非常简单的DNS信息泄漏检测

来源:http://hi.baidu.com/cnqing/blog/item/d21db78e391d50cef11f364a.html

using System;

using System.Collections.Generic;

using System.Text;

using System.Text.RegularExpressions;

using System.Collections;

using System.IO;

using System.Net.Sockets;

class Program

{

static void Main(string[] args)

{

string domain = args[0];

 

Whois wis = new Whois();

string result = wis.LookUp(domain);

Regex reg = new Regex(“name\\sserver:(.*)”, RegexOptions.IgnoreCase);

MatchCollection mcs = reg.Matches(result);

#region 轻量的DNS协议包

string name = domain.Substring(0, domain.LastIndexOf(“.”));

string suffix = domain.Substring(domain.LastIndexOf(“.”) + 1);

byte[] namedata = System.Text.ASCIIEncoding.ASCII.GetBytes(name);

byte[] suffixdata = System.Text.ASCIIEncoding.ASCII.GetBytes(suffix);

int totallen = 14 + namedata.Length + suffixdata.Length + 7;

byte[] dnslisarray = new byte[totallen];

dnslisarray[1] = 0x00;

dnslisarray[2] = 0x01;

dnslisarray[5] = 0x01;

dnslisarray[12] = (byte)(namedata.Length);

namedata.CopyTo(dnslisarray, 13);

dnslisarray[13 + namedata.Length] = (byte)suffixdata.Length;

suffixdata.CopyTo(dnslisarray, 14 + namedata.Length);

 

dnslisarray[14 + namedata.Length + suffixdata.Length + 2] = 0xFC;

dnslisarray[14 + namedata.Length + suffixdata.Length + 4] = 0x01;

dnslisarray[14 + namedata.Length + suffixdata.Length + 5] = 0x4D;

dnslisarray[14 + namedata.Length + suffixdata.Length + 6] = 0x53;

 

#endregion

bool ishavevul = false;

foreach (Match item in mcs)

{

if (ishavevul) break ;

System.Net.Sockets.TcpClient t = new System.Net.Sockets.TcpClient();

Console.Write(“checking dns ” + item.Groups[1].Value.Trim());

t.Connect(item.Groups[1].Value.Trim(), 53);

t.Client.Send(new byte[] { 0x0, (byte)totallen });

byte[] buf = new byte[1024];

t.Client.Send(dnslisarray);

buf = new byte[16];

int len = t.Client.Receive(buf);

t.Close();

 

if (buf.Length > 8 && buf[9] > 0)

{

ishavevul = true;

Console.Write(“\t find more than ” + buf[9] + ” answers\r\n”);

}

else

{

Console.Write(“\t refuse list\r\n”);

}

}

if (!ishavevul)

{

Console.WriteLine( args[0] + ” is safe”);

}

else

{

Console.WriteLine( args[0] + ” is not safe”);

}

}

}

评论关闭。