internet and it is deeply, profoundly boring.

But DNS also supports TXT records, these little text fields originally intended for things like email authentication. The key word there is “intended.” Nobody actually validates what you put in them. You can write whatever you want – a love letter, a recipe, or in this case base64-encoded binary data.

Each TXT record can hold about 2,000 characters of text. A single DNS zone can support thousands of records. Public DNS is also globally distributed, cached at edge nodes all over the world, and publicly queryable by anyone with an internet connection. It is (if you squint hard enough) a free, worldwide, serverless key-value store.

... continue reading

Explore topics: doom dns txt records managed-doom base64
Related:
Is Doomscrolling Giving You Wrinkles? You May Have ‘Tech Neck.’
Nintendo Dropped a Switch 2 Update With a New Mode You'll Want to Turn On Immediately
Android Canary blesses the Linux Terminal with a modern UI, new features
The base model Kindle is my secret weapon against doomscrolling - and it's on sale
Secure Domain Name System (DNS) Deployment 2026 Guide [pdf]

© 2026 GoKawiil

About | Editorial Policy | Contact