Sign in to follow this  
Followers 0
AdamusTorK

DNS Message Generation

6 posts in this topic

#1 ·  Posted (edited)

Hi

This could be a funny stuff for some of you but I need this for something else, not joking :)

I would like to ask if any of you know/have an AutoIt/or close to it/ code to:

receive, check, modify in case and forward the DNS UDP/TCP messages?

(I would appreciate any help.)

What I mean?

You type in "autoit" then your browsers would like to turn to your ISP's DNS Servers, but instead it turns to your own dns "server" which actually switch "autotit" to "www.autoitscript.com" and get the info from your ISP's DNS Servers and forward to your browsers, modified or logged or just as its came.

I've already tried to sniff some message with AutoIt3 & UDPRecv @ Port 53, but I'm getting hexa codes/addresses with special characters on the UDP channel, and I've no idea about the "special" character when TCP comes into the game, so it wasn't working, so I'm here and I need some help beacuse my eyes asking me to stop calling Google my friend, or its only me asking the wrong question ;)

Thanks

Edit (For those who care):

2008.03.10. - Got this link today, but I'm drunk so whatever: http://www.netfor2.com/dns.htm

Edited by AdamusTorK

[quote name='PsaltyDS']so what is your ilegitimate purpose here?[/quote]

Share this post


Link to post
Share on other sites



Hi

This could be a funny stuff for some of you but I need this for something else, not joking ;)

I would like to ask if any of you know/have an AutoIt/or close to it/ code to:

receive, check, modify in case and forward the DNS UDP/TCP messages?

(I would appreciate any help.)

What I mean?

You type in "autoit" then your browsers would like to turn to your ISP's DNS Servers, but instead it turns to your own dns "server" which actually switch "autotit" to "www.autoitscript.com" and get the info from your ISP's DNS Servers and forward to your browsers, modified or logged or just as its came.

I've already tried to sniff some message with AutoIt3 & UDPRecv @ Port 53, but I'm getting hexa codes/addresses with special characters on the UDP channel, and I've no idea about the "special" character when TCP comes into the game, so it wasn't working, so I'm here and I need some help beacuse my eyes asking me to stop calling Google my friend, or its only me asking the wrong question :D

Thanks

And who do intend to force your DNS-redirection hack on? What will you log from it, bank account numbers, online usernames and passwords? Legitimate DNS forwarders already have logging built in, so what is your ilegitimate purpose here?

:)


Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

And who do intend to force your DNS-redirection hack on? What will you log from it, bank account numbers, online usernames and passwords? Legitimate DNS forwarders already have logging built in, so what is your ilegitimate purpose here?

:)

Is there a label on my head saying "nub hacker", or could you please just see "nub wannabe programmer". Actually I dont really care about ilegitimate stuffs, so pls stay at the idea of shorter addresses.

CODE
;http://www.ietf.org/rfc/rfc1035.txt

UDPStartUp()

$socket = UDPBind("127.0.0.1", 53) ; Primary DNS Server set to this address

If @error <> 0 Then Exit

While 1

;Receive DNS Requests

While 1

$in = UDPRecv($socket, 512)

If $in <> "" Then ExitLoop

WEnd

;Send DNS Request

$SendSocket= UDPOpen("192.168.0.1", 53) ; main comp on lan

$Send=UDPSend($sendsocket,$in)

If NOT $Send Then MsgBox(0,"Error","Couldn't send DNS Request")

;Receive DNS Info

For $i=1 To 10000

$data = UDPRecv($SendSocket, 512)

If $data <> "" Then ExitLoop

Next

UDPCloseSocket($SendSocket)

;Reply DNS Info

$Send=UDPSend($socket,$data)

If NOT $Send Then MsgBox(0,"Error","Couldn't reply DNS Request")

WEnd

Func OnAutoItExit()

UDPCloseSocket($socket)

UDPCloseSocket($SendSocket)

UDPShutdown()

EndFunc

This works for now, but I need to convert the "0xFB3801000...." back to "apachefriends.org".

Finally found a source code here. Could use some help to have it in AutoIt3

Edited by AdamusTorK

[quote name='PsaltyDS']so what is your ilegitimate purpose here?[/quote]

Share this post


Link to post
Share on other sites

So, here is a code in cpp. I was "really good" in C at the University, but this code makes my head blowing up.

Could someone help me if this:

CODE
struct DNS_HEADER {

unsigned short id; // identification number

unsigned char rd :1; // recursion desired

unsigned char tc :1; // truncated message

unsigned char aa :1; // authoritive answer

unsigned char opcode :4; // purpose of message

unsigned char qr :1; // query/response flag

unsigned char rcode :4; // response code

unsigned char cd :1; // checking disabled

unsigned char ad :1; // authenticated data

unsigned char z :1; // its z! reserved

unsigned char ra :1; // recursion available

unsigned short q_count; // number of question entries

unsigned short ans_count; // number of answer entries

unsigned short auth_count; // number of authority entries

unsigned short add_count; // number of resource entries

};

...could be done with DLLStruct, then what would be the Function "htons()" in AutoIt3? :)

PS: I would need it for myself and for anyone else who needs it, and I seriously doubt that any1 could retreive passwords with a single dns forward of "autoit" -> "www.autoitscript.com" and etc, and those of manage to do it might have glorious pleasure of cracking someone else's stuff, but as I said, I don't want to hack my own computer, so please help me.

ty


[quote name='PsaltyDS']so what is your ilegitimate purpose here?[/quote]

Share this post


Link to post
Share on other sites

Share this post


Link to post
Share on other sites

Why don't you keep life simple

Actually I'm using firefox and have bookmarks for everything, but if life was simple, i would have bored it already.

Wouldn't be it fun create something on a "not easy" way? :)

However, now I have other things to do, but thanks for asking ;)


[quote name='PsaltyDS']so what is your ilegitimate purpose here?[/quote]

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0