当前位置: 文江博客话题详情

DNS 协议消息示例

发布于 2024-09-02 07:36:25 字数 618 浏览 1 评论 0原文

我试图弄清楚如何将 DNS 消息从应用程序套接字适配器发送到 DNSBL。 我花了两天时间了解基础知识,包括尝试使用 WireShark 来捕获消息交换的示例。 现在我想在不使用 dig 或 host 命令的情况下查询 DNS(我使用的是 Ubuntu);如果没有这些工具以正确的 DNS 消息格式包装请求的帮助,我如何才能在低级别执行此操作?消息应该如何发布呢?十六进制还是字符串?

预先感谢您的任何帮助。 此致

Alessandro Ilardo

评论补充道,

我正在调查 JDev 和 Oracle SOA。该平台提供了一个套接字适配器,它只需应用转换(XSLT)并将消息直接发送到套接字。 如何将有效负载参数(例如我正在查找的主机)包装在消息中由开发人员决定。因此,基本上我对所有 DNS 消息的结构有一个想法,但我不想立即将所有内容放在 JDev 上,而是想自己进行一些测试,以确保我获得有效的消息格式。

因此,我没有使用任何特定的语言(我什至不明白为什么他们将我的问题从服务器故障中移走),并且我不想使用任何会隐藏部分消息的工具,例如标题。顺便说一句,我知道它们工作得很好。 我猜这个东西与数据包注入有关。有人建议我使用 telnet,但我只用于 SMTP 或 HTTP,我不知道它如何处理 DNS 请求。 现在更有意义了吗?

原文

I am trying to figure out how to send out DNS messages from an application socket adapter to a DNSBL.
I spent the last two days understanding the basics, including experimenting with WireShark to catch an example of message exchanged.
Now I would like to query the DNS without using dig or host command (I'm using Ubuntu); how can I perform this action at low level, without the help of these tools in wrapping the request in a proper DNS message format? How the message should be post it? Hex or String?

Thanks in advance for any help.
Regards

Alessandro Ilardo

Comment added

I am investigating on JDev and Oracle SOA. The platform provides a Socket Adapter which simply apply a transformation (XSLT) and send the message straight to the socket.
How the payload parameters (ex. the host I'm looking up) are wrapped within the message is left to the developer. So basically I have an idea on how the all DNS message is structured, but rather than put everything on JDev stright away I'd like to make some tests on my own just to make sure I got a valid message format.

So, I am not using any specific language (I don't even understand why they moved my question from serverfault) and I don't want to use any tools which would hide part of the message, such as the header. I know they work well btw.
I guess this stuff has something to do with packet injection. Someone suggested me to use telnet, but I've only used for SMTP or HTTP, I haven't got a clue on how it works for DNS request.
Does it make more sense now?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

森末i 2024-09-09 07:36:25

Ewww...您实际上应该使用编程环境提供的某种库来进行查找,而不是手动构建 DNS 协议。

如果没有充分的理由,不要手动构建协议。严重地。不要这样做。

@Synetech:不,OP 没有考虑使用库。他只是不想使用命令行工具。至于示例库,您不需要看得太远。 dns 库怎么样?这并不是很多努力。

#!/usr/bin/python3
import dns
import dns.message
import dns.query

from ipaddress import IPv6Address, IPv6Network

query = dns.message.make_query('www.google.ca', dns.rdatatype.ANY)
resp = dns.query.tcp(query, '2001:4860:4860::8888', timeout=5)
aaaa_data = resp.get_rrset(resp.answer, resp.question[0].name,
                           dns.rdataclass.IN, dns.rdatatype.AAAA)

aaaa_addrs = (IPv6Address(x) for x in aaaa_data)
for addr in aaaa_addrs:
    if addr in IPv6Network('2607:F8B0::/32'):
        print("{} is in Google's network".format(addr))
    else:
        print("{} is NOT in Google's network".format(addr))

Ewww... instead of constructing the DNS protocol by hand, you really should be using some sort of library provided by your programming environment to do the lookup.

Don't construct protocol by hand without a Really Good Reason. Seriously. Don't Do That.

@Synetech: no, the OP didn't consider using a library. He just wants to not use the command-line tools. As far as a sample library, you don't need to look far. How about the dns library? This isn't exactly a lot of effort.

#!/usr/bin/python3
import dns
import dns.message
import dns.query

from ipaddress import IPv6Address, IPv6Network

query = dns.message.make_query('www.google.ca', dns.rdatatype.ANY)
resp = dns.query.tcp(query, '2001:4860:4860::8888', timeout=5)
aaaa_data = resp.get_rrset(resp.answer, resp.question[0].name,
                           dns.rdataclass.IN, dns.rdatatype.AAAA)

aaaa_addrs = (IPv6Address(x) for x in aaaa_data)
for addr in aaaa_addrs:
    if addr in IPv6Network('2607:F8B0::/32'):
        print("{} is in Google's network".format(addr))
    else:
        print("{} is NOT in Google's network".format(addr))
回复 原文
故事↓在人 2024-09-09 07:36:25

RFC 1035< 开始的许多 RFC 中对该协议进行了非常全面的描述/a>,但实际上,不要重新发明轮子。 “通过网络”查看其他人的实现肯定会出错。

如果使用“C”,请查看 ldns。对于 Perl,默认解决方案是 Net::DNS,可从 CPAN 获取。其他语言也存在类似的库。

The protocol is very fully described in lots of RFCs starting with RFC 1035, but really, don't re-invent the wheel. Looking at other people's implementations "over the wire" is a sure way to get it wrong.

If using 'C', check out ldns. For Perl the default solution is Net::DNS, available from CPAN. Similar libraries exist for other languages.

回复 原文
萌化 2024-09-09 07:36:25

我无法真正理解你在寻找什么。正如 Alnitak 和 MikeyB 提到的,您使用的编程语言(Jdev,我不知道)可能提供了一个发送 DNS 请求的库(大多数编程语言都提供)。如果您想发送常规 DNS 请求,请使用它。我完全同意 Alnitak 和 MikeyB 的观点。

但是,如果您想制作特殊的 DNS 数据包,并且害怕(也是正确的)手动完成所有操作,也许您可​​以使用诸如 Scapy

以下是使用 Scapy 创建 DNS 请求的示例:

# scapy
>>> p = IP(dst="203.0.113.162")/UDP(sport=RandShort(),dport=53)/\
...      DNS(rd=1,qd=DNSQR(qname="www.slashdot.org", qtype="AAAA"))
>>> sr1(p)
Begin emission:
.Finished to send 1 packets.
Received 2 packets, got 1 answers, remaining 0 packets
<IP  version=4L ihl=5L tos=0x0 len=62 id=0 flags=DF frag=0L ttl=63 proto=udp chksum=0xb1bb src=203.0.113.162 dst=203.0.113.69 options='' |<UDP  sport=domain dport=50474 len=42 chksum=0x1c97 |<DNS  id=0 qr=1L opcode=QUERY aa=0L tc=0L rd=1L ra=1L z=0L rcode=ok qdcount=1 ancount=0 nscount=0 arcount=0 qd=<DNSQR  qname='www.slashdot.org.' qtype=AAAA qclass=IN |> an=None ns=None ar=None |>>>

I cannot really understand what you are looking for. As mentioned by Alnitak and MikeyB, the programming language you use (Jdev, which I do not know), probably provides a library to send DNS requests (most programming languages do). If you want to send regular DNS requests, use it. I completely agree with Alnitak and MikeyB here.

However, if you want to craft special DNS packets, and are afraid (and rightly so) to do everything by hand, may be you can use tools like Scapy?

Here is an example of use of Scapy to create a DNS request:

# scapy
>>> p = IP(dst="203.0.113.162")/UDP(sport=RandShort(),dport=53)/\
...      DNS(rd=1,qd=DNSQR(qname="www.slashdot.org", qtype="AAAA"))
>>> sr1(p)
Begin emission:
.Finished to send 1 packets.
Received 2 packets, got 1 answers, remaining 0 packets
<IP  version=4L ihl=5L tos=0x0 len=62 id=0 flags=DF frag=0L ttl=63 proto=udp chksum=0xb1bb src=203.0.113.162 dst=203.0.113.69 options='' |<UDP  sport=domain dport=50474 len=42 chksum=0x1c97 |<DNS  id=0 qr=1L opcode=QUERY aa=0L tc=0L rd=1L ra=1L z=0L rcode=ok qdcount=1 ancount=0 nscount=0 arcount=0 qd=<DNSQR  qname='www.slashdot.org.' qtype=AAAA qclass=IN |> an=None ns=None ar=None |>>>
回复 原文
~没有更多了~

关于作者

り繁华旳梦境

暂无简介

0 文章
0 评论
21 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

不再见

文章 0 评论 0

真是无聊啊

文章 0 评论 0

樱娆

文章 0 评论 0

浅语花开

文章 0 评论 0

烛光

文章 0 评论 0

绻影浮沉

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文