DNS Message Generation

[AdamusTorK]

Hi

This could be a funny stuff for some of you but I need this for something else, not joking

I would like to ask if any of you know/have an AutoIt/or close to it/ code to:

receive, check, modify in case and forward the DNS UDP/TCP messages?

(I would appreciate any help.)

What I mean?

You type in "autoit" then your browsers would like to turn to your ISP's DNS Servers, but instead it turns to your own dns "server" which actually switch "autotit" to "www.autoitscript.com" and get the info from your ISP's DNS Servers and forward to your browsers, modified or logged or just as its came.

I've already tried to sniff some message with AutoIt3 & UDPRecv @ Port 53, but I'm getting hexa codes/addresses with special characters on the UDP channel, and I've no idea about the "special" character when TCP comes into the game, so it wasn't working, so I'm here and I need some help beacuse my eyes asking me to stop calling Google my friend, or its only me asking the wrong question

Thanks

Edit (For those who care):

2008.03.10. - Got this link today, but I'm drunk so whatever: http://www.netfor2.com/dns.htm

Edited March 10, 2008 by AdamusTorK

[PsaltyDS]

Hi

This could be a funny stuff for some of you but I need this for something else, not joking

I would like to ask if any of you know/have an AutoIt/or close to it/ code to:

receive, check, modify in case and forward the DNS UDP/TCP messages?

(I would appreciate any help.)

What I mean?

You type in "autoit" then your browsers would like to turn to your ISP's DNS Servers, but instead it turns to your own dns "server" which actually switch "autotit" to "www.autoitscript.com" and get the info from your ISP's DNS Servers and forward to your browsers, modified or logged or just as its came.

I've already tried to sniff some message with AutoIt3 & UDPRecv @ Port 53, but I'm getting hexa codes/addresses with special characters on the UDP channel, and I've no idea about the "special" character when TCP comes into the game, so it wasn't working, so I'm here and I need some help beacuse my eyes asking me to stop calling Google my friend, or its only me asking the wrong question

Thanks

And who do intend to force your DNS-redirection hack on? What will you log from it, bank account numbers, online usernames and passwords? Legitimate DNS forwarders already have logging built in, so what is your ilegitimate purpose here?

[AdamusTorK]

And who do intend to force your DNS-redirection hack on? What will you log from it, bank account numbers, online usernames and passwords? Legitimate DNS forwarders already have logging built in, so what is your ilegitimate purpose here?

Is there a label on my head saying "nub hacker", or could you please just see "nub wannabe programmer". Actually I dont really care about ilegitimate stuffs, so pls stay at the idea of shorter addresses.

CODE

;http://www.ietf.org/rfc/rfc1035.txt

UDPStartUp()

$socket = UDPBind("127.0.0.1", 53) ; Primary DNS Server set to this address

If @error <> 0 Then Exit

While 1

;Receive DNS Requests

While 1

$in = UDPRecv($socket, 512)

If $in <> "" Then ExitLoop

WEnd

;Send DNS Request

$SendSocket= UDPOpen("192.168.0.1", 53) ; main comp on lan

$Send=UDPSend($sendsocket,$in)

If NOT $Send Then MsgBox(0,"Error","Couldn't send DNS Request")

;Receive DNS Info

For $i=1 To 10000

$data = UDPRecv($SendSocket, 512)

If $data <> "" Then ExitLoop

Next

UDPCloseSocket($SendSocket)

;Reply DNS Info

$Send=UDPSend($socket,$data)

If NOT $Send Then MsgBox(0,"Error","Couldn't reply DNS Request")

WEnd

Func OnAutoItExit()

UDPCloseSocket($socket)

UDPCloseSocket($SendSocket)

UDPShutdown()

EndFunc

This works for now, but I need to convert the "0xFB3801000...." back to "apachefriends.org".

Finally found a source code here. Could use some help to have it in AutoIt3

Edited February 27, 2008 by AdamusTorK

[AdamusTorK]

So, here is a code in cpp. I was "really good" in C at the University, but this code makes my head blowing up.

Could someone help me if this:

CODE

struct DNS_HEADER {

unsigned short id; // identification number

unsigned char rd :1; // recursion desired

unsigned char tc :1; // truncated message

unsigned char aa :1; // authoritive answer

unsigned char opcode :4; // purpose of message

unsigned char qr :1; // query/response flag

unsigned char rcode :4; // response code

unsigned char cd :1; // checking disabled

unsigned char ad :1; // authenticated data

unsigned char z :1; // its z! reserved

unsigned char ra :1; // recursion available

unsigned short q_count; // number of question entries

unsigned short ans_count; // number of answer entries

unsigned short auth_count; // number of authority entries

unsigned short add_count; // number of resource entries

};

...could be done with DLLStruct, then what would be the Function "htons()" in AutoIt3?

PS: I would need it for myself and for anyone else who needs it, and I seriously doubt that any1 could retreive passwords with a single dns forward of "autoit" -> "www.autoitscript.com" and etc, and those of manage to do it might have glorious pleasure of cracking someone else's stuff, but as I said, I don't want to hack my own computer, so please help me.

ty

[ptrex]

@AdamusTorK

Why don't you keep life simple and use a browser that supports URL Aliases.

One (very ) good example is Avant Browser

Open the Browser go to TOOLS -> Avant Browser options -> URL Aliases

Regards,

ptrex

[AdamusTorK]

Why don't you keep life simple

Actually I'm using firefox and have bookmarks for everything, but if life was simple, i would have bored it already.

Wouldn't be it fun create something on a "not easy" way?

However, now I have other things to do, but thanks for asking