DNS answer KO when OPTs in request
Closed this issue · 1 comments
Liberasys commented
Hello JC, when a query has options (ex : DNSSEC options), the code reproduces it in the query section of answer. It is reproductible qith dig on linux. This leads to DNS client fuzzying.
I patched the code in order to send only the first query part and now it is working:
def _getPacketAnswerA(packet, ipV4Bytes) :
try :
pos = 12
while True :
domPartLen = packet[pos]
if (domPartLen == 0) :
break
pos += 1 + domPartLen
query_end = pos + 5
return b''.join( [
packet[:2], # Query identifier
b'\x85\x80', # Flags and codes
packet[4:6], # Query question count
b'\x00\x01', # Answer record count
b'\x00\x00', # Authority record count
b'\x00\x00', # Additional record count
packet[12:query_end], # Query question
b'\xc0\x0c', # Answer name as pointer
b'\x00\x01', # Answer type A
b'\x00\x01', # Answer class IN
b'\x00\x00\x00\x1E', # Answer TTL 30 secondes
b'\x00\x04', # Answer data length
ipV4Bytes ] ) # Answer data
except :
pass
return None
jczic commented
Thank you, code updated :)