When attempting to run iptables without SuperCow privileges on Debian 10 Buster, a SEGFAULT is produced. more here!
I found this little problem while (by error) tried to set a new rule on my OUTPUT chain without sudo:
Funny thing is... it took it a while to return. So it seems iptables tried to resolve, even though I did not have the permission to run such a task in the first place.
So, a (new?) path for DNS Exfiltration just appeared!
This may prove useful on some restricted environments where tools ping, dig, nslookup... etc are gone.
Enjoy!