diff --git a/changelog b/changelog index 19e0698..da7ccc1 100644 --- a/changelog +++ b/changelog @@ -1,3 +1,21 @@ +08/Jul/2024 +- release version 1.4 +- added the `cut` modifier for cutting arbitrary number of bytes from the end of the packet +- deprecated the `cutabuf` and `cutcnamebuf` features +- added tests (total test count: 678) + +05/Jul/2024 +- added the `size` feature that responds with the maximum number of A records that can fit in the specified packet size +- added support for DNS compression, configurable via config file +- added the `nc` modifier to not use compression in a response +- added the `fc` modifier to force compression in a response +- added tests (total test count: 669) +- various code optimizations + +04/Jul/2024 +- optimization in the startup routine to remove all debug messages if debug mode is disabled +- added support for parsing the EDNS0 section, configurable via config file + 03/Jul/2024 - added support for the Attrleaf naming pattern (underscored domain names) for the SRV and SVCB alias/chain/loop features - enhanced the `nfz` modifier, added 4 more variants, now it can produce 49 different domain name variants diff --git a/docs/catalogue/general-features.md b/docs/catalogue/general-features.md index 1a7b65e..59f8b47 100644 --- a/docs/catalogue/general-features.md +++ b/docs/catalogue/general-features.md @@ -1,7 +1,8 @@ # PolarDNS catalogue - General features 1. [General features](general-features.md) - [Always resolve to IP (always)](#always-resolve-to-ip-always) - - [Client IP address (self / whatismyip)](#client-ip-address-self--whatismyip) + - [Max A records within size limit (size)](#max-a-records-within-size-limit-size) + - [What is my IP address (self / whatismyip)](#what-is-my-ip-address-self--whatismyip) - [Chunked CNAME aliases (chunkedcnames)](#chunked-cname-aliases-chunkedcnames) - [Cut A record from the end (cutabuf)](#cut-a-record-from-the-end-cutabuf) - [Cut CNAME record from the end (cutcnamebuf)](#cut-cname-record-from-the-end-cutcnamebuf) @@ -51,7 +52,68 @@ always.yourdomain.com. 60 IN A 2.3.4.5 ;; MSG SIZE rcvd: 76 ``` -### Client IP address (self / whatismyip) +### Max A records within size limit (size) +Respond with as many A records as we can possibly fit within the specified packet size limit. By default 512 bytes. + + + + + + + +
format:size.<BYTES>.yourdomain.com
example:dig size.yourdomain.com @127.0.0.1
example:dig size.100.yourdomain.com @127.0.0.1
example:dig size.1000.yourdomain.com @127.0.0.1
example:dig size.512.yourdomain.com @127.0.0.1
+ +Sample: +``` +# dig size.512.yourdomain.com @127.0.0.1 + +; <<>> DiG 9.18.10-2-Debian <<>> size.512.yourdomain.com @127.0.0.1 +;; global options: +cmd +;; Got answer: +;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42906 +;; flags: qr aa; QUERY: 1, ANSWER: 29, AUTHORITY: 0, ADDITIONAL: 0 + +;; QUESTION SECTION: +;size.512.yourdomain.com. IN A + +;; ANSWER SECTION: +size.512.yourdomain.com. 60 IN A 127.0.0.197 +size.512.yourdomain.com. 60 IN A 127.0.0.179 +size.512.yourdomain.com. 60 IN A 127.0.0.174 +size.512.yourdomain.com. 60 IN A 127.0.0.66 +size.512.yourdomain.com. 60 IN A 127.0.0.146 +size.512.yourdomain.com. 60 IN A 127.0.0.70 +size.512.yourdomain.com. 60 IN A 127.0.0.245 +size.512.yourdomain.com. 60 IN A 127.0.0.195 +size.512.yourdomain.com. 60 IN A 127.0.0.82 +size.512.yourdomain.com. 60 IN A 127.0.0.211 +size.512.yourdomain.com. 60 IN A 127.0.0.195 +size.512.yourdomain.com. 60 IN A 127.0.0.150 +size.512.yourdomain.com. 60 IN A 127.0.0.171 +size.512.yourdomain.com. 60 IN A 127.0.0.129 +size.512.yourdomain.com. 60 IN A 127.0.0.214 +size.512.yourdomain.com. 60 IN A 127.0.0.31 +size.512.yourdomain.com. 60 IN A 127.0.0.3 +size.512.yourdomain.com. 60 IN A 127.0.0.251 +size.512.yourdomain.com. 60 IN A 127.0.0.64 +size.512.yourdomain.com. 60 IN A 127.0.0.93 +size.512.yourdomain.com. 60 IN A 127.0.0.96 +size.512.yourdomain.com. 60 IN A 127.0.0.125 +size.512.yourdomain.com. 60 IN A 127.0.0.51 +size.512.yourdomain.com. 60 IN A 127.0.0.14 +size.512.yourdomain.com. 60 IN A 127.0.0.81 +size.512.yourdomain.com. 60 IN A 127.0.0.204 +size.512.yourdomain.com. 60 IN A 127.0.0.1 +size.512.yourdomain.com. 60 IN A 127.0.0.89 +size.512.yourdomain.com. 60 IN A 127.0.0.175 + +;; Query time: 3 msec +;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) +;; WHEN: Sun Jul 07 22:59:53 +04 2024 +;; MSG SIZE rcvd: 505 + +``` +### What is my IP address (self / whatismyip) Respond with A and TXT records containing the IP address of the connecting client. The TXT record also contains the port information. @@ -130,7 +192,7 @@ chunkedcnames.12.slp150.yourdomain.com. 60 IN CNAME always63975.yourdomain.com. ``` ### Cut A record from the end (cutabuf) -Respond with legit A record, but cut arbitrary number of bytes from the end of the buffer. +:exclamation:**DEPRECATED**:exclamation: Use the generic [cut](response-modifiers.md#cut-n-bytes-from-the-end-of-the-packet-cut) response modifier to cut any response. Respond with legit A record, but cut arbitrary number of bytes from the end of the buffer.
@@ -159,7 +221,7 @@ Sample: ``` ### Cut CNAME record from the end (cutcnamebuf) -Respond with legit CNAME record, but cut arbitrary number of bytes from the end of the buffer. +:exclamation:**DEPRECATED**:exclamation: Use the generic [cut](response-modifiers.md#cut-n-bytes-from-the-end-of-the-packet-cut) response modifier to cut any response. Respond with legit CNAME record, but cut arbitrary number of bytes from the end of the buffer.
format:cutabuf.<BYTES-TO-CUT>.yourdomain.com
diff --git a/docs/catalogue/response-modifiers.md b/docs/catalogue/response-modifiers.md index f118a84..8d0a020 100644 --- a/docs/catalogue/response-modifiers.md +++ b/docs/catalogue/response-modifiers.md @@ -13,6 +13,9 @@ - [Set answer RRs in the header (anrr)](#set-answer-rrs-in-the-header-anrr) - [Set authority RRs in the header (aurr)](#set-authority-rrs-in-the-header-aurr) - [Set additional RRs in the header (adrr)](#set-additional-rrs-in-the-header-adrr) + - [Cut N bytes from the end of the packet (cut)](#cut-n-bytes-from-the-end-of-the-packet-cut) + - [Force compression (fc)](#force-compression-fc) + - [No compression (nc)](#no-compression-nc) - [Name fuzzing generator (nfz)](#name-fuzzing-generator-nfz) 1. [CNAME fuzzing](cname-fuzzing.md) 1. [Bad compression](bad-compression.md) @@ -347,6 +350,124 @@ always.adrr50.yourdomain.com. 60 IN A 2.3.4.5 ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Thu Nov 02 16:37:51 +04 2023 ;; MSG SIZE rcvd: 90 +``` +### Cut N bytes from the end of the packet (cut) +Cut arbitrary number of bytes from the end of the packet. + +
format:cutcnamebuf.<BYTES-TO-CUT>.yourdomain.com
+ + + + + +
format:anything.cut<NUMBER>.yourdomain.com
example:dig always.cut00.yourdomain.com @127.0.0.1
example:dig always.cut10.yourdomain.com @127.0.0.1
example:dig size.128.cut00.fc.yourdomain.com @127.0.0.1
example:dig size.128.cut16.fc.yourdomain.com @127.0.0.1
+ +Sample: +``` +# dig size.128.cut16.fc.yourdomain.com @127.0.0.1 +;; Warning: Message parser reports malformed message packet. + +; <<>> DiG 9.18.10-2-Debian <<>> size.128.cut16.fc.yourdomain.com @127.0.0.1 +;; global options: +cmd +;; Got answer: +;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19940 +;; flags: qr aa; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0 + +;; QUESTION SECTION: +;size.128.cut16.fc.yourdomain.com. IN A + +;; ANSWER SECTION: +size.128.cut16.fc.yourdomain.com. 60 IN A 127.0.0.236 +size.128.cut16.fc.yourdomain.com. 60 IN A 127.0.0.233 +size.128.cut16.fc.yourdomain.com. 60 IN A 127.0.0.123 + +;; Query time: 0 msec +;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) +;; WHEN: Mon Jul 08 15:41:00 +04 2024 +;; MSG SIZE rcvd: 98 + +``` +### Force compression (fc) +Use DNS compression in the response, overriding any DNS compression settings specified in the configuration file. + + + + + +
format:anything.fc.yourdomain.com
example:dig always.fc.yourdomain.com @127.0.0.1
example:dig size.300.fc.yourdomain.com @127.0.0.1
+ +Sample: +``` +# dig size.300.fc.yourdomain.com @127.0.0.1 + +; <<>> DiG 9.18.10-2-Debian <<>> size.300.fc.yourdomain.com @127.0.0.1 +;; global options: +cmd +;; Got answer: +;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17029 +;; flags: qr aa; QUERY: 1, ANSWER: 16, AUTHORITY: 0, ADDITIONAL: 0 + +;; QUESTION SECTION: +;size.300.fc.yourdomain.com. IN A + +;; ANSWER SECTION: +size.300.fc.yourdomain.com. 60 IN A 127.0.0.112 +size.300.fc.yourdomain.com. 60 IN A 127.0.0.206 +size.300.fc.yourdomain.com. 60 IN A 127.0.0.64 +size.300.fc.yourdomain.com. 60 IN A 127.0.0.238 +size.300.fc.yourdomain.com. 60 IN A 127.0.0.100 +size.300.fc.yourdomain.com. 60 IN A 127.0.0.121 +size.300.fc.yourdomain.com. 60 IN A 127.0.0.72 +size.300.fc.yourdomain.com. 60 IN A 127.0.0.164 +size.300.fc.yourdomain.com. 60 IN A 127.0.0.79 +size.300.fc.yourdomain.com. 60 IN A 127.0.0.85 +size.300.fc.yourdomain.com. 60 IN A 127.0.0.243 +size.300.fc.yourdomain.com. 60 IN A 127.0.0.97 +size.300.fc.yourdomain.com. 60 IN A 127.0.0.16 +size.300.fc.yourdomain.com. 60 IN A 127.0.0.119 +size.300.fc.yourdomain.com. 60 IN A 127.0.0.215 +size.300.fc.yourdomain.com. 60 IN A 127.0.0.178 + +;; Query time: 0 msec +;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) +;; WHEN: Sun Jul 07 22:59:53 +04 2024 +;; MSG SIZE rcvd: 300 + +``` +### No compression (nc) +Do not use DNS compression in the response, overriding any DNS compression settings specified in the configuration file. + + + + + +
format:anything.nc.yourdomain.com
example:dig always.nc.yourdomain.com @127.0.0.1
example:dig size.300.nc.yourdomain.com @127.0.0.1
+ +Sample: +``` +# dig size.300.nc.yourdomain.com @127.0.0.1 + +; <<>> DiG 9.18.10-2-Debian <<>> size.300.nc.yourdomain.com @127.0.0.1 +;; global options: +cmd +;; Got answer: +;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20422 +;; flags: qr aa; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0 + +;; QUESTION SECTION: +;size.300.nc.yourdomain.com. IN A + +;; ANSWER SECTION: +size.300.nc.yourdomain.com. 60 IN A 127.0.0.1 +size.300.nc.yourdomain.com. 60 IN A 127.0.0.130 +size.300.nc.yourdomain.com. 60 IN A 127.0.0.148 +size.300.nc.yourdomain.com. 60 IN A 127.0.0.83 +size.300.nc.yourdomain.com. 60 IN A 127.0.0.75 +size.300.nc.yourdomain.com. 60 IN A 127.0.0.224 + +;; Query time: 0 msec +;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) +;; WHEN: Sun Jul 07 23:05:03 +04 2024 +;; MSG SIZE rcvd: 296 + ``` ### Name fuzzing generator (nfz) Generate various illegal and malformed domain names based on the selected variant and size. This generator was primarily created for alias features (such as alias, cnalias, dnalias, etc.) to provide a unified mechanism for generating malformed domain names. @@ -366,6 +487,7 @@ Generate various illegal and malformed domain names based on the selected varian Samples: ``` +------------------------------------------------------------------------------------------- # dig MX alias.10.nfz0.10.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> MX alias.10.nfz0.10.yourdomain.com @127.0.0.1 @@ -1814,7 +1936,9 @@ alias.10.nfz49.10.yourdomain.com. 60 IN MX 0 127.0.0.1:80. ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Thu Jul 04 00:22:42 +04 2024 ;; MSG SIZE rcvd: 650 + ``` ## Go back to [menu](#polardns-catalogue---response-modifiers). + diff --git a/modules/afuzz2.toml b/modules/afuzz2.toml index 1dd4085..de0ede3 100644 --- a/modules/afuzz2.toml +++ b/modules/afuzz2.toml @@ -9,13 +9,13 @@ category = "General features" code = ''' if req.first_subdomain.startswith("afuzz2"): # Send many A records with a slightly distorted name. In the end, provide the correct one also - # af<01>zz2.dnslabtest1.com A 6.6.6.1 - # af<02>zz2.dnslabtest1.com A 6.6.6.2 - # af<03>zz2.dnslabtest1.com A 6.6.6.3 + # af<01>zz2.yourdomain.com A 6.6.6.1 + # af<02>zz2.yourdomain.com A 6.6.6.2 + # af<03>zz2.yourdomain.com A 6.6.6.3 # ... - # afzz2.dnslabtest1.com A 6.6.6.254 - # afzz2.dnslabtest1.com A 6.6.6.255 - # afuzz2.dnslabtest1.com A 1.2.3.4 + # afzz2.yourdomain.com A 6.6.6.254 + # afzz2.yourdomain.com A 6.6.6.255 + # afuzz2.yourdomain.com A 1.2.3.4 answers = 1 if req.subdomains[1].isnumeric(): answers = int(req.subdomains[1]) diff --git a/modules/alias.toml b/modules/alias.toml index 4f1224b..f8d3a27 100644 --- a/modules/alias.toml +++ b/modules/alias.toml @@ -23,7 +23,8 @@ code = ''' for i in range(answers): dom = name_fuzz(resp.nfz) if hasattr(resp, "nfz") else random_chain(req.full_domain) bindom = convDom2Bin(dom) - buffer += convDom2Bin(req.full_domain) + getTypeBin("DNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("DNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(bindom)) ## Data length buffer += bindom ## DNAME value @@ -34,7 +35,8 @@ code = ''' dom = name_fuzz(resp.nfz) if hasattr(resp, "nfz") else random_chain(req.full_domain) bindom = convDom2Bin(dom) data_len = 2+len(bindom) # SvcPriority (2 bytes) + the target name - buffer += convDom2Bin(req.full_domain) + getTypeBin("HTTPS") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("HTTPS") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## SvcPriority (0 means alias mode - RFC 9460) @@ -47,7 +49,8 @@ code = ''' bindom = convDom2Bin(dom) data_len = 2+len(bindom) # SvcPriority (2 bytes) + the target name data_len = 2+len(bindom) # SvcPriority (2 bytes) + the target name - buffer += convDom2Bin(req.full_domain) + getTypeBin("SVCB") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("SVCB") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## SvcPriority (0 means alias mode - RFC 9460) @@ -61,7 +64,8 @@ code = ''' data_len = 2+len(bindom) # SvcPriority (2 bytes) + the target name port = random.getrandbits(16) data_len = 2+2+2+len(bindom) # Priority (2 bytes) + Weight (2 bytes) + Port (2 bytes) + Target domain - buffer += convDom2Bin(req.full_domain) + getTypeBin("SRV") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("SRV") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## Priority @@ -76,7 +80,8 @@ code = ''' bindom = convDom2Bin(dom) data_len = 2+len(bindom) # SvcPriority (2 bytes) + the target name data_len = 2+len(bindom) # Priority (2 bytes) + Target domain - buffer += convDom2Bin(req.full_domain) + getTypeBin("MX") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("MX") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## Priority @@ -88,7 +93,8 @@ code = ''' dom = name_fuzz(resp.nfz) if hasattr(resp, "nfz") else random_chain(req.full_domain) bindom = convDom2Bin(dom) data_len = 2+len(bindom) # SvcPriority (2 bytes) + the target name - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(bindom)) ## Data length buffer += bindom ## CNAME value diff --git a/modules/badcompresspoc1nn.toml b/modules/badcompresspoc1nn.toml index a8dddfc..14e70aa 100644 --- a/modules/badcompresspoc1nn.toml +++ b/modules/badcompresspoc1nn.toml @@ -17,14 +17,16 @@ if req.first_subdomain.startswith("badcompresspoc1nn"): ### ANSWER SECTION ######## databin = b"\x0babcdeabcdef" # TXT ~~~ CNAME points here - buffer += convDom2Bin(req.full_domain) + getTypeBin("TXT") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("TXT") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin # CNAME offset_to_the_txt = (len(req.full_domain)*2) + 18 + 12 ## backward pointer to the previous TXT record databin = b"\xc0" + struct.pack(">B", offset_to_the_txt) - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin diff --git a/modules/badcompresspoc1wn.toml b/modules/badcompresspoc1wn.toml index c551d28..f0491b2 100644 --- a/modules/badcompresspoc1wn.toml +++ b/modules/badcompresspoc1wn.toml @@ -17,14 +17,16 @@ if req.first_subdomain.startswith("badcompresspoc1wn"): ### ANSWER SECTION ######## databin = b"\x0babcdeabcde\x00" # TXT ~~~ CNAME points here - buffer += convDom2Bin(req.full_domain) + getTypeBin("TXT") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("TXT") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin # CNAME offset_to_the_txt = (len(req.full_domain)*2) + 18 + 12 ## backward pointer to the previous TXT record databin = b"\xc0" + struct.pack(">B", offset_to_the_txt) - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin diff --git a/modules/badcompresspoc2nn.toml b/modules/badcompresspoc2nn.toml index be132c2..c324b4f 100644 --- a/modules/badcompresspoc2nn.toml +++ b/modules/badcompresspoc2nn.toml @@ -17,14 +17,16 @@ if req.first_subdomain.startswith("badcompresspoc2nn"): ### ANSWER SECTION ######## databin = b"\x09\x04abcd\x03com" # TXT ~~~ CNAME points here - buffer += convDom2Bin(req.full_domain) + getTypeBin("TXT") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("TXT") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin # CNAME offset_to_the_txt = (len(req.full_domain)*2) + 18 + 13 ## backward pointer to the previous TXT record databin = b"\xc0" + struct.pack(">B", offset_to_the_txt) - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin diff --git a/modules/badcompresspoc2wn.toml b/modules/badcompresspoc2wn.toml index 77176b2..869c019 100644 --- a/modules/badcompresspoc2wn.toml +++ b/modules/badcompresspoc2wn.toml @@ -17,14 +17,16 @@ if req.first_subdomain.startswith("badcompresspoc2wn"): ### ANSWER SECTION ######## databin = b"\x0a\x04abcd\x03com\x00" # TXT ~~~ CNAME points here - buffer += convDom2Bin(req.full_domain) + getTypeBin("TXT") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("TXT") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin # CNAME offset_to_the_txt = (len(req.full_domain)*2) + 18 + 13 ## backward pointer to the previous TXT record databin = b"\xc0" + struct.pack(">B", offset_to_the_txt) - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin diff --git a/modules/badcompresspoc3nn.toml b/modules/badcompresspoc3nn.toml index eccc1f0..df54241 100644 --- a/modules/badcompresspoc3nn.toml +++ b/modules/badcompresspoc3nn.toml @@ -17,14 +17,16 @@ if req.first_subdomain.startswith("badcompresspoc3nn"): ### ANSWER SECTION ######## databin = b"\x09\x08abcd.com" # TXT ~~~ CNAME points here - buffer += convDom2Bin(req.full_domain) + getTypeBin("TXT") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("TXT") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin # CNAME offset_to_the_txt = (len(req.full_domain)*2) + 18 + 13 ## backward pointer to the previous TXT record databin = b"\xc0" + struct.pack(">B", offset_to_the_txt) - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin diff --git a/modules/badcompresspoc3wn.toml b/modules/badcompresspoc3wn.toml index a7d8fe2..7628e45 100644 --- a/modules/badcompresspoc3wn.toml +++ b/modules/badcompresspoc3wn.toml @@ -17,14 +17,16 @@ if req.first_subdomain.startswith("badcompresspoc3wn"): ### ANSWER SECTION ######## databin = b"\x0a\x08abcd.com\x00" # TXT ~~~ CNAME points here - buffer += convDom2Bin(req.full_domain) + getTypeBin("TXT") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("TXT") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin # CNAME offset_to_the_txt = (len(req.full_domain)*2) + 18 + 13 ## backward pointer to the previous TXT record databin = b"\xc0" + struct.pack(">B", offset_to_the_txt) - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin diff --git a/modules/badcompresspoc4nn.toml b/modules/badcompresspoc4nn.toml index 83eaab6..5ee7bc2 100644 --- a/modules/badcompresspoc4nn.toml +++ b/modules/badcompresspoc4nn.toml @@ -17,14 +17,16 @@ if req.first_subdomain.startswith("badcompresspoc4nn"): ### ANSWER SECTION ######## databin = b"\x09\x08a....com" # TXT ~~~ CNAME points here - buffer += convDom2Bin(req.full_domain) + getTypeBin("TXT") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("TXT") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin # CNAME offset_to_the_txt = (len(req.full_domain)*2) + 18 + 13 ## backward pointer to the previous TXT record databin = b"\xc0" + struct.pack(">B", offset_to_the_txt) - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin diff --git a/modules/badcompresspoc4wn.toml b/modules/badcompresspoc4wn.toml index ec781a4..66be9fd 100644 --- a/modules/badcompresspoc4wn.toml +++ b/modules/badcompresspoc4wn.toml @@ -17,14 +17,16 @@ if req.first_subdomain.startswith("badcompresspoc4wn"): ### ANSWER SECTION ######## databin = b"\x0a\x08a....com\x00" # TXT ~~~ CNAME points here - buffer += convDom2Bin(req.full_domain) + getTypeBin("TXT") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("TXT") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin # CNAME offset_to_the_txt = (len(req.full_domain)*2) + 18 + 13 ## backward pointer to the previous TXT record databin = b"\xc0" + struct.pack(">B", offset_to_the_txt) - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin diff --git a/modules/badcompresspoc5nn.toml b/modules/badcompresspoc5nn.toml index d9bb3d8..7666b34 100644 --- a/modules/badcompresspoc5nn.toml +++ b/modules/badcompresspoc5nn.toml @@ -17,14 +17,16 @@ if req.first_subdomain.startswith("badcompresspoc5nn"): ### ANSWER SECTION ######## databin = b"\x09\x08\x55\x66\x77\x88\x99\xaa\xbb\xcc" # TXT ~~~ CNAME points here - buffer += convDom2Bin(req.full_domain) + getTypeBin("TXT") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("TXT") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin # CNAME offset_to_the_txt = (len(req.full_domain)*2) + 18 + 13 ## backward pointer to the previous TXT record databin = b"\xc0" + struct.pack(">B", offset_to_the_txt) - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin diff --git a/modules/badcompresspoc5wn.toml b/modules/badcompresspoc5wn.toml index e4e162c..76d682a 100644 --- a/modules/badcompresspoc5wn.toml +++ b/modules/badcompresspoc5wn.toml @@ -17,14 +17,16 @@ if req.first_subdomain.startswith("badcompresspoc5wn"): ### ANSWER SECTION ######## databin = b"\x0a\x08\x55\x66\x77\x88\x99\xaa\xbb\xcc\x00" # TXT ~~~ CNAME points here - buffer += convDom2Bin(req.full_domain) + getTypeBin("TXT") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("TXT") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin # CNAME offset_to_the_txt = (len(req.full_domain)*2) + 18 + 13 ## backward pointer to the previous TXT record databin = b"\xc0" + struct.pack(">B", offset_to_the_txt) - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin diff --git a/modules/badcompresspoc6wn.toml b/modules/badcompresspoc6wn.toml index ff8860e..b836eb8 100644 --- a/modules/badcompresspoc6wn.toml +++ b/modules/badcompresspoc6wn.toml @@ -23,14 +23,16 @@ if req.first_subdomain.startswith("badcompresspoc6wn"): databin += struct.pack(">B", len(data)) databin += data + b"\x00" # TXT - buffer += convDom2Bin(req.full_domain) + getTypeBin("TXT") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("TXT") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin # CNAME offset_to_the_txt = (len(req.full_domain)*2) + 18 + 13 ## backward pointer to the previous TXT record databin = b"\xc0" + struct.pack(">B", offset_to_the_txt) - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(databin)) ## Data length buffer += databin diff --git a/modules/bigbintxt.toml b/modules/bigbintxt.toml index ea7dee8..5a0fa7f 100644 --- a/modules/bigbintxt.toml +++ b/modules/bigbintxt.toml @@ -24,7 +24,8 @@ if req.first_subdomain.startswith("bigbintxt"): for i in range(size-1): data += struct.pack(">B", chunksize) + os.urandom(chunksize) # TXT - buffer += convDom2Bin(req.full_domain) + getTypeBin("TXT") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("TXT") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(data)) ## Data length buffer += data diff --git a/modules/bigcname.toml b/modules/bigcname.toml index 71589d2..ae6dffb 100644 --- a/modules/bigcname.toml +++ b/modules/bigcname.toml @@ -9,9 +9,9 @@ category = "CNAME fuzzing" code = ''' if req.first_subdomain.startswith("bigcname"): # Send big CNAME record, for example: - # bigcname.10.5.10.dnslabtest1.com will generate CNAME of: + # bigcname.10.5.10.yourdomain.com will generate CNAME of: # 10 5 10 - # always.7ogeechcv7.hlri6.5ljh1607ca.dnslabtest1.com + # always.7ogeechcv7.hlri6.5ljh1607ca.yourdomain.com ### DNS header ######## buffer = prep_dns_header(b'\x84\x00', req.QURR, 1, 0, 0) ### QUESTION SECTION ######## @@ -23,7 +23,8 @@ if req.first_subdomain.startswith("bigcname"): dom += '.' + ''.join(random.choice(string.ascii_lowercase + string.digits) for _ in range(int(lbl))) dom += '.' + req.sld_tld_domain # CNAME - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(dom)+2) ## Data length buffer += convDom2Bin(dom) ## CNAME value diff --git a/modules/bigtxt.toml b/modules/bigtxt.toml index 375842e..177654b 100644 --- a/modules/bigtxt.toml +++ b/modules/bigtxt.toml @@ -24,7 +24,8 @@ if req.first_subdomain.startswith("bigtxt"): for i in range(size-1): data += '.' + ''.join(random.choice(string.ascii_lowercase + string.digits) for _ in range(int(chunksize))) # TXT - buffer += convDom2Bin(req.full_domain) + getTypeBin("TXT") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("TXT") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(data)+1) ## Data length buffer += convData2Bin(data) diff --git a/modules/cgena.toml b/modules/cgena.toml index 3c48132..02313bf 100644 --- a/modules/cgena.toml +++ b/modules/cgena.toml @@ -21,25 +21,25 @@ if req.first_subdomain.startswith("cgena") or req.first_subdomain.startswith("ba count = int(req.subdomains[3]) r = '{:06d}'.format(random.getrandbits(20) % 1000000) match variant: - case 2: # cgena.2 - always123456.dnslabtest1.com + case 2: # cgena.2 - always123456.yourdomain.com bindom = struct.pack(">B", 6+count+6) + badbyte.to_bytes(1, 'big')*count bindom += b"always" + bytes(str(r), 'utf-8') bindom += convDom2Bin(req.sld_tld_domain) dom = str(badbyte.to_bytes(1, 'big')*count).replace(".", "") + "always" + str(r) dom += "." + req.sld_tld_domain - case 3: # cgena.3 - always123456.dnslabtest1.com + case 3: # cgena.3 - always123456.yourdomain.com bindom = struct.pack(">B", 6+count+6) + b"always" + badbyte.to_bytes(1, 'big')*count bindom += bytes(str(r), 'utf-8') bindom += convDom2Bin(req.sld_tld_domain) dom = "always" + str(badbyte.to_bytes(1, 'big')*count).replace(".", "") + str(r) dom += "." + req.sld_tld_domain - case 4: # cgena.4 - always123456.dnslabtest1.com + case 4: # cgena.4 - always123456.yourdomain.com bindom = struct.pack(">B", 6+count+6) + b"always" + bytes(str(r), 'utf-8') bindom += badbyte.to_bytes(1, 'big')*count bindom += convDom2Bin(req.sld_tld_domain) dom = "always" + str(r) + str(badbyte.to_bytes(1, 'big')*count).replace(".", "") dom += "." + req.sld_tld_domain - case 5: # cgena.5 - always123456dnslabtest1.com + case 5: # cgena.5 - always123456yourdomain.com fc = b"always" + bytes(str(r), 'utf-8') + badbyte.to_bytes(1, 'big')*count + bytes(req.sld, 'utf-8') bindom = struct.pack(">B", len(fc)) bindom += fc @@ -48,7 +48,7 @@ if req.first_subdomain.startswith("cgena") or req.first_subdomain.startswith("ba bindom += b"\x00" dom = "always" + str(r) + str(badbyte.to_bytes(1, 'big')*count).replace(".", "") dom += req.sld_tld_domain - case 6: # cgena.6 - always123456.dnslabtest1com + case 6: # cgena.6 - always123456.yourdomaincom bindom = struct.pack(">B", 12) bindom += bytes("always" + str(r), 'utf-8') bindom += struct.pack(">B", len(req.sld + req.tld) + count) @@ -58,28 +58,28 @@ if req.first_subdomain.startswith("cgena") or req.first_subdomain.startswith("ba bindom += b"\x00" dom = "always" + str(r) + "." + req.sld dom += str(badbyte.to_bytes(1, 'big')*count).replace(".", "") + req.tld - case 7: # cgena.7 - always123456.dnslabtest1.com + case 7: # cgena.7 - always123456.yourdomain.com bindom = struct.pack(">B", 12) + b"always" + bytes(str(r), 'utf-8') bindom += convData2Bin(req.sld) bindom += struct.pack(">B", count+len(req.tld)) + badbyte.to_bytes(1, 'big')*count bindom += bytes(req.tld, 'utf-8') + b"\x00" dom = "always" + str(r) + "." + req.sld + "." dom += str(badbyte.to_bytes(1, 'big')*count).replace(".", "") + req.tld - case 8: # cgena.8 - always123456.dnslabtest1.com + case 8: # cgena.8 - always123456.yourdomain.com bindom = struct.pack(">B", 12) + b"always" + bytes(str(r), 'utf-8') bindom += convData2Bin(req.sld) bindom += struct.pack(">B", count+len(req.tld)) + bytes(req.tld, 'utf-8') bindom += badbyte.to_bytes(1, 'big')*count + b"\x00" dom = "always" + str(r) + "." + req.sld_tld_domain dom += str(badbyte.to_bytes(1, 'big')*count).replace(".", "") - case 9: # cgena.9 - always123456.dnslabtest1.com. + case 9: # cgena.9 - always123456.yourdomain.com. bindom = struct.pack(">B", 12) + b"always" + bytes(str(r), 'utf-8') bindom += convData2Bin(req.sld_tld_domain) bindom += struct.pack(">B", count) + badbyte.to_bytes(1, 'big')*count bindom += b"\x00" dom = "always" + str(r) + "." + req.sld_tld_domain + "." dom += str(badbyte.to_bytes(1, 'big')*count).replace(".", "") - case _: # cgena.1 - .always123456.dnslabtest1.com + case _: # cgena.1 - .always123456.yourdomain.com bindom = struct.pack(">B", count) + badbyte.to_bytes(1, 'big')*count bindom += convData2Bin("always" + str(r)) bindom += convDom2Bin(req.sld_tld_domain) @@ -90,7 +90,8 @@ if req.first_subdomain.startswith("cgena") or req.first_subdomain.startswith("ba ### QUESTION SECTION ######## if resp.noq: buffer += convDom2Bin(req.full_domain) + req.type_bin + req.class_bin ### ANSWER SECTION ######## - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(bindom)) ## Data length buffer += bindom ## CNAME diff --git a/modules/cgenb.toml b/modules/cgenb.toml index 1d950ed..e592143 100644 --- a/modules/cgenb.toml +++ b/modules/cgenb.toml @@ -20,25 +20,25 @@ if req.first_subdomain.startswith("cgenb"): count = int(req.subdomains[3]) r = '{:06d}'.format(random.getrandbits(20) % 1000000) match variant: - case 2: # cgenb.2 - nonres123456.dnslabtest1.com + case 2: # cgenb.2 - nonres123456.yourdomain.com bindom = struct.pack(">B", 6+count+6) + badbyte.to_bytes(1, 'big')*count bindom += b"nonres" + bytes(str(r), 'utf-8') bindom += convDom2Bin(req.sld_tld_domain) dom = str(badbyte.to_bytes(1, 'big')*count).replace(".", "") + "nonres" + str(r) dom += "." + req.sld_tld_domain - case 3: # cgenb.3 - nonres123456.dnslabtest1.com + case 3: # cgenb.3 - nonres123456.yourdomain.com bindom = struct.pack(">B", 6+count+6) + b"nonres" + badbyte.to_bytes(1, 'big')*count bindom += bytes(str(r), 'utf-8') bindom += convDom2Bin(req.sld_tld_domain) dom = "nonres" + str(badbyte.to_bytes(1, 'big')*count).replace(".", "") + str(r) dom += "." + req.sld_tld_domain - case 4: # cgenb.4 - nonres123456.dnslabtest1.com + case 4: # cgenb.4 - nonres123456.yourdomain.com bindom = struct.pack(">B", 6+count+6) + b"nonres" + bytes(str(r), 'utf-8') bindom += badbyte.to_bytes(1, 'big')*count bindom += convDom2Bin(req.sld_tld_domain) dom = "nonres" + str(r) + str(badbyte.to_bytes(1, 'big')*count).replace(".", "") dom += "." + req.sld_tld_domain - case 5: # cgenb.5 - nonres123456dnslabtest1.com + case 5: # cgenb.5 - nonres123456yourdomain.com fc = b"nonres" + bytes(str(r), 'utf-8') + badbyte.to_bytes(1, 'big')*count + bytes(req.sld, 'utf-8') bindom = struct.pack(">B", len(fc)) bindom += fc @@ -47,7 +47,7 @@ if req.first_subdomain.startswith("cgenb"): bindom += b"\x00" dom = "nonres" + str(r) + str(badbyte.to_bytes(1, 'big')*count).replace(".", "") dom += req.sld_tld_domain - case 6: # cgenb.6 - nonres123456.dnslabtest1com + case 6: # cgenb.6 - nonres123456.yourdomaincom bindom = struct.pack(">B", 12) bindom += bytes("nonres" + str(r), 'utf-8') bindom += struct.pack(">B", len(req.sld + req.tld) + count) @@ -57,28 +57,28 @@ if req.first_subdomain.startswith("cgenb"): bindom += b"\x00" dom = "nonres" + str(r) + "." + req.sld dom += str(badbyte.to_bytes(1, 'big')*count).replace(".", "") + req.tld - case 7: # cgenb.7 - nonres123456.dnslabtest1.com + case 7: # cgenb.7 - nonres123456.yourdomain.com bindom = struct.pack(">B", 12) + b"nonres" + bytes(str(r), 'utf-8') bindom += convData2Bin(req.sld) bindom += struct.pack(">B", count+len(req.tld)) + badbyte.to_bytes(1, 'big')*count bindom += bytes(req.tld, 'utf-8') + b"\x00" dom = "nonres" + str(r) + "." + req.sld + "." dom += str(badbyte.to_bytes(1, 'big')*count).replace(".", "") + req.tld - case 8: # cgenb.8 - nonres123456.dnslabtest1.com + case 8: # cgenb.8 - nonres123456.yourdomain.com bindom = struct.pack(">B", 12) + b"nonres" + bytes(str(r), 'utf-8') bindom += convData2Bin(req.sld) bindom += struct.pack(">B", count+len(req.tld)) + bytes(req.tld, 'utf-8') bindom += badbyte.to_bytes(1, 'big')*count + b"\x00" dom = "nonres" + str(r) + "." + req.sld_tld_domain dom += str(badbyte.to_bytes(1, 'big')*count).replace(".", "") - case 9: # cgenb.9 - nonres123456.dnslabtest1.com. + case 9: # cgenb.9 - nonres123456.yourdomain.com. bindom = struct.pack(">B", 12) + b"nonres" + bytes(str(r), 'utf-8') bindom += convData2Bin(req.sld_tld_domain) bindom += struct.pack(">B", count) + badbyte.to_bytes(1, 'big')*count bindom += b"\x00" dom = "nonres" + str(r) + "." + req.sld_tld_domain + "." dom += str(badbyte.to_bytes(1, 'big')*count).replace(".", "") - case _: # cgenb.1 - .nonres123456.dnslabtest1.com + case _: # cgenb.1 - .nonres123456.yourdomain.com bindom = struct.pack(">B", count) + badbyte.to_bytes(1, 'big')*count bindom += convData2Bin("nonres" + str(r)) bindom += convDom2Bin(req.sld_tld_domain) @@ -89,7 +89,8 @@ if req.first_subdomain.startswith("cgenb"): ### QUESTION SECTION ######## if resp.noq: buffer += convDom2Bin(req.full_domain) + req.type_bin + req.class_bin ### ANSWER SECTION ######## - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(bindom)) ## Data length buffer += bindom ## CNAME diff --git a/modules/chain.toml b/modules/chain.toml index cdad28a..0f60ba7 100644 --- a/modules/chain.toml +++ b/modules/chain.toml @@ -19,14 +19,16 @@ code = ''' match req.type_str: case "DNAME": type = "DNAME" - buffer += convDom2Bin(req.full_domain) + getTypeBin("DNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("DNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(bindom)) ## Data length buffer += bindom ## DNAME value case "HTTPS": type = "HTTPS" data_len = 2+len(bindom) # SvcPriority (2 bytes) + the target name - buffer += convDom2Bin(req.full_domain) + getTypeBin("HTTPS") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("HTTPS") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## SvcPriority (0 means alias mode - RFC 9460) @@ -34,7 +36,8 @@ code = ''' case "SVCB": type = "SVCB" data_len = 2+len(bindom) # SvcPriority (2 bytes) + the target name - buffer += convDom2Bin(req.full_domain) + getTypeBin("SVCB") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("SVCB") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## SvcPriority (0 means alias mode - RFC 9460) @@ -43,7 +46,8 @@ code = ''' type = "SRV" port = random.getrandbits(16) data_len = 2+2+2+len(bindom) # Priority (2 bytes) + Weight (2 bytes) + Port (2 bytes) + Target domain - buffer += convDom2Bin(req.full_domain) + getTypeBin("SRV") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("SRV") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## Priority @@ -53,14 +57,16 @@ code = ''' case "MX": type = "MX" data_len = 2+len(bindom) # Priority (2 bytes) + Target domain - buffer += convDom2Bin(req.full_domain) + getTypeBin("MX") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("MX") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## Priority buffer += bindom ## TargetName case _: type = "CNAME" - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(bindom)) ## Data length buffer += bindom ## DNAME value diff --git a/modules/chunkedcnames.toml b/modules/chunkedcnames.toml index 011727b..61b02b6 100644 --- a/modules/chunkedcnames.toml +++ b/modules/chunkedcnames.toml @@ -36,7 +36,8 @@ if req.first_subdomain.startswith("chunkedcnames"): for i in range(nans): dom = "always" + str(random.getrandbits(20) % 900000 + 100000) + "." + req.sld_tld_domain doms.append(dom) - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(dom)+2) ## Data length buffer += convDom2Bin(dom) ## CNAME value @@ -52,7 +53,8 @@ if req.first_subdomain.startswith("chunkedcnames"): ### ANSWER SECTION ######## for i in range(nans): dom = doms[i] - buffer = convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer = b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(dom)+2) ## Data length buffer += convDom2Bin(dom) ## CNAME value diff --git a/modules/cnalias.toml b/modules/cnalias.toml index 7b6df5d..aa7f6f9 100644 --- a/modules/cnalias.toml +++ b/modules/cnalias.toml @@ -21,7 +21,8 @@ code = ''' # CNAME dom = name_fuzz(resp.nfz) if hasattr(resp, "nfz") else random_chain(req.full_domain) bindom = convDom2Bin(dom) - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(bindom)) ## Data length buffer += bindom ## CNAME value diff --git a/modules/cnamefuzz1.toml b/modules/cnamefuzz1.toml index 7ba7d37..42f5551 100644 --- a/modules/cnamefuzz1.toml +++ b/modules/cnamefuzz1.toml @@ -22,7 +22,8 @@ if req.first_subdomain.startswith("cnamefuzz1"): ### ANSWER SECTION ######## for i in range(cnames): data = ''.join(random.choice(string.printable) for _ in range(cnamesize)) - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(data)+2) ## Data length buffer += convDom2Bin(data) diff --git a/modules/cnamefuzz2.toml b/modules/cnamefuzz2.toml index 1a41c42..9bbdcd6 100644 --- a/modules/cnamefuzz2.toml +++ b/modules/cnamefuzz2.toml @@ -22,7 +22,8 @@ if req.first_subdomain.startswith("cnamefuzz2"): ### ANSWER SECTION ######## for i in range(cnames): data = os.urandom(cnamesize) - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(data)+2) ## Data length #buffer += convData2Bin(data) + b"\x00" diff --git a/modules/cnchain.toml b/modules/cnchain.toml index 91644be..8705873 100644 --- a/modules/cnchain.toml +++ b/modules/cnchain.toml @@ -16,7 +16,8 @@ if req.first_subdomain.startswith("cnchain"): if resp.noq: buffer += convDom2Bin(req.full_domain) + req.type_bin + req.class_bin ### ANSWER SECTION ######## # CNAME - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(new_domain_name)+2) ## Data length buffer += convDom2Bin(new_domain_name) ## CNAME value diff --git a/modules/cnloop.toml b/modules/cnloop.toml index 5baee0b..dc4da44 100644 --- a/modules/cnloop.toml +++ b/modules/cnloop.toml @@ -11,7 +11,7 @@ if req.first_subdomain.startswith("cnloop"): # Do a CNAME loop if req.subdomains[1].isnumeric() and req.subdomains[2].isnumeric(): # we are already in a loop, e.g.: - # cnloop.10.4.dnslabtest.com + # cnloop.10.4.yourdomain.com max = int(req.subdomains[1]) cur = int(req.subdomains[2]) if cur >= max: @@ -24,7 +24,7 @@ if req.first_subdomain.startswith("cnloop"): new_domain_name += "." + req.subdomains[i+3] elif req.subdomains[1].isnumeric(): # we are in beginning of a loop with a requested max value, e.g.: - # cnloop.10.dnslabtest.com + # cnloop.10.yourdomain.com max = int(req.subdomains[1]) if max < 1: max = 1 @@ -40,7 +40,8 @@ if req.first_subdomain.startswith("cnloop"): if resp.noq: buffer += convDom2Bin(req.full_domain) + req.type_bin + req.class_bin ### ANSWER SECTION ######## # CNAME - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(new_domain_name)+2) ## Data length buffer += convDom2Bin(new_domain_name) ## CNAME value diff --git a/modules/cutabuf.toml b/modules/cutabuf.toml index e946e97..14ac36d 100644 --- a/modules/cutabuf.toml +++ b/modules/cutabuf.toml @@ -19,7 +19,8 @@ if req.first_subdomain.startswith("cutabuf"): if resp.noq: buffer += convDom2Bin(req.full_domain) + req.type_bin + req.class_bin ### ANSWER SECTION ######## # A - buffer += convDom2Bin(req.full_domain) + getTypeBin("A") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("A") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", 4) ## Data length buffer += socket.inet_aton(ip) ## IP diff --git a/modules/cutcnamebuf.toml b/modules/cutcnamebuf.toml index 326e4ac..d7e62ac 100644 --- a/modules/cutcnamebuf.toml +++ b/modules/cutcnamebuf.toml @@ -19,7 +19,8 @@ if req.first_subdomain.startswith("cutcnamebuf"): ### ANSWER SECTION ######## # CNAME dom = "always" + str(random.getrandbits(20) % 900000 + 100000) + "." + req.sld_tld_domain - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(dom)+2) ## Data length buffer += convDom2Bin(dom) ## CNAME value diff --git a/modules/dnalias.toml b/modules/dnalias.toml index 404a52b..1f87c39 100644 --- a/modules/dnalias.toml +++ b/modules/dnalias.toml @@ -21,7 +21,8 @@ code = ''' # DNAME dom = name_fuzz(resp.nfz) if hasattr(resp, "nfz") else random_chain(req.full_domain) bindom = convDom2Bin(dom) - buffer += convDom2Bin(req.full_domain) + getTypeBin("DNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("DNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(bindom)) ## Data length buffer += bindom ## DNAME value diff --git a/modules/dnchain.toml b/modules/dnchain.toml index 6b3a501..72e7e8b 100644 --- a/modules/dnchain.toml +++ b/modules/dnchain.toml @@ -16,7 +16,8 @@ if req.first_subdomain.startswith("dnchain"): if resp.noq: buffer += convDom2Bin(req.full_domain) + req.type_bin + req.class_bin ### ANSWER SECTION ######## # DNAME - buffer += convDom2Bin(req.full_domain) + getTypeBin("DNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("DNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(new_domain_name)+2) ## Data length buffer += convDom2Bin(new_domain_name) ## DNAME value diff --git a/modules/dnloop.toml b/modules/dnloop.toml index 0e23f2e..4c9ecc4 100644 --- a/modules/dnloop.toml +++ b/modules/dnloop.toml @@ -11,7 +11,7 @@ if req.first_subdomain.startswith("dnloop"): # Do a DNAME loop if req.subdomains[1].isnumeric() and req.subdomains[2].isnumeric(): # we are already in a loop, e.g.: - # dnloop.10.4.dnslabtest.com + # dnloop.10.4.yourdomain.com max = int(req.subdomains[1]) cur = int(req.subdomains[2]) if cur >= max: @@ -24,7 +24,7 @@ if req.first_subdomain.startswith("dnloop"): new_domain_name += "." + req.subdomains[i+3] elif req.subdomains[1].isnumeric(): # we are in beginning of a loop with a requested max value, e.g.: - # dnloop.10.dnslabtest.com + # dnloop.10.yourdomain.com max = int(req.subdomains[1]) if max < 1: max = 1 @@ -40,7 +40,8 @@ if req.first_subdomain.startswith("dnloop"): if resp.noq: buffer += convDom2Bin(req.full_domain) + req.type_bin + req.class_bin ### ANSWER SECTION ######## # DNAME - buffer += convDom2Bin(req.full_domain) + getTypeBin("DNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("DNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(new_domain_name)+2) ## Data length buffer += convDom2Bin(new_domain_name) ## DNAME value diff --git a/modules/dotcname.toml b/modules/dotcname.toml index 68336b0..9778d73 100644 --- a/modules/dotcname.toml +++ b/modules/dotcname.toml @@ -86,7 +86,8 @@ if req.first_subdomain.startswith("dotcname"): ### QUESTION SECTION ######## if resp.noq: buffer += convDom2Bin(req.full_domain) + req.type_bin + req.class_bin ### ANSWER SECTION ######## - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(bindom)) ## Data length buffer += bindom ## CNAME diff --git a/modules/htalias.toml b/modules/htalias.toml index f158a4e..3678ead 100644 --- a/modules/htalias.toml +++ b/modules/htalias.toml @@ -22,7 +22,8 @@ code = ''' dom = name_fuzz(resp.nfz) if hasattr(resp, "nfz") else random_chain(req.full_domain) bindom = convDom2Bin(dom) data_len = 2+len(bindom) # SvcPriority (2 bytes) + the target name - buffer += convDom2Bin(req.full_domain) + getTypeBin("HTTPS") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("HTTPS") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## SvcPriority (0 means alias mode - RFC 9460) diff --git a/modules/htchain.toml b/modules/htchain.toml index ce5245f..65d2d84 100644 --- a/modules/htchain.toml +++ b/modules/htchain.toml @@ -18,7 +18,8 @@ code = ''' # HTTPS alias record bindom = convDom2Bin(new_domain_name) data_len = 2+len(bindom) # SvcPriority (2 bytes) + the target name - buffer += convDom2Bin(req.full_domain) + getTypeBin("HTTPS") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("HTTPS") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## SvcPriority (0 means alias mode - RFC 9460) diff --git a/modules/htloop.toml b/modules/htloop.toml index 4221d7a..14c8132 100644 --- a/modules/htloop.toml +++ b/modules/htloop.toml @@ -11,7 +11,7 @@ if req.first_subdomain.startswith("htloop"): # Do an alias loop in a HTTPS record (SvcPriority 0) if req.subdomains[1].isnumeric() and req.subdomains[2].isnumeric(): # we are already in a loop, e.g.: - # htloop.10.4.dnslabtest.com + # htloop.10.4.yourdomain.com max = int(req.subdomains[1]) cur = int(req.subdomains[2]) if cur >= max: @@ -24,7 +24,7 @@ if req.first_subdomain.startswith("htloop"): new_domain_name += "." + req.subdomains[i+3] elif req.subdomains[1].isnumeric(): # we are in beginning of a loop with a requested max value, e.g.: - # htloop.10.dnslabtest.com + # htloop.10.yourdomain.com max = int(req.subdomains[1]) if max < 1: max = 1 @@ -40,7 +40,8 @@ if req.first_subdomain.startswith("htloop"): if resp.noq: buffer += convDom2Bin(req.full_domain) + req.type_bin + req.class_bin ### ANSWER SECTION ######## data_len = 2+len(convDom2Bin(new_domain_name)) # SvcPriority (2 bytes) + the target name - buffer += convDom2Bin(req.full_domain) + getTypeBin("HTTPS") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("HTTPS") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## SvcPriority (0 means alias mode - RFC 9460) diff --git a/modules/illcname.toml b/modules/illcname.toml index 4c2a85a..b21ac0c 100644 --- a/modules/illcname.toml +++ b/modules/illcname.toml @@ -14,17 +14,17 @@ if req.first_subdomain.startswith("illcname"): if req.subdomains[1].isnumeric(): variant = int(req.subdomains[1]) match variant: - case 1: # illcname.0 - http://always123456.dnslabtest1.com/ + case 1: # illcname.0 - http://always123456.yourdomain.com/ dom = "http://always" + r + "." + req.sld_tld_domain + "/" - case 2: # illcname.1 - http://always123456.dnslabtest1.com:80/ + case 2: # illcname.1 - http://always123456.yourdomain.com:80/ dom = "http://always" + r + "." + req.sld_tld_domain + ":80/" - case 3: # illcname.2 - https://always123456.dnslabtest1.com/ + case 3: # illcname.2 - https://always123456.yourdomain.com/ dom = "https://always" + r + "." + req.sld_tld_domain + "/" - case 4: # illcname.3 - https://always123456.dnslabtest1.com:443/ + case 4: # illcname.3 - https://always123456.yourdomain.com:443/ dom = "https://always" + r + "." + req.sld_tld_domain + ":443/" - case 5: # illcname.4 - always123456.dnslabtest1.com:80 + case 5: # illcname.4 - always123456.yourdomain.com:80 dom = "always" + r + "." + req.sld_tld_domain + ":80" - case 6: # illcname.5 - always123456.dnslabtest1.com:443 + case 6: # illcname.5 - always123456.yourdomain.com:443 dom = "always" + r + "." + req.sld_tld_domain + ":443" case 7: # illcname.6 - 1.2.3.4 (in DNS name notation as 4 labels) dom = "1.2.3.4" @@ -46,7 +46,8 @@ if req.first_subdomain.startswith("illcname"): if resp.noq: buffer += convDom2Bin(req.full_domain) + req.type_bin + req.class_bin ### ANSWER SECTION ######## bindom = convDom2Bin(dom) - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(bindom)) ## Data length buffer += bindom ## CNAME diff --git a/modules/inj01.toml b/modules/inj01.toml index 4f99a3e..b94b0b0 100644 --- a/modules/inj01.toml +++ b/modules/inj01.toml @@ -31,7 +31,8 @@ if req.first_subdomain.startswith("inj01"): buffer += addedquestions ### ANSWER SECTION ######## # CNAME - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(enddom)+2) ## Data length buffer += convDom2Bin(enddom) ## CNAME value diff --git a/modules/inj02.toml b/modules/inj02.toml index ba79388..1b2d838 100644 --- a/modules/inj02.toml +++ b/modules/inj02.toml @@ -37,7 +37,8 @@ if req.first_subdomain.startswith("inj02"): buffer += struct.pack(">H", 4) ## Data length buffer += socket.inet_aton(injip) ## IP # CNAME - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(enddom)+2) ## Data length buffer += convDom2Bin(enddom) ## CNAME value diff --git a/modules/inj03.toml b/modules/inj03.toml index 1b19583..6df4803 100644 --- a/modules/inj03.toml +++ b/modules/inj03.toml @@ -31,7 +31,8 @@ if req.first_subdomain.startswith("inj03"): buffer += addedquestions ### ANSWER SECTION ######## # A - buffer += convDom2Bin(req.full_domain) + getTypeBin("A") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("A") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", 4) ## Data length buffer += socket.inet_aton(ip) ## IP diff --git a/modules/inj04.toml b/modules/inj04.toml index d27ea8b..4144778 100644 --- a/modules/inj04.toml +++ b/modules/inj04.toml @@ -36,7 +36,8 @@ if req.first_subdomain.startswith("inj04"): buffer += struct.pack(">H", 4) ## Data length buffer += socket.inet_aton(injip) ## IP # A - buffer += convDom2Bin(req.full_domain) + getTypeBin("A") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("A") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", 4) ## Data length buffer += socket.inet_aton(ip) ## IP diff --git a/modules/inj05.toml b/modules/inj05.toml index abbf6d7..69e9531 100644 --- a/modules/inj05.toml +++ b/modules/inj05.toml @@ -30,7 +30,8 @@ if req.first_subdomain.startswith("inj05"): buffer += addedquestions ### ANSWER SECTION ######## # CNAME - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(injdom)+2) ## Data length buffer += convDom2Bin(injdom) ## CNAME value @@ -41,7 +42,8 @@ if req.first_subdomain.startswith("inj05"): buffer += socket.inet_aton(injip) ## IP ### AUTHORITY SECTION ######## # CNAME - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(injdom)+2) ## Data length buffer += convDom2Bin(injdom) ## CNAME value @@ -52,7 +54,8 @@ if req.first_subdomain.startswith("inj05"): buffer += socket.inet_aton(injip) ## IP ### ADDITIONAL SECTION ######## # CNAME - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(injdom)+2) ## Data length buffer += convDom2Bin(injdom) ## CNAME value diff --git a/modules/inj06.toml b/modules/inj06.toml index c80b922..ed062be 100644 --- a/modules/inj06.toml +++ b/modules/inj06.toml @@ -30,7 +30,8 @@ if req.first_subdomain.startswith("inj06"): buffer += addedquestions ### ANSWER SECTION ######## # CNAME - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(injdom)+2) ## Data length buffer += convDom2Bin(injdom) ## CNAME value @@ -41,7 +42,8 @@ if req.first_subdomain.startswith("inj06"): buffer += socket.inet_pton(socket.AF_INET6, injip) ## IP ### AUTHORITY SECTION ######## # CNAME - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(injdom)+2) ## Data length buffer += convDom2Bin(injdom) ## CNAME value @@ -52,7 +54,8 @@ if req.first_subdomain.startswith("inj06"): buffer += socket.inet_pton(socket.AF_INET6, injip) ## IP ### ADDITIONAL SECTION ######## # CNAME - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(injdom)+2) ## Data length buffer += convDom2Bin(injdom) ## CNAME value diff --git a/modules/inj13.toml b/modules/inj13.toml index 7ef52ef..228af96 100644 --- a/modules/inj13.toml +++ b/modules/inj13.toml @@ -30,7 +30,8 @@ if req.first_subdomain.startswith("inj13"): if resp.noq: buffer += convDom2Bin(req.full_domain) + req.type_bin + req.class_bin buffer += addedquestions ### ANSWER SECTION ######## - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(cnamedom)+2) ## Data length buffer += convDom2Bin(cnamedom) ## CNAME diff --git a/modules/long.toml b/modules/long.toml index 40976b9..849009d 100644 --- a/modules/long.toml +++ b/modules/long.toml @@ -32,7 +32,8 @@ if len(req.full_domain) == 253 and req.first_subdomain.startswith("long"): buffer += struct.pack(">H", 4) ## Data length buffer += socket.inet_aton(randip) ## IP # proper answer in the end - buffer += convDom2Bin(req.full_domain) + getTypeBin("A") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("A") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", 4) ## Data length buffer += socket.inet_aton("6.6.6.6") ## IP @@ -48,7 +49,8 @@ if len(req.full_domain) == 253 and req.first_subdomain.startswith("long"): buffer += struct.pack(">H", 4) ## Data length buffer += socket.inet_aton(randip) ## IP # proper answer in the end - buffer += convDom2Bin(req.full_domain) + getTypeBin("A") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("A") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", 4) ## Data length buffer += socket.inet_aton("6.6.6.5") ## IP diff --git a/modules/loop.toml b/modules/loop.toml index 9669df8..902fb69 100644 --- a/modules/loop.toml +++ b/modules/loop.toml @@ -11,7 +11,7 @@ if req.first_subdomain.startswith("loop"): # Do an alias loop in a CNAME/DNAME/HTTPS/SVCB/SRV/MX record type if req.subdomains[1].isnumeric() and req.subdomains[2].isnumeric(): # we are already in a loop, e.g.: - # loop.10.4.dnslabtest.com + # loop.10.4.yourdomain.com max = int(req.subdomains[1]) cur = int(req.subdomains[2]) if cur >= max: @@ -24,7 +24,7 @@ if req.first_subdomain.startswith("loop"): new_domain_name += "." + req.subdomains[i+3] elif req.subdomains[1].isnumeric(): # we are in beginning of a loop with a requested max value, e.g.: - # loop.10.dnslabtest.com + # loop.10.yourdomain.com max = int(req.subdomains[1]) if max < 1: max = 1 @@ -43,14 +43,16 @@ if req.first_subdomain.startswith("loop"): match req.type_str: case "DNAME": type = "DNAME" - buffer += convDom2Bin(req.full_domain) + getTypeBin("DNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("DNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(bindom)) ## Data length buffer += bindom ## DNAME value case "HTTPS": type = "HTTPS" data_len = 2+len(bindom) # SvcPriority (2 bytes) + the target name - buffer += convDom2Bin(req.full_domain) + getTypeBin("HTTPS") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("HTTPS") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## SvcPriority (0 means alias mode - RFC 9460) @@ -58,7 +60,8 @@ if req.first_subdomain.startswith("loop"): case "SVCB": type = "SVCB" data_len = 2+len(bindom) # SvcPriority (2 bytes) + the target name - buffer += convDom2Bin(req.full_domain) + getTypeBin("SVCB") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("SVCB") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## SvcPriority (0 means alias mode - RFC 9460) @@ -67,7 +70,8 @@ if req.first_subdomain.startswith("loop"): type = "SRV" port = random.getrandbits(16) data_len = 2+2+2+len(bindom) # Priority (2 bytes) + Weight (2 bytes) + Port (2 bytes) + Target domain - buffer += convDom2Bin(req.full_domain) + getTypeBin("SRV") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("SRV") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## Priority @@ -77,14 +81,16 @@ if req.first_subdomain.startswith("loop"): case "MX": type = "MX" data_len = 2+len(bindom) # Priority (2 bytes) + Target domain - buffer += convDom2Bin(req.full_domain) + getTypeBin("MX") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("MX") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## Priority buffer += bindom ## TargetName case _: type = "CNAME" - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(bindom)) ## Data length buffer += bindom ## DNAME value diff --git a/modules/manybintxt.toml b/modules/manybintxt.toml index a7ea121..fda0199 100644 --- a/modules/manybintxt.toml +++ b/modules/manybintxt.toml @@ -22,7 +22,8 @@ if req.first_subdomain.startswith("manybintxt"): ### ANSWER SECTION ######## for i in range(nans): data = os.urandom(chunksize) - buffer += convDom2Bin(req.full_domain) + getTypeBin("TXT") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("TXT") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(data)+1) ## Data length buffer += struct.pack(">B", len(data)) ## TXT length diff --git a/modules/manycnames.toml b/modules/manycnames.toml index 2bd3a2d..bc35ad4 100644 --- a/modules/manycnames.toml +++ b/modules/manycnames.toml @@ -20,7 +20,8 @@ if req.first_subdomain.startswith("manycnames"): # generate alwaysXXXX domains for i in range(nans): dom = "always" + str(random.getrandbits(20) % 1000000) + "." + req.sld_tld_domain - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(dom)+2) ## Data length buffer += convDom2Bin(dom) ## CNAME value diff --git a/modules/manylabels.toml b/modules/manylabels.toml index cb658e9..bad1f81 100644 --- a/modules/manylabels.toml +++ b/modules/manylabels.toml @@ -26,7 +26,8 @@ if req.first_subdomain.startswith("manylabels"): dom += lbl + "." dom += req.sld_tld_domain # # # # # - buffer += convDom2Bin(req.full_domain) + getTypeBin("CNAME") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("CNAME") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(dom)+2) ## Data length buffer += convDom2Bin(dom) diff --git a/modules/manytxt.toml b/modules/manytxt.toml index d00646a..809ee52 100644 --- a/modules/manytxt.toml +++ b/modules/manytxt.toml @@ -22,7 +22,8 @@ if req.first_subdomain.startswith("manytxt"): ### ANSWER SECTION ######## for i in range(nans): data = ''.join(random.choice(string.ascii_lowercase + string.digits) for _ in range(chunksize)) - buffer += convDom2Bin(req.full_domain) + getTypeBin("TXT") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("TXT") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(data)+1) ## Data length buffer += convData2Bin(data) diff --git a/modules/mxalias.toml b/modules/mxalias.toml index 6a5d4f2..dfb9666 100644 --- a/modules/mxalias.toml +++ b/modules/mxalias.toml @@ -22,7 +22,8 @@ code = ''' dom = name_fuzz(resp.nfz) if hasattr(resp, "nfz") else random_chain(req.full_domain) bindom = convDom2Bin(dom) data_len = 2+len(bindom) # Priority (2 bytes) + Target domain - buffer += convDom2Bin(req.full_domain) + getTypeBin("MX") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("MX") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## Priority diff --git a/modules/mxchain.toml b/modules/mxchain.toml index 3661cca..8a3620d 100644 --- a/modules/mxchain.toml +++ b/modules/mxchain.toml @@ -18,7 +18,8 @@ code = ''' # MX alias record bindom = convDom2Bin(new_domain_name) data_len = 2+len(bindom) # Priority (2 bytes) + Target domain - buffer += convDom2Bin(req.full_domain) + getTypeBin("MX") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("MX") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## Priority diff --git a/modules/mxloop.toml b/modules/mxloop.toml index 116d0b6..172fef7 100644 --- a/modules/mxloop.toml +++ b/modules/mxloop.toml @@ -11,7 +11,7 @@ if req.first_subdomain.startswith("mxloop"): # Do an alias loop in a MX record if req.subdomains[1].isnumeric() and req.subdomains[2].isnumeric(): # we are already in a loop, e.g.: - # mxloop.10.4.dnslabtest.com + # mxloop.10.4.yourdomain.com max = int(req.subdomains[1]) cur = int(req.subdomains[2]) if cur >= max: @@ -24,7 +24,7 @@ if req.first_subdomain.startswith("mxloop"): new_domain_name += "." + req.subdomains[i+3] elif req.subdomains[1].isnumeric(): # we are in beginning of a loop with a requested max value, e.g.: - # mxloop.10.dnslabtest.com + # mxloop.10.yourdomain.com max = int(req.subdomains[1]) if max < 1: max = 1 @@ -41,7 +41,8 @@ if req.first_subdomain.startswith("mxloop"): ### ANSWER SECTION ######## bindom = convDom2Bin(new_domain_name) data_len = 2+len(bindom) # Priority (2 bytes) + Target domain - buffer += convDom2Bin(req.full_domain) + getTypeBin("MX") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("MX") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## Priority diff --git a/modules/self.toml b/modules/self.toml index ca8bb65..3092952 100644 --- a/modules/self.toml +++ b/modules/self.toml @@ -1,7 +1,7 @@ [module] name = "self" type = "feature" -info = "Client IP address" +info = "What is my IP address" desc = "Respond with A and TXT records containing the IP address of the connecting client. The TXT record also contains the port information" author = "ivan.jedek@oryxlabs.com" category = "General features" @@ -17,14 +17,16 @@ if req.first_subdomain.startswith("self") or req.first_subdomain.startswith("wha if req.type_str == "TXT": # TXT ipport = str(self.client_address[0]) + ":" + str(self.client_address[1]) - buffer += convDom2Bin(req.full_domain) + getTypeBin("TXT") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("TXT") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(ipport)+1) ## Data length buffer += struct.pack(">B", len(ipport)) ## TXT length buffer += bytes(ipport, "utf-8") # A ip = self.client_address[0] - buffer += convDom2Bin(req.full_domain) + getTypeBin("A") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("A") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", 4) ## Data length buffer += socket.inet_aton(ip) ## IP @@ -32,13 +34,15 @@ if req.first_subdomain.startswith("self") or req.first_subdomain.startswith("wha else: # A ip = self.client_address[0] - buffer += convDom2Bin(req.full_domain) + getTypeBin("A") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("A") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", 4) ## Data length buffer += socket.inet_aton(ip) ## IP # TXT ipport = str(self.client_address[0]) + ":" + str(self.client_address[1]) - buffer += convDom2Bin(req.full_domain) + getTypeBin("TXT") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("TXT") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(ipport)+1) ## Data length buffer += struct.pack(">B", len(ipport)) ## TXT length diff --git a/modules/size.toml b/modules/size.toml new file mode 100644 index 0000000..401fdd4 --- /dev/null +++ b/modules/size.toml @@ -0,0 +1,37 @@ +[module] +name = "size" +type = "feature" +info = "Max A records within size limit" +desc = "Respond with as many A records as we can possibly fit into a desired maximum packet size limit" +author = "ivan.jedek@oryxlabs.com" +category = "General features" + +code = ''' +elif req.first_subdomain.startswith("size"): + # Send as many A records as we can possibly fit into a desired max size + desired_size = int(req.subdomains[1]) if req.subdomains[1].isnumeric() else 512 + # compute how much space we have left after we add the necessities + req_name_len = len(convDom2Bin(req.full_domain)) + space_left = desired_size - 16 - req_name_len + if proto == "tcp": space_left -= 2 + if space_left < 0: space_left = 0 + # compute how many answers we can fit + answers = int(space_left/16) if resp.compress else int(space_left/(14+req_name_len)) + print("space left: %d, can fit: %d" % (space_left, answers)) if debug else True + ### DNS header ######## + buffer = prep_dns_header(b'\x84\x00', resp.QURR, answers, 0, 0) + ### QUESTION SECTION ######## + if resp.noq: buffer += convDom2Bin(req.full_domain) + req.type_bin + req.class_bin + ### ANSWER SECTION ######## + # A + for i in range(answers): + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("A") + getClassBin("IN") + buffer += struct.pack(">L", resp.TTL) ## TTL + buffer += struct.pack(">H", 4) ## Data length + buffer += b'\x7f\x00\x00' + random.getrandbits(8).to_bytes(1, 'big') ## 127.0.0. + # log and send + log("%d A records in %d B packet size limit" % (answers, desired_size)) + send_buf(self, buffer) + ##################################################################### +''' diff --git a/modules/sralias.toml b/modules/sralias.toml index ecc8ea3..12ed429 100644 --- a/modules/sralias.toml +++ b/modules/sralias.toml @@ -23,7 +23,8 @@ code = ''' port = random.getrandbits(16) bindom = convDom2Bin(dom) data_len = 2+2+2+len(bindom) # Priority (2 bytes) + Weight (2 bytes) + Port (2 bytes) + Target domain - buffer += convDom2Bin(req.full_domain) + getTypeBin("SRV") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("SRV") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## Priority @@ -39,11 +40,11 @@ code = ''' # Send multiple random SRV aliases (RFC 2782) for any domain name with attribute leaves # (domains prefixed with an underscore), up to 3 levels e.g., '_sub._service._proto.sralias...' # BEWARE: This could result in multiplication - offset = 1 # _a.sralias.10.dnslabtest.com + offset = 1 # _a.sralias.10.yourdomain.com if req.subdomains_lc[2].startswith("sralias"): - offset = 2 # _a._b.sralias.10.dnslabtest.com + offset = 2 # _a._b.sralias.10.yourdomain.com elif req.subdomains_lc[3].startswith("sralias"): - offset = 3 # _a._b._c.sralias.10.dnslabtest.com + offset = 3 # _a._b._c.sralias.10.yourdomain.com answers = int(req.subdomains[offset+1]) if req.subdomains[offset+1].isnumeric() else 3 ### DNS header ######## buffer = prep_dns_header(b'\x84\x00', req.QURR, answers, 0, 0) @@ -57,7 +58,8 @@ code = ''' port = random.getrandbits(16) bindom = convDom2Bin(dom) data_len = 2+2+2+len(bindom) # Priority (2 bytes) + Weight (2 bytes) + Port (2 bytes) + Target domain - buffer += convDom2Bin(req.full_domain) + getTypeBin("SRV") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("SRV") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## Priority diff --git a/modules/srchain.toml b/modules/srchain.toml index 519b33a..d4ee92f 100644 --- a/modules/srchain.toml +++ b/modules/srchain.toml @@ -19,7 +19,8 @@ code = ''' port = random.getrandbits(16) bindom = convDom2Bin(new_domain_name) data_len = 2+2+2+len(bindom) # Priority (2 bytes) + Weight (2 bytes) + Port (2 bytes) + Target domain - buffer += convDom2Bin(req.full_domain) + getTypeBin("SRV") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("SRV") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## Priority @@ -43,7 +44,8 @@ code = ''' port = random.getrandbits(16) bindom = convDom2Bin(new_domain_name) data_len = 2+2+2+len(bindom) # Priority (2 bytes) + Weight (2 bytes) + Port (2 bytes) + Target domain - buffer += convDom2Bin(req.full_domain) + getTypeBin("SRV") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("SRV") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## Priority diff --git a/modules/srloop.toml b/modules/srloop.toml index 84d7919..3df627d 100644 --- a/modules/srloop.toml +++ b/modules/srloop.toml @@ -11,7 +11,7 @@ if req.first_subdomain.startswith("srloop"): # Do an alias loop in a SRV record. if req.subdomains[1].isnumeric() and req.subdomains[2].isnumeric(): # we are already in a loop, e.g.: - # srloop.10.4.dnslabtest.com + # srloop.10.4.yourdomain.com max = int(req.subdomains[1]) cur = int(req.subdomains[2]) if cur >= max: @@ -24,7 +24,7 @@ if req.first_subdomain.startswith("srloop"): new_domain_name += "." + req.subdomains[i+3] elif req.subdomains[1].isnumeric(): # we are in beginning of a loop with a requested max value, e.g.: - # srloop.10.dnslabtest.com + # srloop.10.yourdomain.com max = int(req.subdomains[1]) if max < 1: max = 1 @@ -42,7 +42,8 @@ if req.first_subdomain.startswith("srloop"): port = random.getrandbits(16) bindom = convDom2Bin(new_domain_name) data_len = 2+2+2+len(bindom) # Priority (2 bytes) + Weight (2 bytes) + Port (2 bytes) + Target domain - buffer += convDom2Bin(req.full_domain) + getTypeBin("SRV") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("SRV") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## Priority @@ -57,11 +58,11 @@ elif req.subdomains[0][0:1] == "_" and (req.subdomains_lc[1].startswith("srloop" # Do an alias loop in a SRV record for any domain name with attribute leaves (domains # prefixed with an underscore), up to 3 levels e.g., '_sub._service._proto.srloop...' - offset=1 # _a.srloop.10.dnslabtest1.com + offset=1 # _a.srloop.10.yourdomain.com if req.subdomains_lc[2].startswith("srloop"): - offset = 2 # _a._b.srloop.10.dnslabtest1.com + offset = 2 # _a._b.srloop.10.yourdomain.com elif req.subdomains_lc[3].startswith("srloop"): - offset = 3 # _a._b._c.srloop.10.dnslabtest1.com + offset = 3 # _a._b._c.srloop.10.yourdomain.com new_domain_name = "" for i in range(offset+1): @@ -69,7 +70,7 @@ elif req.subdomains[0][0:1] == "_" and (req.subdomains_lc[1].startswith("srloop" if req.subdomains[offset+1].isnumeric() and req.subdomains[offset+2].isnumeric(): # we are already in a loop, e.g.: - # _abc.srloop.10.4.dnslabtest.com + # _abc.srloop.10.4.yourdomain.com max = int(req.subdomains[offset+1]) cur = int(req.subdomains[offset+2]) if cur >= max: @@ -82,7 +83,7 @@ elif req.subdomains[0][0:1] == "_" and (req.subdomains_lc[1].startswith("srloop" new_domain_name += "." + req.subdomains[i+3+offset] elif req.subdomains[offset+1].isnumeric(): # we are in beginning of a loop with a requested max value, e.g.: - # _abc.srloop.10.dnslabtest.com + # _abc.srloop.10.yourdomain.com max = int(req.subdomains[offset+1]) if max < 1: max = 1 @@ -101,7 +102,8 @@ elif req.subdomains[0][0:1] == "_" and (req.subdomains_lc[1].startswith("srloop" port = random.getrandbits(16) bindom = convDom2Bin(new_domain_name) data_len = 2+2+2+len(bindom) # Priority (2 bytes) + Weight (2 bytes) + Port (2 bytes) + Target domain - buffer += convDom2Bin(req.full_domain) + getTypeBin("SRV") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("SRV") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## Priority diff --git a/modules/svalias.toml b/modules/svalias.toml index 8631b8c..0281880 100644 --- a/modules/svalias.toml +++ b/modules/svalias.toml @@ -22,7 +22,8 @@ code = ''' dom = name_fuzz(resp.nfz) if hasattr(resp, "nfz") else random_chain(req.full_domain) bindom = convDom2Bin(dom) data_len = 2+len(bindom) # SvcPriority (2 bytes) + the target name - buffer += convDom2Bin(req.full_domain) + getTypeBin("SVCB") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("SVCB") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## SvcPriority (0 means alias mode - RFC 9460) @@ -36,11 +37,11 @@ code = ''' # Send multiple random SVCB aliases (RFC 9460) for any domain name with attribute leaves # (domains prefixed with an underscore), up to 3 levels e.g., '_sub._service._proto.svalias...' # BEWARE: This could result in multiplication - offset = 1 # _a.svalias.10.dnslabtest.com + offset = 1 # _a.svalias.10.yourdomain.com if req.subdomains_lc[2].startswith("svalias"): - offset = 2 # _a._b.svalias.10.dnslabtest.com + offset = 2 # _a._b.svalias.10.yourdomain.com elif req.subdomains_lc[3].startswith("svalias"): - offset = 3 # _a._b._c.svalias.10.dnslabtest.com + offset = 3 # _a._b._c.svalias.10.yourdomain.com answers = int(req.subdomains[offset+1]) if req.subdomains[offset+1].isnumeric() else 3 ### DNS header ######## buffer = prep_dns_header(b'\x84\x00', req.QURR, answers, 0, 0) @@ -53,7 +54,8 @@ code = ''' dom = name_fuzz(resp.nfz) if hasattr(resp, "nfz") else random_chain(req.full_domain) bindom = convDom2Bin(dom) data_len = 2+len(bindom) # SvcPriority (2 bytes) + the target name - buffer += convDom2Bin(req.full_domain) + getTypeBin("SVCB") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("SVCB") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## SvcPriority (0 means alias mode - RFC 9460) diff --git a/modules/svchain.toml b/modules/svchain.toml index f65bf81..9b54c55 100644 --- a/modules/svchain.toml +++ b/modules/svchain.toml @@ -18,7 +18,8 @@ code = ''' # SVCB alias record bindom = convDom2Bin(new_domain_name) data_len = 2+len(bindom) # SvcPriority (2 bytes) + the target name - buffer += convDom2Bin(req.full_domain) + getTypeBin("SVCB") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("SVCB") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## SvcPriority (0 means alias mode - RFC 9460) @@ -39,7 +40,8 @@ code = ''' # SVCB alias record bindom = convDom2Bin(new_domain_name) data_len = 2+len(bindom) # SvcPriority (2 bytes) + the target name - buffer += convDom2Bin(req.full_domain) + getTypeBin("SVCB") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("SVCB") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## SvcPriority (0 means alias mode - RFC 9460) diff --git a/modules/svloop.toml b/modules/svloop.toml index 63cf3a6..39780db 100644 --- a/modules/svloop.toml +++ b/modules/svloop.toml @@ -11,7 +11,7 @@ if req.first_subdomain.startswith("svloop"): # Do an alias loop in a SVCB record (SvcPriority 0). if req.subdomains[1].isnumeric() and req.subdomains[2].isnumeric(): # we are already in a loop, e.g.: - # svloop.10.4.dnslabtest.com + # svloop.10.4.yourdomain.com max = int(req.subdomains[1]) cur = int(req.subdomains[2]) if cur >= max: @@ -24,7 +24,7 @@ if req.first_subdomain.startswith("svloop"): new_domain_name += "." + req.subdomains[i+3] elif req.subdomains[1].isnumeric(): # we are in beginning of a loop with a requested max value, e.g.: - # svloop.10.dnslabtest.com + # svloop.10.yourdomain.com max = int(req.subdomains[1]) if max < 1: max = 1 @@ -40,7 +40,8 @@ if req.first_subdomain.startswith("svloop"): if resp.noq: buffer += convDom2Bin(req.full_domain) + req.type_bin + req.class_bin ### ANSWER SECTION ######## data_len = 2+len(convDom2Bin(new_domain_name)) # SvcPriority (2 bytes) + the target name - buffer += convDom2Bin(req.full_domain) + getTypeBin("SVCB") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("SVCB") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## SvcPriority (0 means alias mode - RFC 9460) @@ -53,11 +54,11 @@ elif req.subdomains[0][0:1] == "_" and (req.subdomains_lc[1].startswith("svloop" # Do an alias loop in a SVCB record (SvcPriority 0) for any domain name with attribute leaves # (domains prefixed with an underscore), up to 3 levels e.g., '_sub._service._proto.svloop...' - offset=1 # _a.svloop.10.dnslabtest1.com + offset=1 # _a.svloop.10.yourdomain.com if req.subdomains_lc[2].startswith("svloop"): - offset = 2 # _a._b.svloop.10.dnslabtest1.com + offset = 2 # _a._b.svloop.10.yourdomain.com elif req.subdomains_lc[3].startswith("svloop"): - offset = 3 # _a._b._c.svloop.10.dnslabtest1.com + offset = 3 # _a._b._c.svloop.10.yourdomain.com new_domain_name = "" for i in range(offset+1): @@ -65,7 +66,7 @@ elif req.subdomains[0][0:1] == "_" and (req.subdomains_lc[1].startswith("svloop" if req.subdomains[offset+1].isnumeric() and req.subdomains[offset+2].isnumeric(): # we are already in a loop, e.g.: - # _abc.svloop.10.4.dnslabtest.com + # _abc.svloop.10.4.yourdomain.com max = int(req.subdomains[offset+1]) cur = int(req.subdomains[offset+2]) if cur >= max: @@ -78,7 +79,7 @@ elif req.subdomains[0][0:1] == "_" and (req.subdomains_lc[1].startswith("svloop" new_domain_name += "." + req.subdomains[i+3+offset] elif req.subdomains[offset+1].isnumeric(): # we are in the beginning of a loop with a requested max value, e.g.: - # _abc.svloop.10.dnslabtest.com + # _abc.svloop.10.yourdomain.com max = int(req.subdomains[offset+1]) if max < 1: max = 1 @@ -95,7 +96,8 @@ elif req.subdomains[0][0:1] == "_" and (req.subdomains_lc[1].startswith("svloop" if resp.noq: buffer += convDom2Bin(req.full_domain) + req.type_bin + req.class_bin ### ANSWER SECTION ######## data_len = 2+len(convDom2Bin(new_domain_name)) # SvcPriority (2 bytes) + the target name - buffer += convDom2Bin(req.full_domain) + getTypeBin("SVCB") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("SVCB") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", data_len) ## Data length buffer += struct.pack(">H", 0) ## SvcPriority (0 means alias mode - RFC 9460) diff --git a/polardns.py b/polardns.py index 5d90ddb..26654b3 100644 --- a/polardns.py +++ b/polardns.py @@ -15,7 +15,7 @@ import time import os -polardns_version = "1.3" +polardns_version = "1.4" ################################ @@ -35,8 +35,10 @@ debug = config['debug'] -globalttl = int(config['ttl']) -globalsleep = float(config['sleep']) +config_ttl = int(config['ttl']) +config_sleep = float(config['sleep']) +config_compression = int(config['compression']) +config_parse_edns0 = config['parse_edns0'] # a domain which is a 3rd party which we don't control a3rdparty_domain = config['a3rdparty_domain'] @@ -212,12 +214,15 @@ def convDom2Bin(x): delattr(resp, 'DOM_ALREADY_CONVERTED') return x if x == "": return b"\x00" - buff = b"" + parts = [] + append = parts.append # Local variable lookup is faster for y in x.split('.'): y = y.replace("", ".") - buff += bytes.fromhex(f'{len(y):02x}') - buff += bytes(y, "utf-8") - return (buff + b"\x00") + length = bytes([len(y)]) + append(length) + append(y.encode("utf-8")) + parts.append(b"\x00") + return b''.join(parts) ################################ # Function to convert data string to the binary form @@ -225,12 +230,14 @@ def convDom2Bin(x): # output : \x08somedata\x09something def convData2Bin(x): - buff = b"" + parts = [] + append = parts.append # Local variable lookup is faster for y in x.split('.'): y = y.replace("", ".") - buff += bytes.fromhex(f'{len(y):02x}') - buff += bytes(y, "utf-8") - return (buff) + length = bytes([len(y)]) + append(length) + append(y.encode("utf-8")) + return b''.join(parts) ################################ # Name fuzzer function (nfz) @@ -887,22 +894,28 @@ def send_buf(self, buffer, totallen = 0): print(" Orig length:", len(buffer)) if debug else True print("Custom length:", resp.len) if debug else True time.sleep(resp.sleep) + # UDP mode if proto == "udp": - self.wfile.write(buffer) - self.wfile.flush() - return - # TCP mode - we have to add length (2 bytes) in the beginning - if totallen == 0: - tocalc = len(buffer) # calculate length - else: - tocalc = totallen # override length - if resp.len != 0: - tocalc = resp.len # override length by added '.lenXXX.' in the domain name - newbuf = struct.pack(">H", tocalc) - newbuf += buffer + # If '.cutXXX.' modifier specified, cut the buffer from the end + newlen = len(buffer) - getattr(resp, 'cut', 0) + self.wfile.write(buffer[:max(newlen, 0)]) + self.wfile.flush() + return + + # TCP mode + + # In TCP mode, we need to prepend the packet with a 2-byte length field. + # The length can be determined by one of the following methods: + # - Overridden length specified by the '.lenXXX.' modifier in the domain name + # - Overridden length provided as a parameter to this function + # - Calculated from the buffer length if neither of the above is provided + tocalc = resp.len or totallen or len(buffer) + newbuf = struct.pack(">H", tocalc) + buffer try: - self.request.sendall(newbuf) + # If '.cutXXX.' modifier specified, cut the buffer from the end + newlen = len(newbuf) - getattr(resp, 'cut', 0) + self.request.sendall(newbuf[:max(newlen, 0)]) except: return(-1) @@ -1052,10 +1065,9 @@ def handle(self): # Process DNS packet def process_DNS(self, req): - if debug: - req.HEX = binascii.b2a_hex(req.RAW) - print("Request (RAW):", proto, req.RAW) - print("Request (HEX):", proto, req.HEX) + req.HEX = binascii.b2a_hex(req.RAW) if debug else True + print("Request (RAW):", proto, req.RAW) if debug else True + print("Request (HEX):", proto, req.HEX) if debug else True ################################## # Make a nice client IP/name string for logging on the console @@ -1078,15 +1090,15 @@ def process_DNS(self, req): req.ID = req.RAW[0:2] req.FLAGS = req.RAW[2:4] - req.QURR = int.from_bytes(req.RAW[4:6], "big") - req.ANRR = int.from_bytes(req.RAW[6:8], "big") - req.AURR = int.from_bytes(req.RAW[8:10], "big") - req.ADRR = int.from_bytes(req.RAW[10:12], "big") + req.QURR = int.from_bytes(req.RAW[4:6], 'big') + req.ANRR = int.from_bytes(req.RAW[6:8], 'big') + req.AURR = int.from_bytes(req.RAW[8:10], 'big') + req.ADRR = int.from_bytes(req.RAW[10:12], 'big') # decode the domain name in the question req.subdomains = [] # sOMeThINg whaTEVeR ANytHinG cOM req.subdomains_lc = [] # something whatever anything com - req.full_domain = "" # sOMeThINg.whaTEVeR.ANytHinG.cOM + req.full_domain = "" # sOMeThINg.whaTEVeR.ANytHinG.cOM offset = 12 try: while True: @@ -1116,11 +1128,11 @@ def process_DNS(self, req): req.first_subdomain = "" try: - req.type_bin = req.RAW[int(offset):int(offset)+2] + req.type_bin = req.RAW[offset:offset+2] req.type_int = struct.unpack(">H", req.type_bin)[0] req.type_str = getTypeName(req.type_int) - req.class_bin = req.RAW[int(offset)+2:int(offset)+4] + req.class_bin = req.RAW[offset+2:offset+4] req.class_int = struct.unpack(">H", req.class_bin)[0] req.class_str = getClassName(req.class_int) except: @@ -1131,7 +1143,48 @@ def process_DNS(self, req): print("Request from %s %s %s" % (req.info, req.type_str, req.full_domain)) if debug else True ############################################### - # 2. Extract SLD+TLD to see later if we are authoritative or not + # 2. Parse out also the EDNS0 and its OPT pseudo-section with dnssec flag and cookies + + if config_parse_edns0 and req.ADRR == 1: + offset += 4 + req.edns_opt_opt_client_cookie = b'' + req.edns_opt_opt_server_cookie = b'' + + # Extract EDNS0 fields + req.edns_opt_name = int.from_bytes(req.RAW[offset:offset+1], 'big') # 1 byte + req.edns_opt_type = int.from_bytes(req.RAW[offset+1:offset+3], 'big') # 2 bytes + req.edns_opt_size = int.from_bytes(req.RAW[offset+3:offset+5], 'big') # 2 bytes + req.edns_opt_rcode = int.from_bytes(req.RAW[offset+5:offset+6], 'big') # 1 byte + req.edns_opt_ver = int.from_bytes(req.RAW[offset+6:offset+7], 'big') # 1 byte + req.edns_opt_z = int.from_bytes(req.RAW[offset+7:offset+9], 'big') # 2 bytes + req.edns_opt_len = int.from_bytes(req.RAW[offset+9:offset+11], 'big') # 2 bytes + + # Ensure that there are enough bytes left for the next part of parsing + if len(req.RAW) < offset + 11 + req.edns_opt_len: + raise ValueError("Insufficient data in EDNS0 section") + + # Extract EDNS0 option fields + req.edns_opt_opt_code = int.from_bytes(req.RAW[offset+11:offset+13], 'big') # 2 bytes + req.edns_opt_opt_len = int.from_bytes(req.RAW[offset+13:offset+15], 'big') # 2 bytes + + req.edns_opt_z_do = req.edns_opt_z >> 15 # dnssec + + if req.edns_opt_opt_code == 10: # Check for DNS COOKIE option code + if req.edns_opt_opt_len >= 8: # Ensure the client cookie length is valid + # 8 bytes for the client cookie + req.edns_opt_opt_client_cookie = req.RAW[offset+15:offset+23] + if req.edns_opt_opt_len > 8: + # Remaining bytes for the server cookie + req.edns_opt_opt_server_cookie = req.RAW[offset+23:offset+23+(req.edns_opt_opt_len-8)] + else: + raise ValueError("Invalid client cookie length") + + print("client cookie:", req.edns_opt_opt_client_cookie.hex()) if debug else True + print("server cookie:", req.edns_opt_opt_server_cookie.hex()) if debug else True + print("dnssec:", req.edns_opt_z_do) if debug else True + + ############################################### + # 3. Extract SLD+TLD to see later if we are authoritative or not try: req.sld = req.subdomains_lc[int(len(req.subdomains_lc)-2)] # anything @@ -1158,17 +1211,21 @@ def process_DNS(self, req): # (!not the DNS header!, see qurr below) # tc - in UDP mode respond with truncated bit set so that the # client/server will retry with TCP + # fc - force compression + # nc - no compression # flgs - set custom flags, either in hex (0x????) or in decimal # (0-65535) or rand to generate random, e.g.: .flgsrand. # nfz - enable name fuzzer which can generate various illegal # and malformed domain names + # cut - cut N bytes from the end of the packet e.g.: .cut10. # qurr - set custom number of Questions in the DNS header # anrr - set custom number of Answer RRs in the DNS header # aurr - set custom number of Authority RRs in the DNS header # adrr - set custom number of Additional RRs in the DNS header - resp.sleep = globalsleep - resp.TTL = globalttl + resp.compress = config_compression + resp.sleep = config_sleep + resp.TTL = config_ttl resp.len = 0 resp.noq = req.QURR # number of questions resp.QURR = req.QURR # number of questions @@ -1256,6 +1313,19 @@ def process_DNS(self, req): addcustomlog("NFZ:" + str(resp.nfz)) resp.nfz_byte_iterator = 0 # to make sure we keep track of values from \x00 to \xff ####################### + elif label == "nc": # no compression + resp.compress = 0 + addcustomlog("NC") + ####################### + elif label == "fc": # force compression + resp.compress = 1 + addcustomlog("FC") + ####################### + elif label.startswith("cut"): # cut N bytes from the end of the packet + if label[3:].isnumeric(): + resp.cut = int(label[3:]) # how many bytes to cut + addcustomlog("CUT:" + str(resp.cut)) + ####################### # DO NOT REMOVE (additional modifiers) ####################### elif label == "tc" and proto == "udp": # request truncation @@ -1312,7 +1382,8 @@ def process_DNS(self, req): ### QUESTION SECTION ######## if resp.noq: buffer += convDom2Bin(req.full_domain) + req.type_bin + req.class_bin ### ANSWER SECTION ######## - buffer += convDom2Bin(req.full_domain) + req.type_bin + req.class_bin + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += req.type_bin + req.class_bin buffer += struct.pack(">L", resp.TTL) ## TTL # # ################################### # # if req.type_str == "A": @@ -1358,7 +1429,8 @@ def process_DNS(self, req): if resp.noq: buffer += convDom2Bin(req.full_domain) + req.type_bin + req.class_bin ### ANSWER SECTION ######## # A - buffer += convDom2Bin(req.full_domain) + getTypeBin("A") + getClassBin("IN") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("A") + getClassBin("IN") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", 4) ## Data length buffer += socket.inet_aton(ip) ## IP @@ -1375,7 +1447,8 @@ def process_DNS(self, req): if resp.noq: buffer += convDom2Bin(req.full_domain) + req.type_bin + req.class_bin ### ANSWER SECTION ######## # A - buffer += convDom2Bin(req.full_domain) + getTypeBin("TXT") + getClassBin("CH") + buffer += b'\xc0\x0c' if resp.compress else convDom2Bin(req.full_domain) + buffer += getTypeBin("TXT") + getClassBin("CH") buffer += struct.pack(">L", resp.TTL) ## TTL buffer += struct.pack(">H", len(v)+1) ## Data length buffer += convData2Bin(v.replace(".", "")) @@ -1425,11 +1498,23 @@ def add_modules_and_rerun(): # now, write each line of the module code with the correct indentation if mod_indent > desired_indent: torm = mod_indent-desired_indent - indented_fixed_code = '\n'.join([line[torm:] for line in mod_lines]) + fixed_code = '\n'.join([line[torm:] for line in mod_lines]) else: indent = desired_indent - mod_indent - indented_fixed_code = '\n'.join([' ' * indent + line for line in mod_lines]) - new_file.write(indented_fixed_code + '\n') + fixed_code = '\n'.join([' ' * indent + line for line in mod_lines]) + # optimize the printing of debug messages + if fixed_code.strip().endswith(" if debug else True"): + fixed_code = fixed_code.replace(" if debug else True", " # debug") # remove the debug conditions + if not debug: + indent = len(fixed_code) - len(fixed_code.lstrip()) + fixed_code = fixed_code[:indent] + "#" + fixed_code[indent:] # comment out the debug messages + new_file.write(fixed_code + '\n') + # optimize the printing of debug messages + elif line.strip().endswith(" if debug else True"): + line = line.replace(" if debug else True", " # debug") # remove the debug conditions + if not debug: + indent = len(line) - len(line.lstrip()) + line = line[:indent] + "#" + line[indent:] # comment out the debug messages new_file.write(line) # Replace the current process with the new script, passing all arguments diff --git a/polardns.toml b/polardns.toml index 9b1a9f3..a909af9 100644 --- a/polardns.toml +++ b/polardns.toml @@ -12,6 +12,12 @@ debug = 0 # default TTL ttl = 60 +# use compression by default (0 or 1) +compression = 1 + +# parse the EDNS(0) and its OPT pseudo-record (0 or 1) +parse_edns0 = 1 + # default latency (in ms) sleep = 0 diff --git a/test/test.sh b/test/test.sh index 4c2b845..5cd1080 100755 --- a/test/test.sh +++ b/test/test.sh @@ -6,6 +6,9 @@ timeout=1 nofail=0 +SED="sed" +if [ "`uname -s`" == "Darwin" ]; then SED="gsed"; fi + ################## domain="" @@ -32,19 +35,22 @@ rundig() { #tmpfile="/tmp/output.${d//[ +]/}.${target_ip}" dig ${d} @${target_ip} +tries=1 +timeout=${timeout} -p ${target_port} \ | grep -v '^; <<>> DiG \| WHEN: \| Query time: ' \ - | sed -e 's/, id: .*/, id: /;s/expected ID .*, got .*/expected ID , got /' \ - | sed -e 's/\x09\s*/ /g;s/\\000//g;s/\([^0-9]\)[0-9]\{6\}\([^0-9]\)/\1\2/' \ - | sed -e 's/rcvd: .*/rcvd: /;s/has [0-9]* extra bytes/has extra bytes/g' \ - | sed -e "s/${domain//\./\\.}//g;s/${domain%.*}//g" \ - | sed -E 's/(SRV\s*0\s*0\s*)[0-9]*\s*(_.*sr|sr|)(loop|chain|alias)/\1 \2\3/g' \ - | sed -E 's/(CNAME|DNAME|HTTPS|SVCB|SRV|MX)(.*)(\s|cn|dn|ht|sv|sr|mx)alias[0-9]*\./\1\2\3alias\./g' \ - | sed -e "s/#${target_port}/#53/g" \ - | sed -e "s/${target_ip}/127\.0\.0\.1/g" \ + | ${SED} -e 's/, id: .*/, id: /;s/expected ID .*, got .*/expected ID , got /' \ + | ${SED} -e 's/\x09\s*/ /g;s/\\000//g;s/\([^0-9]\)[0-9]\{6\}\([^0-9]\)/\1\2/' \ + | ${SED} -e 's/rcvd: .*/rcvd: /;s/has [0-9]* extra bytes/has extra bytes/g' \ + | ${SED} -e "s/${domain//\./\\.}//g;s/${domain%.*}//g" \ + | ${SED} -E 's/(SRV\s*0\s*0\s*)[0-9]*\s*(_.*sr|sr|)(loop|chain|alias)/\1 \2\3/g' \ + | ${SED} -E 's/(CNAME|DNAME|HTTPS|SVCB|SRV|MX)(.*)(\s|cn|dn|ht|sv|sr|mx)alias[0-9]*\./\1\2\3alias\./g' \ + | ${SED} -e '0,/^\([0-9a-f]\{2\} \)\{16\} /s/^\([0-9a-f]\{2\} \)\{2\}\(\([0-9a-f]\{2\} \)\{14\} *\)[^ ][^ ]/TX ID \2ID/1' \ + | ${SED} -e "s/#${target_port}/#53/g;s/${target_ip}/127\.0\.0\.1/g;s/^\(size.*127\.0\.0\.\).*$/\1/g" \ | md5sum | awk '{print $1}' #> "${tmpfile}" #echo hello | md5sum | awk '{print $1}' } +# | ${SED} -e "s/#${target_port}/#53/g" \ +# | ${SED} -e "s/${target_ip}/127\.0\.0\.1/g" \ + runddig() { d="$1" tmpfile="/tmp/output.${d//[ +]/}.${target_ip}.$$${RANDOM}" @@ -53,14 +59,14 @@ runddig() { echo dig ${d} @${target_ip} +tries=1 +timeout=${timeout} -p ${target_port} \ | grep -v '^; <<>> DiG \| WHEN: \| Query time: ' \ - | sed -e 's/, id: .*/, id: /;s/expected ID .*, got .*/expected ID , got /' \ - | sed -e 's/\x09\s*/ /g;s/\\000//g;s/\([^0-9]\)[0-9]\{6\}\([^0-9]\)/\1\2/' \ - | sed -e 's/rcvd: .*/rcvd: /;s/has [0-9]* extra bytes/has extra bytes/g' \ - | sed -e "s/${domain//\./\\.}//g;s/${domain%.*}//g" \ - | sed -E 's/(SRV\s*0\s*0\s*)[0-9]*\s*(_.*sr|sr|)(loop|chain|alias)/\1 \2\3/g' \ - | sed -E 's/(CNAME|DNAME|HTTPS|SVCB|SRV|MX)(.*)(\s|cn|dn|ht|sv|sr|mx)alias[0-9]*\./\1\2\3alias\./g' \ - | sed -e "s/#${target_port}/#53/g" \ - | sed -e "s/${target_ip}/127\.0\.0\.1/g" \ + | ${SED} -e 's/, id: .*/, id: /;s/expected ID .*, got .*/expected ID , got /' \ + | ${SED} -e 's/\x09\s*/ /g;s/\\000//g;s/\([^0-9]\)[0-9]\{6\}\([^0-9]\)/\1\2/' \ + | ${SED} -e 's/rcvd: .*/rcvd: /;s/has [0-9]* extra bytes/has extra bytes/g' \ + | ${SED} -e "s/${domain//\./\\.}//g;s/${domain%.*}//g" \ + | ${SED} -E 's/(SRV\s*0\s*0\s*)[0-9]*\s*(_.*sr|sr|)(loop|chain|alias)/\1 \2\3/g' \ + | ${SED} -E 's/(CNAME|DNAME|HTTPS|SVCB|SRV|MX)(.*)(\s|cn|dn|ht|sv|sr|mx)alias[0-9]*\./\1\2\3alias\./g' \ + | ${SED} -e '0,/^\([0-9a-f]\{2\} \)\{16\} /s/^\([0-9a-f]\{2\} \)\{2\}\(\([0-9a-f]\{2\} \)\{14\} *\)[^ ][^ ]/TX ID \2ID/1' \ + | ${SED} -e "s/#${target_port}/#53/g;s/${target_ip}/127\.0\.0\.1/g;s/^\(size.*127\.0\.0\.\).*$/\1/g" \ > "${tmpfile}" sum="`md5sum "${tmpfile}" | awk '{print $1}'`" cat "${tmpfile}" @@ -115,6 +121,19 @@ fi ################################################################# +# size.toml +runtest "size.512.fc.${domain}" "50098dd38cfb8761d83896d6502dae16" +runtest "size.512.nc.${domain}" "f3d0fdca5f1dff0ce02b4cf57dea4871" +runtest "size.512.tc.fc.${domain}" "ee8d916f05fad25b8f42b82b18d618a4" +runtest "size.512.tc.nc.${domain}" "b1113d8320c7fda9ea19e2c6a77695b5" +runtest "+tcp size.512.fc.${domain}" "a5da9bf289ddd4d8f9ceec461359c64a" +runtest "+tcp size.512.nc.${domain}" "aebdf9d41d3344a4224ba93b2a4e6895" +runtest "size.8192.fc.${domain}" "737ee4ba3d9f8fc5c519940108bfc32d" +runtest "size.8192.nc.${domain}" "8138041dbafca83364d92f96ee33ef9e" +runtest "size.8192.tc.fc.${domain}" "62a4d6930f3273b99bc6d41269f9706c" +runtest "size.8192.tc.nc.${domain}" "f993050508db38a6bab53d01ee77fda3" +runtest "+tcp size.8192.fc.${domain}" "5ade67f3add2834f15a270629bd33482" +runtest "+tcp size.8192.nc.${domain}" "e61c7ce72d4106edea72963d9581558a" # chain.toml runtest "chain.${domain}" "b3ebf5cb6696ea175cd3659eda349a55" @@ -429,6 +448,17 @@ runtest "DNAME alias.40.nfz45.20.${domain}" "e9bf3304b6728d362476059437627284" runtest "DNAME alias.40.nfz46.20.${domain}" "c4bd1c08d01ae7e23206e09a49f5d1dc" runtest "DNAME alias.40.nfz47.20.${domain}" "95afc81bb25340dffd9b458cbe7da1a4" +# cut N bytes +runtest "size.128.fc.cut.${domain}" "171958d9a027ce6c9d11c22a76680cb5" +runtest "size.128.fc.cut00.${domain}" "9a0d0f2eeda7f748cfd0e76b4ae6499e" +runtest "size.128.fc.cut16.${domain}" "2f06edc7d54959770d94b1331b93bdd5" +runtest "size.128.fc.tc.cut.${domain}" "ea1e6e9cdb19728eb4a082fa12d61932" +runtest "size.128.fc.tc.cut00.${domain}" "3b461baab3e480b062bcc1c3abe8227d" +runtest "size.128.fc.tc.cut16.${domain}" "1a57f4350cd9f474b73f69e8ac2747da" +runtest "+tcp size.128.fc.cut.${domain}" "c88223a21889afa9b6ddadbb98a9eefe" +runtest "+tcp size.128.fc.cut00.${domain}" "95c5ef17c8e1bd55b6d57785d515778f" +runtest "+tcp size.128.fc.cut16.${domain}" "4b48cbdf251de563f97af298ba5bfbc8" + # other runtest "queryback2.${domain}" "8e7424518528278533bc12ecc7cbabff" runtest "cgena.1.${domain}" "8bee2a94ebe12cee620a8bfa18169b1d" @@ -534,6 +564,10 @@ runtest "cutcnamebuf.10.tc.${domain}" "1a57f4350cd9f474b73f69e8ac2747da" runtest "+tcp cutcnamebuf.${domain}" "3391c415e63a1b364e01168cf9bcd888" runtest "+tcp cutcnamebuf.0.${domain}" "d97834bade1cb9417c8937627159b1d2" runtest "+tcp cutcnamebuf.10.${domain}" "4b48cbdf251de563f97af298ba5bfbc8" +runtest "afuzz1.0.${domain}" "1b9eacfdd5d3369dacdf41bfe7e0cf06" +runtest "afuzz1.255.${domain}" "83ae4fc80a1f49fc6231f82af9d9d1a6" +runtest "afuzz2.256.${domain}" "99524469d286502fcd99f2a8c3a2f193" +# # # # runtest "inj01.tc.${domain}" "a29cc934856dcc568da68bb883451fbc" runtest "inj02.tc.${domain}" "8dded217217ecd74d9c8afed1a9a1037" runtest "inj03.tc.${domain}" "e2577aada658eb27a78cfc2875302f53" @@ -560,18 +594,32 @@ runtest "inj10.3rdparty.tc.${domain}" "22b93be23a94eb77862983b009f3c153" runtest "inj11.3rdparty.tc.${domain}" "53b6c2e48331358ab1b9891ec53d3329" runtest "inj12.3rdparty.tc.${domain}" "7d73225e018522ddf805a715b1e693fd" runtest "inj13.3rdparty.tc.${domain}" "b0a2dca9e5e845ab8bde4e713cb9af9b" -runtest "inj01.qurr0.noq.tc.${domain}" "d9c8a1a3ccee8f0c92b0581ddf24a02d" -runtest "inj02.qurr0.noq.tc.${domain}" "451eb6317f3d7d2d351ea0c0c2c0ba52" -runtest "inj03.qurr0.noq.tc.${domain}" "e030f7107df780ea06e136b8e048eb4a" -runtest "inj04.qurr0.noq.tc.${domain}" "06e19d90474a9eabbbe48e45732071ce" -runtest "inj05.qurr0.noq.tc.${domain}" "aa9a58181537b32e5473e4838cbfd3f9" -runtest "inj06.qurr0.noq.tc.${domain}" "e78f2dbd75da24341baa2ad00e521b04" -runtest "inj07.qurr0.noq.tc.${domain}" "0a3aaa2f9c95b9e3f44e04b03f5f66e1" -runtest "inj08.qurr0.noq.tc.${domain}" "f309caf7c79a05b8df3b467f91657b34" -runtest "inj09.qurr0.noq.tc.${domain}" "f390d384f3d765e3ec2760464cd7a28d" -runtest "inj11.qurr0.noq.tc.${domain}" "db9e8cff53a0a336229578502105be23" -runtest "inj12.qurr0.noq.tc.${domain}" "ab6c7d1df67a85af42764ef297fbc42a" -runtest "inj13.qurr0.noq.tc.${domain}" "9b01adf33a06759344dfed64c6a80536" +# # # # +runtest "inj01.qurr0.noq.tc.nc.${domain}" "6fed768669f36d592fbf2c242fbdf621" +runtest "inj02.qurr0.noq.tc.nc.${domain}" "ac024fab4966618caa57da2824782902" +runtest "inj03.qurr0.noq.tc.nc.${domain}" "1ea9eccb942f55b7bcf97463efd3a6bc" +runtest "inj04.qurr0.noq.tc.nc.${domain}" "61606886466cadadd574a1c55c284f5c" +runtest "inj05.qurr0.noq.tc.nc.${domain}" "7c9083464669fbe02dd43c51d4d53c7d" +runtest "inj06.qurr0.noq.tc.nc.${domain}" "623638e8508800616d40be63adf1c3aa" +runtest "inj07.qurr0.noq.tc.nc.${domain}" "0a3aaa2f9c95b9e3f44e04b03f5f66e1" +runtest "inj08.qurr0.noq.tc.nc.${domain}" "f309caf7c79a05b8df3b467f91657b34" +runtest "inj09.qurr0.noq.tc.nc.${domain}" "f390d384f3d765e3ec2760464cd7a28d" +runtest "inj11.qurr0.noq.tc.nc.${domain}" "db9e8cff53a0a336229578502105be23" +runtest "inj12.qurr0.noq.tc.nc.${domain}" "ab6c7d1df67a85af42764ef297fbc42a" +runtest "inj13.qurr0.noq.tc.nc.${domain}" "8ab5daa230b7e0bb2770969fbbaa604c" +runtest "inj01.qurr0.noq.tc.fc.${domain}" "0f3c5cd291dd23977a02fe626db8934f" +runtest "inj02.qurr0.noq.tc.fc.${domain}" "7f58a7b4e802b79b405dec79136bf002" +runtest "inj03.qurr0.noq.tc.fc.${domain}" "712abccafa3ec27d402d250bbc1ec79c" +runtest "inj04.qurr0.noq.tc.fc.${domain}" "ff6f233f80c51ebaacc695d666c7fc29" +runtest "inj05.qurr0.noq.tc.fc.${domain}" "62cb2ac55101b60d22033fd76aa7233b" +runtest "inj06.qurr0.noq.tc.fc.${domain}" "c561be7967da0a9baccba59fa96d189e" +runtest "inj07.qurr0.noq.tc.fc.${domain}" "0a3aaa2f9c95b9e3f44e04b03f5f66e1" +runtest "inj08.qurr0.noq.tc.fc.${domain}" "f309caf7c79a05b8df3b467f91657b34" +runtest "inj09.qurr0.noq.tc.fc.${domain}" "f390d384f3d765e3ec2760464cd7a28d" +runtest "inj11.qurr0.noq.tc.fc.${domain}" "db9e8cff53a0a336229578502105be23" +runtest "inj12.qurr0.noq.tc.fc.${domain}" "ab6c7d1df67a85af42764ef297fbc42a" +runtest "inj13.qurr0.noq.tc.fc.${domain}" "56befe56a6299daea4ef503e148886c2" +# # # # runtest "always123.anrr0.tc.${domain}" "c1c7e444332837238ff7d2d3db344529" runtest "always123.aurr0.tc.${domain}" "7e97fb63c9bd088434bd47fc3aac36f3" runtest "always123.adrr0.tc.${domain}" "dc23653983824427f7df9f5652e30bed" @@ -581,9 +629,11 @@ runtest "always123.adrr3.tc.${domain}" "99212d7b97eab8c72655497118ad90cf" runtest "always123.ttl12345.tc.${domain}" "4107a0d099cae52754b44943bfd00aa4" runtest "always123.ttl9999999.tc.${domain}" "8b1e49e99419aeecf05774d113da3820" runtest "always123.tc.tc.${domain}" "060fa3509cdc905d3fa9b9871040432c" -runtest "always123.noq.tc.${domain}" "256994002e33d16b131b6fa00e507058" +runtest "always123.noq.tc.nc.${domain}" "0f49ff8926e81f6f3042e1c85138e693" +runtest "always123.noq.tc.fc.${domain}" "c2e3374dd06bb58ada865a369c6ebcb0" runtest "always123.qurr0.tc.${domain}" "2356e3488a2471e1a09fa0078d6a03fa" -runtest "always123.qurr0.noq.tc.${domain}" "26c96aed349acc5817b5b009a79cc221" +runtest "always123.qurr0.noq.tc.nc.${domain}" "2768c5ae22fc39f8a9c8606375c521b5" +runtest "always123.qurr0.noq.tc.fc.${domain}" "a25a62adb7da068fb27cbc34a224070a" runtest "always123.qurr3.tc.${domain}" "96eab67b98b8088d1988d500c9d6cc08" runtest "+tcp ${domain} NS" "224e91e1e6dc0c8e3e23d2cd29213431" runtest "+tcp ${domain} TXT" "f643f5aa8fdfa6ba99ad580a982f07c5" @@ -617,18 +667,32 @@ runtest "+tcp inj10.3rdparty.${domain}" "084ae536e9d6616f458a7671fc31a4cc" runtest "+tcp inj11.3rdparty.${domain}" "62a80f3b7626790e88ffb8d66e614343" runtest "+tcp inj12.3rdparty.${domain}" "4d804e1cbbc067849fe1829d9ffa01e5" runtest "+tcp inj13.3rdparty.${domain}" "7ac254e9138f06bf83bf659d1f7a50d4" -runtest "+tcp inj01.qurr0.noq.${domain}" "8debe9566621d0eac9f300e9913430b5" -runtest "+tcp inj02.qurr0.noq.${domain}" "815468012a7fdcbf6e76da619e2f4412" -runtest "+tcp inj03.qurr0.noq.${domain}" "b9adbaa61550c8cab8f63f40b3af693b" -runtest "+tcp inj04.qurr0.noq.${domain}" "ef7f08bc2d79d5783916f80b6d15f7bc" -runtest "+tcp inj05.qurr0.noq.${domain}" "92e64499a2bd10d8ea1fb02abfd58469" -runtest "+tcp inj06.qurr0.noq.${domain}" "0cc3812119c1b593bb479b9593ebadb1" -runtest "+tcp inj07.qurr0.noq.${domain}" "98e6bbeb073c26a341a15defa6bde1cd" -runtest "+tcp inj08.qurr0.noq.${domain}" "5f85588fe30fdb6176f25fe650d6c91b" -runtest "+tcp inj09.qurr0.noq.${domain}" "871ceb93b0c67fb363f79db0101d43f4" -runtest "+tcp inj11.qurr0.noq.${domain}" "91897765b2e88857600566ff51e7d99a" -runtest "+tcp inj12.qurr0.noq.${domain}" "a35a6acd73b4b42828f116e575d5f85d" -runtest "+tcp inj13.qurr0.noq.${domain}" "6e74e4348755e5832d6dde8e682aec22" +# # # # +runtest "+tcp inj01.qurr0.noq.nc.${domain}" "1eebf5066aef36071b66ab969e4a5231" +runtest "+tcp inj02.qurr0.noq.nc.${domain}" "2b7ef8e2cf2ca5cfa86f8cbb2d893620" +runtest "+tcp inj03.qurr0.noq.nc.${domain}" "cb0170fb15130a8d1def2b92103a787c" +runtest "+tcp inj04.qurr0.noq.nc.${domain}" "eaf59dc7ec7295e707891aae6d285b35" +runtest "+tcp inj05.qurr0.noq.nc.${domain}" "4ca86de4a4e863bc57917ca2a6a2f176" +runtest "+tcp inj06.qurr0.noq.nc.${domain}" "23796206804ab3cd23efe4958fea1055" +runtest "+tcp inj07.qurr0.noq.nc.${domain}" "98e6bbeb073c26a341a15defa6bde1cd" +runtest "+tcp inj08.qurr0.noq.nc.${domain}" "5f85588fe30fdb6176f25fe650d6c91b" +runtest "+tcp inj09.qurr0.noq.nc.${domain}" "871ceb93b0c67fb363f79db0101d43f4" +runtest "+tcp inj11.qurr0.noq.nc.${domain}" "91897765b2e88857600566ff51e7d99a" +runtest "+tcp inj12.qurr0.noq.nc.${domain}" "a35a6acd73b4b42828f116e575d5f85d" +runtest "+tcp inj13.qurr0.noq.nc.${domain}" "bfe6cfb104eb7d9204b6ace932ef1438" +runtest "+tcp inj01.qurr0.noq.fc.${domain}" "226c0aa61d1b3ef573fdb8a0ba0366e2" +runtest "+tcp inj02.qurr0.noq.fc.${domain}" "a602425dd5131951f1fb79ccc67267c1" +runtest "+tcp inj03.qurr0.noq.fc.${domain}" "419bbce2bc4cb565e2d975d8c5a0f1b8" +runtest "+tcp inj04.qurr0.noq.fc.${domain}" "f5122e395ffa0d0477d4c4c61f475a1c" +runtest "+tcp inj05.qurr0.noq.fc.${domain}" "b7c7e2e6f2fb37873bd0e8ab57fbf283" +runtest "+tcp inj06.qurr0.noq.fc.${domain}" "0143273ea9b82dd8ca0dc184be2d82b4" +runtest "+tcp inj07.qurr0.noq.fc.${domain}" "98e6bbeb073c26a341a15defa6bde1cd" +runtest "+tcp inj08.qurr0.noq.fc.${domain}" "5f85588fe30fdb6176f25fe650d6c91b" +runtest "+tcp inj09.qurr0.noq.fc.${domain}" "871ceb93b0c67fb363f79db0101d43f4" +runtest "+tcp inj11.qurr0.noq.fc.${domain}" "91897765b2e88857600566ff51e7d99a" +runtest "+tcp inj12.qurr0.noq.fc.${domain}" "a35a6acd73b4b42828f116e575d5f85d" +runtest "+tcp inj13.qurr0.noq.fc.${domain}" "bdf895bdbbf525e2a1313a86637ee5b7" +# # # # runtest "+tcp always123.anrr0.${domain}" "915929e8021b1c7149df6a1155f0172c" runtest "+tcp always123.aurr0.${domain}" "2ee5ab659d501038f3e6350cc1e63672" runtest "+tcp always123.adrr0.${domain}" "c3aa0007485f8ad7b3590f16f1158dbe" @@ -638,9 +702,11 @@ runtest "+tcp always123.adrr3.${domain}" "d28b88f1e8655a0373676dd5e4d487ea" runtest "+tcp always123.ttl12345.${domain}" "f628e256fee2ca5d6d9b7df9ce61fe29" runtest "+tcp always123.ttl9999999.${domain}" "c394c71bd97e37cdb1f015534880984f" runtest "+tcp always123.tc.${domain}" "63458d2a1a0eae1ec1d5e9a1868899fa" -runtest "+tcp always123.noq.${domain}" "93f308e0452d91bb1d6f244b6ab5af41" +runtest "+tcp always123.noq.nc.${domain}" "16ded54209ab43b1603ab9ce3639e9e9" +runtest "+tcp always123.noq.fc.${domain}" "7c3e82930e3705dec134293b4c877134" runtest "+tcp always123.qurr0.${domain}" "9b38b6e234a9c00111931ac2ca9dc9c6" -runtest "+tcp always123.qurr0.noq.${domain}" "0ae017c36585fc19e56b3d6ce2ac55b7" +runtest "+tcp always123.qurr0.noq.nc.${domain}" "3ae0c3f9d05772825a8bb1707737f0d7" +runtest "+tcp always123.qurr0.noq.fc.${domain}" "ff131325546ed21029a91e8fad2326a6" runtest "+tcp always123.qurr3.${domain}" "9266464bba77416ee71a9827733cc2ec" runtest "${domain} NS" "cbde4fca020a9345459731a0149cc5b1" runtest "${domain} TXT" "816d9b4b8d039df11b0d9b3414effff6" @@ -672,18 +738,32 @@ runtest "inj10.3rdparty.${domain}" "bac92107dbbf578db8819846dc44aa49" runtest "inj11.3rdparty.${domain}" "78303af166dd327491b8c625fc10e12b" runtest "inj12.3rdparty.${domain}" "678d501b9e703bed8c3bc6367908d34a" runtest "inj13.3rdparty.${domain}" "f06cccdedfd1515fdf8842c0a8c945f3" -runtest "inj01.qurr0.noq.${domain}" "320a2e69ff5f589b96f1f8c9e69ff4e4" -runtest "inj02.qurr0.noq.${domain}" "b56ba3b199c2b0fe2d270b813421e3b2" -runtest "inj03.qurr0.noq.${domain}" "f8e347dd6d51b19f957ea37ca325187b" -runtest "inj04.qurr0.noq.${domain}" "cbefe876f734fc84f400634ee8ccfe39" -runtest "inj05.qurr0.noq.${domain}" "3f1ffb6c5d890e05afa207b88f6eedb2" -runtest "inj06.qurr0.noq.${domain}" "8a0ded4baae6d29ed342a3bfbbf8815d" -runtest "inj07.qurr0.noq.${domain}" "d3027e9f2ca8cd3930e652d9271587e9" -runtest "inj08.qurr0.noq.${domain}" "5ef5c48bedfb8d3c391acf87414af6c6" -runtest "inj09.qurr0.noq.${domain}" "4e1128767bb94dfae344ed91c95ce106" -runtest "inj11.qurr0.noq.${domain}" "84e2f24e1d4e724933d31762957e6738" -runtest "inj12.qurr0.noq.${domain}" "c0ce1c2d42acfe4685827ffe6f8ca780" -runtest "inj13.qurr0.noq.${domain}" "7b8239157b8d9603fb05171308f7c149" +# # # # +runtest "inj01.qurr0.noq.nc.${domain}" "7dae3b266019235d5c9484e02eb1d968" +runtest "inj02.qurr0.noq.nc.${domain}" "058b33538d45378f440a23a3efe54af5" +runtest "inj03.qurr0.noq.nc.${domain}" "409e1c66e332f0df03485ea7197cae9d" +runtest "inj04.qurr0.noq.nc.${domain}" "bb46bf8b70a09e37df726b53c170cee1" +runtest "inj05.qurr0.noq.nc.${domain}" "e9ac07a5d53eecbfc70a21f3e9bd84c4" +runtest "inj06.qurr0.noq.nc.${domain}" "c971f8758eded87bbb7c7ba35b7770f3" +runtest "inj07.qurr0.noq.nc.${domain}" "d3027e9f2ca8cd3930e652d9271587e9" +runtest "inj08.qurr0.noq.nc.${domain}" "5ef5c48bedfb8d3c391acf87414af6c6" +runtest "inj09.qurr0.noq.nc.${domain}" "4e1128767bb94dfae344ed91c95ce106" +runtest "inj11.qurr0.noq.nc.${domain}" "84e2f24e1d4e724933d31762957e6738" +runtest "inj12.qurr0.noq.nc.${domain}" "c0ce1c2d42acfe4685827ffe6f8ca780" +runtest "inj13.qurr0.noq.nc.${domain}" "ec90b1cfacbee913a0ef4aaf2808242b" +runtest "inj01.qurr0.noq.fc.${domain}" "226c0aa61d1b3ef573fdb8a0ba0366e2" +runtest "inj02.qurr0.noq.fc.${domain}" "f75a9f8bc2f99a091a67debe2946165f" +runtest "inj03.qurr0.noq.fc.${domain}" "419bbce2bc4cb565e2d975d8c5a0f1b8" +runtest "inj04.qurr0.noq.fc.${domain}" "7baa099013f2acd9e8e32d54418560ff" +runtest "inj05.qurr0.noq.fc.${domain}" "b7c7e2e6f2fb37873bd0e8ab57fbf283" +runtest "inj06.qurr0.noq.fc.${domain}" "0143273ea9b82dd8ca0dc184be2d82b4" +runtest "inj07.qurr0.noq.fc.${domain}" "d3027e9f2ca8cd3930e652d9271587e9" +runtest "inj08.qurr0.noq.fc.${domain}" "5ef5c48bedfb8d3c391acf87414af6c6" +runtest "inj09.qurr0.noq.fc.${domain}" "4e1128767bb94dfae344ed91c95ce106" +runtest "inj11.qurr0.noq.fc.${domain}" "84e2f24e1d4e724933d31762957e6738" +runtest "inj12.qurr0.noq.fc.${domain}" "c0ce1c2d42acfe4685827ffe6f8ca780" +runtest "inj13.qurr0.noq.fc.${domain}" "bdf895bdbbf525e2a1313a86637ee5b7" +# # # # runtest "always123.anrr0.${domain}" "6470758a399e59687d3e5039f00e10f8" runtest "always123.aurr0.${domain}" "6a6998d796be2261b69e822718151b90" runtest "always123.adrr0.${domain}" "bef379722872594dafb295a876a3faea" @@ -693,9 +773,11 @@ runtest "always123.adrr3.${domain}" "b9604796e48567d0b66374512b207c52" runtest "always123.ttl12345.${domain}" "04496562e6fe0159d7a9af961736b8f5" runtest "always123.ttl9999999.${domain}" "f0d35809e65755f7c78091a8f8b59786" runtest "always123.tc.${domain}" "0bd1f149a63b6c7ebaa90fe954c5836d" -runtest "always123.noq.${domain}" "0218131c8635ba393a74ebec112d9f8c" +runtest "always123.noq.nc.${domain}" "ce15ab878cdb38fd0e7aeab8e1bc30f9" +runtest "always123.noq.fc.${domain}" "7c3e82930e3705dec134293b4c877134" runtest "always123.qurr0.${domain}" "fd496813bed57eeee013bc859b6f32d8" -runtest "always123.qurr0.noq.${domain}" "9f1491ebd4dbdda8cc0c6d71b679bc3b" +runtest "always123.qurr0.noq.nc.${domain}" "5ecdbf46c0ac8ecba48e0ea42948c4c0" +runtest "always123.qurr0.noq.fc.${domain}" "ff131325546ed21029a91e8fad2326a6" runtest "always123.qurr3.${domain}" "16477486e5f45f4db023d40f742206ea" runtest "always123.newid.${domain}" "fb41ffb8a1d54f86d65748bc0df1e135" runtest "inj01.addq.${domain}" "ad1c5ade6c80c4cd70afdc4ba58be6d2" @@ -759,7 +841,6 @@ runtest "empty5.10.${domain}" "ba9e8265f80bdb05878c8fa41ffa1ad9" runtest "empty6.${domain}" "19b5f56687b167e29c5056f89cfd7cb9" runtest "chunkedcnames.20.slp10.${domain}" "790d58da7fc632d5dfe0144e83e6c10a" - echo echo "TESTS: ${testcount}" echo " PASS: ${passcount}"