[英]Add length prefix to DNS request using TCP and Scapy
In the RFC 1035 about DNS, it's written : 在关于DNS的RFC 1035中,它写为:
4.2.2.
4.2.2。 TCP usage
TCP使用
Messages sent over TCP connections use server port 53 (decimal).
通过TCP连接发送的消息使用服务器端口53(十进制)。 The message is prefixed with a two byte length field which gives the message length, excluding the two byte length field.
消息的前缀是两个字节的长度字段,该字段给出了消息的长度,但不包括两个字节的长度字段。 This length field allows the low-level processing to assemble a complete message before beginning to parse it.
此长度字段允许低级处理在开始解析之前组装完整的消息。
I want to send a DNS request with TCP but I don't know how to add these two bytes before the DNS request. 我想通过TCP发送DNS请求,但是我不知道如何在DNS请求之前添加这两个字节。 I try with that code :
我尝试使用该代码:
from scapy.all import *
ip=IP(dst="216.239.32.10")
request = DNS(rd=1, qd=DNSQR(qname = "google.be", qtype="A")) #size = 27(dec) = 1b (hex)
twoBytesRequestSize = "\x1b\x00"
completeRequest = str(request) + twoBytesRequestSize
SYN=ip/TCP(sport=RandNum(1024,65535), dport=53, flags="S", seq=42)
SYNACK=sr1(SYN)
ACK=ip/TCP(sport=SYNACK.dport, dport=53, flags="A", seq=SYNACK.ack, ack=SYNACK.seq + 1)
send(ACK)
DNSRequest = ip/TCP(sport=SYNACK.dport, dport=53, flags="PA", seq=SYNACK.ack, ack=SYNACK.seq + 1) / completeRequest
DNSReply = sr1(DNSRequest, timeout = 1)
But my paquet is interpreted like a simple TCP packet without DNS layer. 但是我的内容被解释为没有DNS层的简单TCP数据包。
Have you an idea to add these two bytes prefix before the DNS request? 您是否有想法在DNS请求之前添加这两个字节的前缀?
Thank you ! 谢谢 !
The solution uses Big endian notation. 该解决方案使用Big endian表示法。
\\x00\\x1b
instead of \\x1b\\x00
. \\x00\\x1b
而不是\\x1b\\x00
。 But the rest of the code above is correct. 但是上面的其余代码是正确的。 Thank you Armin.
谢谢阿明。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.