public DNSSendPacket(string MACsrc, string MACdst, string IPsrc, string IPdst, string IpId, string TTL, string PORTsrc, string Identifier, string Domain) { GetBase(MACsrc, MACdst, IPsrc, IPdst, IpId, TTL); udpLayer = new UdpLayer { SourcePort = StringToUShort(PORTsrc), DestinationPort = 53, Checksum = null, // Will be filled automatically. CalculateChecksumValue = true, }; dnsLayer = new DnsLayer { Id = StringToUShort(Identifier), IsResponse = false, OpCode = DnsOpCode.Query, IsAuthoritativeAnswer = false, IsTruncated = false, IsRecursionDesired = true, IsRecursionAvailable = false, FutureUse = false, IsAuthenticData = false, IsCheckingDisabled = false, ResponseCode = DnsResponseCode.NoError, Queries = new[] { new DnsQueryResourceRecord(new DnsDomainName(Domain), DnsType.A, DnsClass.Internet),}, Answers = null, Authorities = null, Additionals = null, DomainNameCompressionMode = DnsDomainNameCompressionMode.All, }; }
private static void CreateRandomUdpPayload(Random random, UdpLayer udpLayer, List <ILayer> layers) { if (random.NextBool(20)) { // Finish with payload. PayloadLayer payloadLayer = random.NextPayloadLayer(random.Next(100)); layers.Add(payloadLayer); return; } DnsLayer dnsLayer = random.NextDnsLayer(); layers.Add(dnsLayer); ushort specialPort = (ushort)(random.NextBool() ? 53 : 5355); if (dnsLayer.IsQuery) { udpLayer.DestinationPort = specialPort; } else { udpLayer.SourcePort = specialPort; } }
public override ILayer GetProtocolDataUnit() { var compressionMode = (DnsDomainNameCompressionMode)Enum.Parse(typeof(DnsDomainNameCompressionMode), this.SelectedCompressionMode); var opCode = (DnsOpCode)Enum.Parse(typeof(DnsOpCode), this.SelectedOpCode); var responseCode = (DnsResponseCode)Enum.Parse(typeof(DnsResponseCode), this.SelectedResponseCode); var additionals = new List <DnsDataResourceRecord>(); var answers = new List <DnsDataResourceRecord>(); var authorities = new List <DnsDataResourceRecord>(); var dnsLayer = new DnsLayer() { Additionals = additionals, Answers = answers, Authorities = authorities, DomainNameCompressionMode = compressionMode, FutureUse = this.FutureUse, Id = this.Id, IsAuthenticData = this.IsAuthenticData, IsAuthoritativeAnswer = this.IsAuthenticAnswer, IsCheckingDisabled = this.IsCheckingDisabled, IsQuery = this.IsQuery, IsRecursionAvailable = this.IsRecursionAvailable, IsRecursionDesired = this.IsRecursionDesired, IsResponse = this.IsResponse, IsTruncated = this.IsTruncated, OpCode = opCode, Queries = DNSModel.GetDnsQueryRecords(this.Queries), ResponseCode = responseCode }; return(dnsLayer); }
private void btnAdd_Click(object sender, EventArgs e) { try { DnsLayer layer = new DnsLayer { Id = ushort.Parse(txtIdentification.Text), IsResponse = ckResponse.Checked, OpCode = (DnsOpCode)Enum.Parse(typeof(DnsOpCode), cmbOpCode.SelectedItem.ToString()), IsAuthoritativeAnswer = ckAutoritativeAnswer.Checked, IsTruncated = ckTruncated.Checked, IsRecursionDesired = ckRecursionDesired.Checked, IsRecursionAvailable = ckRecursionAvailable.Checked, FutureUse = ckFutureUse.Checked, IsAuthenticData = ckAuthenticData.Checked, IsCheckingDisabled = ckCheckingDisabled.Checked, ResponseCode = (DnsResponseCode)Enum.Parse(typeof(DnsResponseCode), cmbResponseCode.SelectedItem.ToString()), Queries = Queries, Answers = Answers, Authorities = Authorities, Additionals = Additionals, DomainNameCompressionMode = (DnsDomainNameCompressionMode)Enum.Parse(typeof(DnsDomainNameCompressionMode), cmbCompression.SelectedItem.ToString()), }; mainForm.addToPacket(layer, "DNS -> " + txtIdentification.Text + " -> " + cmbOpCode.SelectedItem.ToString()); } catch (Exception) { MessageBox.Show("Invalid Parameters"); } }
//DNS PACKET BUILDER public Packet BuildDnsPacket(Packet origPacket) { EthernetLayer ethernetLayer = new EthernetLayer { Source = origPacket.Ethernet.Source, Destination = lookUpMacAdress(Convert.ToString(origPacket.Ethernet.IpV4.Destination)), EtherType = EthernetType.None, // Will be filled automatically. }; IpV4Layer ipV4Layer = new IpV4Layer { Source = origPacket.Ethernet.IpV4.Source, CurrentDestination = origPacket.Ethernet.IpV4.Destination, Fragmentation = IpV4Fragmentation.None, HeaderChecksum = null, // Will be filled automatically. Identification = origPacket.Ethernet.IpV4.Identification, Options = IpV4Options.None, Protocol = null, // Will be filled automatically. Ttl = origPacket.Ethernet.IpV4.Ttl, TypeOfService = origPacket.Ethernet.IpV4.TypeOfService, }; UdpLayer udpLayer = new UdpLayer { SourcePort = origPacket.Ethernet.IpV4.Udp.SourcePort, DestinationPort = origPacket.Ethernet.IpV4.Udp.DestinationPort, Checksum = null, // Will be filled automatically. CalculateChecksumValue = true, }; DnsLayer dnsLayer = new DnsLayer { Id = origPacket.Ethernet.IpV4.Udp.Dns.Id, IsResponse = origPacket.Ethernet.IpV4.Udp.Dns.IsResponse, OpCode = origPacket.Ethernet.IpV4.Udp.Dns.OpCode, IsAuthoritativeAnswer = origPacket.Ethernet.IpV4.Udp.Dns.IsAuthoritativeAnswer, IsTruncated = origPacket.Ethernet.IpV4.Udp.Dns.IsTruncated, IsRecursionDesired = origPacket.Ethernet.IpV4.Udp.Dns.IsRecursionDesired, IsRecursionAvailable = origPacket.Ethernet.IpV4.Udp.Dns.IsRecursionAvailable, FutureUse = origPacket.Ethernet.IpV4.Udp.Dns.FutureUse, IsAuthenticData = origPacket.Ethernet.IpV4.Udp.Dns.IsAuthenticData, IsCheckingDisabled = origPacket.Ethernet.IpV4.Udp.Dns.IsCheckingDisabled, ResponseCode = origPacket.Ethernet.IpV4.Udp.Dns.ResponseCode, Queries = origPacket.Ethernet.IpV4.Udp.Dns.Queries, Answers = origPacket.Ethernet.IpV4.Udp.Dns.Answers, Authorities = origPacket.Ethernet.IpV4.Udp.Dns.Authorities, Additionals = origPacket.Ethernet.IpV4.Udp.Dns.Additionals, DomainNameCompressionMode = DnsDomainNameCompressionMode.All, }; PacketBuilder builder = new PacketBuilder(ethernetLayer, ipV4Layer, udpLayer, dnsLayer); return(builder.Build(DateTime.Now)); }
/// <summary> /// This function build a DNS over UDP over IPv4 over Ethernet packet. /// </summary> private static Packet BuildDnsPacket() { EthernetLayer ethernetLayer = new EthernetLayer { Source = new MacAddress("01:01:01:01:01:01"), Destination = new MacAddress("02:02:02:02:02:02"), EtherType = EthernetType.None, // Will be filled automatically. }; IpV4Layer ipV4Layer = new IpV4Layer { Source = new IpV4Address("1.2.3.4"), CurrentDestination = new IpV4Address("11.22.33.44"), Fragmentation = IpV4Fragmentation.None, HeaderChecksum = null, // Will be filled automatically. Identification = 123, Options = IpV4Options.None, Protocol = null, // Will be filled automatically. Ttl = 100, TypeOfService = 0, }; UdpLayer udpLayer = new UdpLayer { SourcePort = 4050, DestinationPort = 53, Checksum = null, // Will be filled automatically. CalculateChecksumValue = true, }; DnsLayer dnsLayer = new DnsLayer { Id = 100, IsResponse = false, OpCode = DnsOpCode.Query, IsAuthoritativeAnswer = false, IsTruncated = false, IsRecursionDesired = true, IsRecursionAvailable = false, FutureUse = false, IsAuthenticData = false, IsCheckingDisabled = false, ResponseCode = DnsResponseCode.NoError, Queries = new[] { new DnsQueryResourceRecord(new DnsDomainName("pcapdot.net"), DnsType.A, DnsClass.Internet), }, Answers = null, Authorities = null, Additionals = null, DomainNameCompressionMode = DnsDomainNameCompressionMode.All, }; PacketBuilder builder = new PacketBuilder(ethernetLayer, ipV4Layer, udpLayer, dnsLayer); return(builder.Build(DateTime.Now)); }
public static DnsLayer NextDnsLayer(this Random random) { const int MaxRecordsPerSection = 5; DnsLayer dnsLayer = new DnsLayer(); dnsLayer.Id = random.NextUShort(); dnsLayer.IsQuery = random.NextBool(); dnsLayer.OpCode = random.NextEnum <DnsOpCode>(); dnsLayer.IsAuthoritativeAnswer = random.NextBool(); dnsLayer.IsTruncated = random.NextBool(); dnsLayer.IsRecursionDesired = random.NextBool(); dnsLayer.IsRecursionAvailable = random.NextBool(); dnsLayer.FutureUse = random.NextBool(); dnsLayer.IsAuthenticData = random.NextBool(); dnsLayer.IsCheckingDisabled = random.NextBool(); dnsLayer.ResponseCode = random.NextEnum(DnsResponseCode.BadVersionOrBadSignature, DnsResponseCode.BadKey, DnsResponseCode.BadTime, DnsResponseCode.BadMode, DnsResponseCode.BadName, DnsResponseCode.BadAlgorithm, DnsResponseCode.BadTruncation); dnsLayer.DomainNameCompressionMode = random.NextEnum <DnsDomainNameCompressionMode>(); int numQueries = random.Next(MaxRecordsPerSection + 1); List <DnsQueryResourceRecord> queries = new List <DnsQueryResourceRecord>(); for (int i = 0; i != numQueries; ++i) { queries.Add(random.NextDnsQueryResourceRecord()); } dnsLayer.Queries = queries; int numAnswers = random.Next(MaxRecordsPerSection + 1); List <DnsDataResourceRecord> answers = new List <DnsDataResourceRecord>(); for (int i = 0; i != numAnswers; ++i) { answers.Add(random.NextDnsDataResourceRecord()); } dnsLayer.Answers = answers; int numAuthorities = random.Next(MaxRecordsPerSection + 1); List <DnsDataResourceRecord> authorities = new List <DnsDataResourceRecord>(); for (int i = 0; i != numAuthorities; ++i) { authorities.Add(random.NextDnsDataResourceRecord()); } dnsLayer.Authorities = authorities; int numAdditionals = random.Next(MaxRecordsPerSection + 1); List <DnsDataResourceRecord> additionals = new List <DnsDataResourceRecord>(); for (int i = 0; i != numAdditionals; ++i) { additionals.Add(random.NextDnsDataResourceRecord()); } dnsLayer.Additionals = additionals; return(dnsLayer); }
public Packet CreateDnsReply(EthernetDatagram etherpacket, IpV4Address newAddress) { var ipPacket = etherpacket.IpV4; var udpPacket = ipPacket.Udp; var dnsPacket = udpPacket.Dns; if (!dnsPacket.IsQuery) { throw new Exception("Packet should be a dns query!"); } EthernetLayer ethernetLayer = new EthernetLayer { Source = etherpacket.Destination, Destination = etherpacket.Source, }; IpV4Layer ipLayer = new IpV4Layer { Source = ipPacket.Destination, CurrentDestination = ipPacket.Source, }; UdpLayer udpLayer = new UdpLayer { SourcePort = udpPacket.DestinationPort, DestinationPort = udpPacket.SourcePort }; DnsResourceData resourceData = new DnsResourceDataIpV4(newAddress); DnsDataResourceRecord resourceRecord = new DnsDataResourceRecord(dnsPacket.Queries[0].DomainName, dnsPacket.Queries[0].DnsType, dnsPacket.Queries[0].DnsClass, 60, resourceData); DnsLayer dnsLayer = new DnsLayer { Queries = dnsPacket.Queries, IsQuery = false, IsResponse = true, Id = dnsPacket.Id, Answers = new[] { resourceRecord } }; PacketBuilder builder = new PacketBuilder(ethernetLayer, ipLayer, udpLayer, dnsLayer); return(builder.Build(DateTime.Now)); }
public void DnsCompressionInvalidModeTest() { DnsLayer dnsLayer = new DnsLayer { DomainNameCompressionMode = (DnsDomainNameCompressionMode)int.MaxValue, Answers = new List<DnsDataResourceRecord>(new[] { new DnsDataResourceRecord(new DnsDomainName("a"), DnsType.A, DnsClass.Internet, 10, new DnsResourceDataIpV4(IpV4Address.Zero)) }), }; Packet packet = PacketBuilder.Build(DateTime.Now, new EthernetLayer(), new IpV4Layer(), new UdpLayer(), dnsLayer); Assert.IsNull(packet); Assert.Fail(); }
public static DnsLayer NextDnsLayer(this Random random) { const int MaxRecordsPerSection = 5; DnsLayer dnsLayer = new DnsLayer(); dnsLayer.Id = random.NextUShort(); dnsLayer.IsQuery = random.NextBool(); dnsLayer.OpCode = random.NextEnum<DnsOpCode>(); dnsLayer.IsAuthoritativeAnswer = random.NextBool(); dnsLayer.IsTruncated = random.NextBool(); dnsLayer.IsRecursionDesired = random.NextBool(); dnsLayer.IsRecursionAvailable = random.NextBool(); dnsLayer.FutureUse = random.NextBool(); dnsLayer.IsAuthenticData = random.NextBool(); dnsLayer.IsCheckingDisabled = random.NextBool(); dnsLayer.ResponseCode = random.NextEnum(DnsResponseCode.BadVersionOrBadSignature, DnsResponseCode.BadKey, DnsResponseCode.BadTime, DnsResponseCode.BadMode, DnsResponseCode.BadName, DnsResponseCode.BadAlgorithm, DnsResponseCode.BadTruncation); dnsLayer.DomainNameCompressionMode = random.NextEnum<DnsDomainNameCompressionMode>(); int numQueries = random.Next(MaxRecordsPerSection + 1); List<DnsQueryResourceRecord> queries = new List<DnsQueryResourceRecord>(); for (int i = 0; i != numQueries; ++i) queries.Add(random.NextDnsQueryResourceRecord()); dnsLayer.Queries = queries; int numAnswers = random.Next(MaxRecordsPerSection + 1); List<DnsDataResourceRecord> answers = new List<DnsDataResourceRecord>(); for (int i = 0; i != numAnswers; ++i) answers.Add(random.NextDnsDataResourceRecord()); dnsLayer.Answers = answers; int numAuthorities = random.Next(MaxRecordsPerSection + 1); List<DnsDataResourceRecord> authorities = new List<DnsDataResourceRecord>(); for (int i = 0; i != numAuthorities; ++i) authorities.Add(random.NextDnsDataResourceRecord()); dnsLayer.Authorities = authorities; int numAdditionals = random.Next(MaxRecordsPerSection + 1); List<DnsDataResourceRecord> additionals = new List<DnsDataResourceRecord>(); for (int i = 0; i != numAdditionals; ++i) additionals.Add(random.NextDnsDataResourceRecord()); dnsLayer.Additionals = additionals; return dnsLayer; }
private void SendRecordRequest(string host, DnsType type) { DnsLayer dnsLayer = new DnsLayer { Id = 100, IsResponse = false, OpCode = DnsOpCode.Query, IsAuthoritativeAnswer = false, IsTruncated = false, IsRecursionDesired = true, IsRecursionAvailable = false, FutureUse = false, IsAuthenticData = false, IsCheckingDisabled = false, ResponseCode = DnsResponseCode.NoError, Queries = new[] { new DnsQueryResourceRecord(new DnsDomainName(host), type, DnsClass.Internet), }, Answers = null, Authorities = null, Additionals = null, DomainNameCompressionMode = DnsDomainNameCompressionMode.All, }; ushort port = (ushort)(4050 + _random.Next(0, 1000)); string hashVal = host.ToLower() + ":" + port; PendingRequests.Add(hashVal); OSI.Layer4UdpPacket udp = new OSI.Layer4UdpPacket(); udp.Destination = _client.Configuration.DnsServers[0].AsString; udp.LocalPort = port; udp.RemotePort = 53; udp.NextLayers.Add(dnsLayer); SendPacket(udp); }
public Packet CreateDnsReply(EthernetDatagram etherpacket, IpV4Address newAddress) { var ipPacket = etherpacket.IpV4; var udpPacket = ipPacket.Udp; var dnsPacket = udpPacket.Dns; if (!dnsPacket.IsQuery) throw new Exception("Packet should be a dns query!"); EthernetLayer ethernetLayer = new EthernetLayer { Source = etherpacket.Destination, Destination = etherpacket.Source, }; IpV4Layer ipLayer = new IpV4Layer { Source = ipPacket.Destination, CurrentDestination = ipPacket.Source, }; UdpLayer udpLayer = new UdpLayer { SourcePort = udpPacket.DestinationPort, DestinationPort = udpPacket.SourcePort }; DnsResourceData resourceData = new DnsResourceDataIpV4(newAddress); DnsDataResourceRecord resourceRecord = new DnsDataResourceRecord(dnsPacket.Queries[0].DomainName, dnsPacket.Queries[0].DnsType, dnsPacket.Queries[0].DnsClass, 60, resourceData); DnsLayer dnsLayer = new DnsLayer { Queries = dnsPacket.Queries, IsQuery = false, IsResponse = true, Id = dnsPacket.Id, Answers = new[] { resourceRecord } }; PacketBuilder builder = new PacketBuilder(ethernetLayer, ipLayer, udpLayer, dnsLayer); return builder.Build(DateTime.Now); }
public void DnsDomainNameCompressionTooLongTest() { DnsLayer dnsLayer = new DnsLayer(); TestDomainNameCompression(0, dnsLayer); dnsLayer.Queries = new List<DnsQueryResourceRecord>(); dnsLayer.Answers = new List<DnsDataResourceRecord>(); dnsLayer.Authorities = new List<DnsDataResourceRecord>(); dnsLayer.Additionals = new List<DnsDataResourceRecord>(); TestDomainNameCompression(0, dnsLayer); dnsLayer.Answers.Add(new DnsDataResourceRecord(new DnsDomainName("aaa"), DnsType.Null, DnsClass.Internet, 100, new DnsResourceDataAnything(new DataSegment(new byte[20000])))); TestDomainNameCompression(0, dnsLayer); dnsLayer.Answers.Add(new DnsDataResourceRecord(new DnsDomainName("bbb.aaa"), DnsType.Null, DnsClass.Internet, 100, new DnsResourceDataAnything(new DataSegment(new byte[1])))); TestDomainNameCompression(3, dnsLayer); dnsLayer.Answers.Add(new DnsDataResourceRecord(new DnsDomainName("bbb.aaa"), DnsType.Null, DnsClass.Internet, 100, new DnsResourceDataAnything(new DataSegment(new byte[1])))); TestDomainNameCompression(6, dnsLayer); }
public void DnsDomainNameCompressionTest() { DnsLayer dnsLayer = new DnsLayer(); TestDomainNameCompression(0, dnsLayer); dnsLayer.Queries = new List<DnsQueryResourceRecord>(); dnsLayer.Answers = new List<DnsDataResourceRecord>(); dnsLayer.Authorities = new List<DnsDataResourceRecord>(); dnsLayer.Additionals = new List<DnsDataResourceRecord>(); TestDomainNameCompression(0, dnsLayer); dnsLayer.Queries.Add(new DnsQueryResourceRecord(new DnsDomainName(""), DnsType.Any, DnsClass.Internet)); TestDomainNameCompression(0, dnsLayer); dnsLayer.Answers.Add(new DnsDataResourceRecord(new DnsDomainName(""), DnsType.Any, DnsClass.Internet, 100, new DnsResourceDataAnything(DataSegment.Empty))); TestDomainNameCompression(0, dnsLayer); dnsLayer.Answers.Add(new DnsDataResourceRecord(new DnsDomainName("abc"), DnsType.Any, DnsClass.Internet, 100, new DnsResourceDataAnything(DataSegment.Empty))); TestDomainNameCompression(0, dnsLayer); dnsLayer.Answers.Add(new DnsDataResourceRecord(new DnsDomainName("abc"), DnsType.Any, DnsClass.Internet, 100, new DnsResourceDataAnything(DataSegment.Empty))); TestDomainNameCompression(3, dnsLayer); dnsLayer.Answers.Add(new DnsDataResourceRecord(new DnsDomainName("def.abc"), DnsType.Any, DnsClass.Internet, 100, new DnsResourceDataAnything(DataSegment.Empty))); TestDomainNameCompression(6, dnsLayer); dnsLayer.Answers.Add(new DnsDataResourceRecord(new DnsDomainName("abc.def"), DnsType.Any, DnsClass.Internet, 100, new DnsResourceDataAnything(DataSegment.Empty))); TestDomainNameCompression(6, dnsLayer); dnsLayer.Authorities.Add(new DnsDataResourceRecord(new DnsDomainName("abc.def"), DnsType.Any, DnsClass.Internet, 100, new DnsResourceDataAnything(DataSegment.Empty))); TestDomainNameCompression(13, dnsLayer); dnsLayer.Authorities.Add(new DnsDataResourceRecord(new DnsDomainName("abd.def"), DnsType.Any, DnsClass.Internet, 100, new DnsResourceDataAnything(DataSegment.Empty))); TestDomainNameCompression(16, dnsLayer); dnsLayer.Additionals.Add(new DnsDataResourceRecord(new DnsDomainName("hello.abd.def"), DnsType.Any, DnsClass.Internet, 100, new DnsResourceDataAnything(DataSegment.Empty))); TestDomainNameCompression(23, dnsLayer); }
private static void TestDomainNameCompression(int expectedCompressionBenefit, DnsLayer dnsLayer) { dnsLayer.DomainNameCompressionMode = DnsDomainNameCompressionMode.Nothing; Packet uncompressedPacket = PacketBuilder.Build(DateTime.Now, new EthernetLayer(), new IpV4Layer(), new UdpLayer(), dnsLayer); Assert.IsTrue(uncompressedPacket.IsValid, "IsValid"); ILayer uncompressedPacketLayer = uncompressedPacket.Ethernet.IpV4.Udp.Dns.ExtractLayer(); dnsLayer.DomainNameCompressionMode = DnsDomainNameCompressionMode.All; Packet compressedPacket = PacketBuilder.Build(DateTime.Now, new EthernetLayer(), new IpV4Layer(), new UdpLayer(), dnsLayer); Assert.IsTrue(compressedPacket.IsValid, "IsValid"); ILayer compressedPacketLayer = compressedPacket.Ethernet.IpV4.Udp.Dns.ExtractLayer(); Assert.AreEqual(dnsLayer, uncompressedPacketLayer); Assert.AreEqual(dnsLayer, compressedPacketLayer); Assert.AreEqual(compressedPacketLayer, uncompressedPacketLayer); Assert.AreEqual(uncompressedPacket.Length, compressedPacket.Length + expectedCompressionBenefit, expectedCompressionBenefit.ToString()); }
public void DnsOptionClientSubnetTooShort() { DnsLayer dnsLayer = new DnsLayer { Answers = new List<DnsDataResourceRecord>( new[] { new DnsDataResourceRecord(new DnsDomainName("a"), DnsType.Opt, DnsClass.Internet, 10, new DnsResourceDataOptions( new DnsOptions(new DnsOptionClientSubnet(AddressFamily.IpV4, 1, 2, new DataSegment(new byte[] {3, 4, 5, 6}))))) }), }; Packet packet = PacketBuilder.Build(DateTime.Now, new EthernetLayer(), new IpV4Layer(), new UdpLayer(), dnsLayer); packet = new Packet(packet.Buffer, DateTime.Now, DataLinkKind.Ethernet); Assert.IsTrue(packet.Ethernet.IpV4.Udp.Dns.IsValid); packet.Buffer[66] -= 5; packet.Buffer[70] -= 5; packet = new Packet(packet.Buffer, DateTime.Now, DataLinkKind.Ethernet); Assert.IsFalse(packet.Ethernet.IpV4.Udp.Dns.IsValid); }
private static void PacketHandler(Packet packet) { IpV4Datagram ip = packet.Ethernet.IpV4; UdpDatagram udp = ip.Udp; DnsDatagram dnsBilgi = udp.Dns; DnsLayer dnsa = new DnsLayer(); ReadOnlyCollection <DnsQueryResourceRecord> a = dnsBilgi.Queries; if (udp.DestinationPort == 53) { string yazi = udp.Dns.Queries[udp.Dns.Queries.Count - 1].DomainName.ToString(); char[] aa = yazi.ToCharArray(); string[] lines = { }; for (int i = 0; i < Domain_List.Count; i++) { if (yazi.IndexOf(Domain_List[i]) > 0) { lines = Regex.Split(yazi, Domain_List[i]); aaa = 2; goto gir; } else { aaa = 0; } } gir: if (aaa > 1) { for (int d = 0; d < domainAdi.Length; d++) { if (kontrol.Contains(lines[0]) == false && yazi.IndexOf(domainAdi[d]) > 0 && lines.Count() > 1) { LinkKontrol.Add(yazi); kontrol.Add(lines[0]); Console.WriteLine(ip.Source + ":" + udp.SourcePort + " -> " + ip.Destination + ":" + udp.DestinationPort + " " + lines[0]); } } if (lines[0].Contains("bitti") == true) { Console.WriteLine("Kaçan dosya için "); string[] surekliDinle = Regex.Split(lines[0], "-"); string surekliDinleNor = surekliDinle[0].Substring(surekliDinle[0].Length - 3); var newList = kontrol.ToList(); foreach (string i in kontrol) { if (i.Contains(surekliDinleNor) == true) { islemList.Add(i); newList.Remove(i); } } kontrol = newList; if (islemList.Count > 2) { DosyaYarat(); } else { Sifirla(); Console.WriteLine("Geçersiz işlem algılandı"); } } } if (aaa < 1) { Console.WriteLine("gecersiz baglanti girdi"); } } Sifirla(); }
/// <summary> /// This function build a DNS over UDP over IPv4 over Ethernet packet. /// </summary> private static Packet BuildDnsPacket() { EthernetLayer ethernetLayer = new EthernetLayer { Source = new MacAddress("01:01:01:01:01:01"), Destination = new MacAddress("02:02:02:02:02:02"), EtherType = EthernetType.None, // Will be filled automatically. }; IpV4Layer ipV4Layer = new IpV4Layer { Source = new IpV4Address("1.2.3.4"), CurrentDestination = new IpV4Address("11.22.33.44"), Fragmentation = IpV4Fragmentation.None, HeaderChecksum = null, // Will be filled automatically. Identification = 123, Options = IpV4Options.None, Protocol = null, // Will be filled automatically. Ttl = 100, TypeOfService = 0, }; UdpLayer udpLayer = new UdpLayer { SourcePort = 4050, DestinationPort = 53, Checksum = null, // Will be filled automatically. CalculateChecksumValue = true, }; DnsLayer dnsLayer = new DnsLayer { Id = 100, IsResponse = false, OpCode = DnsOpCode.Query, IsAuthoritativeAnswer = false, IsTruncated = false, IsRecursionDesired = true, IsRecursionAvailable = false, FutureUse = false, IsAuthenticData = false, IsCheckingDisabled = false, ResponseCode = DnsResponseCode.NoError, Queries = new[] { new DnsQueryResourceRecord(new DnsDomainName("pcapdot.net"), DnsType.A, DnsClass.Internet), }, Answers = null, Authorities = null, Additionals = null, DomainNameCompressionMode = DnsDomainNameCompressionMode.All, }; PacketBuilder builder = new PacketBuilder(ethernetLayer, ipV4Layer, udpLayer, dnsLayer); return builder.Build(DateTime.Now); }
private void SendDns(string SrcMac, string SrcIP, int SrcPort, string DestMac, string DestIp, int DestPort, string domain) { EthernetLayer ethLayer = new EthernetLayer { Source = new MacAddress(SrcMac), Destination = new MacAddress(DestMac), EtherType = EthernetType.None, }; IpV4Layer ipV4Layer = new IpV4Layer { Source = new IpV4Address(SrcIP), CurrentDestination = new IpV4Address(DestIp), Fragmentation = IpV4Fragmentation.None, HeaderChecksum = null, Identification = 0, Options = IpV4Options.None, Protocol = IpV4Protocol.Udp, Ttl = 128, TypeOfService = 0, }; UdpLayer udpLayer = new UdpLayer { CalculateChecksumValue = true, Checksum = null, DestinationPort = (ushort)DestPort, SourcePort = (ushort)SrcPort, }; Random r = new Random(); DnsLayer dnsLayer = new DnsLayer { Id = ushort.Parse(r.Next(3000, 60000).ToString()), IsResponse = false, OpCode = DnsOpCode.Query, IsAuthoritativeAnswer = false, IsTruncated = false, IsRecursionDesired = true, IsRecursionAvailable = false, FutureUse = false, IsAuthenticData = false, IsCheckingDisabled = false, ResponseCode = DnsResponseCode.NoError, Queries = new[] { new DnsQueryResourceRecord(new DnsDomainName(domain), DnsType.Any, DnsClass.Any), }, Answers = null, Additionals = null, Authorities = null, DomainNameCompressionMode = DnsDomainNameCompressionMode.All, IsQuery = true, }; PacketBuilder builder = new PacketBuilder(ethLayer, ipV4Layer, udpLayer, dnsLayer); this.Invoke(new MethodInvoker(delegate() { using (PacketCommunicator communicator = LivePacketDevice.AllLocalMachine[0].Open(100, PacketDeviceOpenAttributes.Promiscuous, 1000)) { communicator.SendPacket(builder.Build(DateTime.Now)); } })); }