1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
|
#ifndef DNS_ANALYSE_H
#define DNS_ANALYSE_H
#include <MESA/cJSON.h>
typedef unsigned char u_char;
typedef unsigned short u_int16_t;
typedef unsigned int u_int32_t;
#define G_DNS_TTL (rand()%1800+1800)//0.5->1hour 2015.01.26by ljp
#define MAX_CHEAT_PKT_PAYLOAD_LEN 512
#define DNS_MAX_SALT 256
#define DNS_MAX_OWNER 256
#define DNS_MAX_MAPS 256
#define DNS_MAX_PUBLIC_KEY 256
#define DNS_MAX_SIGNER_NAME 256
#define DNS_MAX_SIGNATURE 256
#define DNS_MAX_DIGEST 256
#define DNS_MAX_TARGET 256
#define DNS_HINFO_MAX_CPU 40
#define DNS_HINFO_MAX_OS 40
#define DNS_MAX_NAME 255
/* RR type */
#define DNS_TYPE_A 1
#define DNS_TYPE_NS 2
#define DNS_TYPE_MD 3
#define DNS_TYPE_MF 4
#define DNS_TYPE_CNAME 5
#define DNS_TYPE_SOA 6
#define DNS_TYPE_MB 7
#define DNS_TYPE_MG 8
#define DNS_TYPE_MR 9
#define DNS_TYPE_NULL 10
#define DNS_TYPE_WKS 11
#define DNS_TYPE_PTR 12
#define DNS_TYPE_HINFO 13
#define DNS_TYPE_MINFO 14
#define DNS_TYPE_MX 15
#define DNS_TYPE_TXT 16
#define DNS_TYPE_RP 17
#define DNS_TYPE_ISDN 20
#define DNS_TYPE_AAAA 28 //dns_ipv6
#define DNS_TYPE_SRV 33
#define DNS_TYPE_DNAME 39
#define DNS_TYPE_OPT 41
#define DNS_TYPE_DS 43
#define DNS_TYPE_RRSIG 46
#define DNS_TYPE_NSEC 47
#define DNS_TYPE_DNSKEY 48
#define DNS_TYPE_NSEC3 50
#define DNS_TYPE_NSEC3PARAM 51
#define DNS_TYPE_HTTPS 65
#define DNS_QTYPE_AXFR 252
#define DNS_QTYPE_MAILB 253
#define DNS_QTYPE_MAILA 254
#define DNS_QTYPE_ANY 255
#define DNS_TYPE_DLV 32769 /* DSNSEC Lokkaside Validation */
#define DNS_TYPE_UNKNOWN 65534
#define DNS_CLASS_UNKNOWN 0
#define DNS_CLASS_IN 1
#define DNS_CLASS_CS 2
#define DNS_CLASS_CH 3
#define DNS_CLASS_HS 4
#define DNS_QCLASS_ANY 255
typedef struct _dns_hdr
{
u_int16_t id;
#if __BYTE_ORDER == __LITTLE_ENDIAN
u_char rd:1;
u_char tc:1;
u_char aa:1;
u_char opcode:4;
u_char qr:1;
u_char rcode:4;
u_char z:3;
u_char ra:1;
#elif __BYTE_ORDER == __BIG_ENDIAN
u_char qr:1;
u_char opcode:4;
u_char aa:1;
u_char tc:1;
u_char rd:1;
u_char ra:1;
u_char z:3;
u_char rcode:4;
#endif
u_int16_t qdcount;
u_int16_t ancount;
u_int16_t aucount;//authority count
u_int16_t adcount;//additional count
} dns_hdr_t;
typedef struct _hinfo
{
u_char os_len;
u_char cpu_len;
u_char cpu[DNS_HINFO_MAX_CPU+1];
u_char os[DNS_HINFO_MAX_OS+1];
}hinfo_t;
typedef struct _minfo
{
u_char rmailbx[DNS_MAX_NAME+1];
u_char emailbx[DNS_MAX_NAME+1];
}minfo_t;
typedef struct _mx
{
u_int16_t preference;
u_char exchange[DNS_MAX_NAME+1];
}mx_t;
typedef struct _soa
{
u_char mname[DNS_MAX_NAME+1];
u_char rname[DNS_MAX_NAME+1];
u_int32_t serial;
u_int32_t refresh;
u_int32_t retry;
u_int32_t expire;
u_int32_t minimum;
}soa_t;
typedef struct _rp_t
{
u_char mailbox[DNS_MAX_NAME+1];
u_char txt_rr[DNS_MAX_NAME+1];
}rp_t;
typedef struct _txt_t
{
u_char txt[DNS_MAX_NAME+1];
u_char size;
}txt_t;
typedef struct _null
{
u_char null[DNS_MAX_NAME+1];
u_char size;
}null_t;
typedef struct _wks
{
u_char protocol;
u_int32_t addr;
u_int32_t size;
u_char * bitmap;
}wks_t;
typedef struct _srv
{
u_int16_t priority;
u_int16_t weight;
u_int16_t port;
u_char target[DNS_MAX_TARGET];
}srv_t;
typedef struct _ds
{
u_int16_t key_tag;
u_char algo;
u_char digest_type;
u_int32_t digest_len;
u_char *digest;
}ds_t;
typedef struct _rrsig
{
u_int16_t type_covered;
u_char algo;
u_char labels;
u_int32_t original_ttl;
u_int32_t sig_expiration;
u_int32_t sig_inception;
u_int32_t key_tag;
u_int32_t signature_len;
u_char signer_name[DNS_MAX_SIGNER_NAME];
u_char *signature;
}rrsig_t;
typedef struct _nsec
{
u_int16_t maps_len;
u_char next_domain[DNS_MAX_OWNER];
u_char type_bit_maps[DNS_MAX_MAPS];
}nsec_t;
typedef struct _dnskey
{
u_int16_t flags;
u_char protocol;
u_char algo;
u_int32_t public_key_len;
u_char *public_key;
}dnskey_t;
typedef struct _nsec3
{
u_char hash_algo;
u_char flags;
u_char salt_len;
u_char hash_len;
u_int16_t iteration;
u_int16_t maps_len;
u_char *salt_value;
u_char *next_hash_owner;
u_char type_bit_maps[DNS_MAX_MAPS];
}nsec3_t;
typedef struct _nsec3param
{
u_char hash_algo;
u_char flags;
u_char salt_len;
u_int16_t iteration;
u_char *salt_value;
}nsec3param_t;
typedef struct _dns_rr
{
u_char name[DNS_MAX_NAME+1];
u_int16_t type;
u_int16_t rr_class;
u_int32_t ttl; /* 1byte: extended RCODE; 1byte: version; 2bytes: Z(upper bit) if type is OPT */
u_int16_t rdlength;
union
{
u_char cname[DNS_MAX_NAME + 1]; /* cname[DNS_MAX_NAME + 1]; */
hinfo_t hinfo;
u_char mb[DNS_MAX_NAME + 1]; /* mb[DNS_MAX_NAME + 1]; */
u_char md[DNS_MAX_NAME + 1]; /* md[DNS_MAX_NAME + 1]; */
u_char mf[DNS_MAX_NAME + 1]; /* mf[DNS_MAX_NAME + 1]; */
u_char mg[DNS_MAX_NAME + 1]; /* mg[DNS_MAX_NAME + 1]; */
minfo_t minfo;
u_char mr[DNS_MAX_NAME + 1]; /* mr[DNS_MAX_NAME + 1]; */
mx_t mx;
u_char ns[DNS_MAX_NAME + 1]; /* ns[DNS_MAX_NAME + 1]; */
u_char ptr[DNS_MAX_NAME + 1]; /* ptr[DNS_MAX_NAME + 1]; */
soa_t soa;
u_char a[DNS_MAX_NAME + 1];
u_char aaaa[DNS_MAX_NAME + 1]; /* aaaa[16]; */
u_char dname[DNS_MAX_NAME + 1];
u_char isdn[DNS_MAX_NAME + 1];
u_char unknown_data[DNS_MAX_NAME + 1];
txt_t txt;
rp_t rp;
null_t null;
wks_t wks;
srv_t srv;
ds_t ds;
rrsig_t rrsig;
nsec_t nsec;
dnskey_t dnskey;
nsec3_t nsec3;
nsec3param_t nsec3param;
} rdata;
} dns_rr_t;
typedef struct _fake_packet_opt
{
u_int16_t cfg_type; /* IP or STR */
u_int16_t res_type;
u_int32_t ttl;
u_int32_t res_len;
u_char res_info[DNS_MAX_NAME+1];
}cheat_pkt_opt_t;
typedef struct
{
u_int16_t qtype;
u_int16_t qclass;
u_char qname[DNS_MAX_NAME+1];
} dns_query_question_t;
#define MAX_RR_NUM 256
typedef struct _dns_info
{
dns_hdr_t hdr_info;
int rr_count;
dns_rr_t rr[MAX_RR_NUM];
dns_query_question_t query_question;
}dns_info_t;
enum flag_id
{
/* ������ֶ�ʱ�������Զ�����ͷ����Ϣ */
DNS_UNKOWN =0,
ALL = 1<<0, /* ȫ�� */
DNS_ALL = 1<<1, /* ȫ�� */
DNS_REQ_ALL = 1<<2, /* �����ȫ�� */
DNS_RES_ALL = 1<<3, /* ���Ӧ���ȫ������ */
DNS_REQ_HDR = 1<<4, /* �������ͷ������ */
DNS_RES_HDR = 1<<5, /* ��Ӧ���ͷ������ */
//DNS_REQ_QUERY = 1<<6, /* ��Ӧ����е�������Ϣ(������������ѯ��Ϣ���Զ�����ͷ������ΪDNS_REQ_ALL_FLAG_ID������û��Ҫ����һ��ֵ) */
DNS_RES_QUERY = 1<<7, /* ��Ӧ����е�������Ϣ */
DNS_RES_RRS = 1<<8, /* ������Ӧ����Դ��¼ */
DNS_RES_ANSWER = 1<<9, /* ��answerӦ���¼ */
DNS_RES_AUTH = 1<<10, /* ����Ȩ��Դ��¼ */
DNS_RES_ADD = 1<<11, /* �⸽����Դ��¼ */
};
#ifdef __cplusplus
extern "C"
{
#endif
/*
* name:build_dns_payload
* functionality:build dns packet
* param:
* pay_load_buf:the thread num
* len:buffer length
* pkt_para:option parameter
* opt_cnt:option counts
*
* returns:
* >0:build sucess
* -1:ibuild failed
*
* */
int get_rr_str2json(cJSON *object, dns_info_t *dns_info, int *dns_sec);
int get_rr_content2buf(dns_rr_t *rr, int rr_count, char *rr_buf, int buflen, int *dns_sec);
int dns_save_raw_pkt(char *buf, int buflen, const struct streaminfo * a_stream);
int build_cheat_pkt(unsigned char *payload, int payload_len, dns_query_question_t *query_question, cheat_pkt_opt_t *cheat_opt, int cheat_opt_num);
#ifdef __cplusplus
}
#endif
#endif
|
