Esempio n. 1
0
def invalid_over2k(request):
    """Sends a reply > 2048 bytes with invalid ID"""
    flags = DNSFlags(request.header.flags.flags_int())
    flags.set(["QR", "AA"])

    question = request.questions[0]

    header = DNSHeader(0x0000, flags, 1, 0, 0, 0)
    return header.bytes() + question.bytes() + b"\x42" * 2048
Esempio n. 2
0
def truncated_over1k(request):
    """Sends a reply > 1024 bytes (but less than 2048 bytes) with valid header/question and TC flag set"""
    flags = DNSFlags(request.header.flags.flags_int())
    flags.set(["QR", "AA", "TC"])

    question = request.questions[0]

    header = DNSHeader(request.header.ID, flags, 1, 0, 0, 0)
    return header.bytes() + question.bytes() + b"\x42" * 1024
Esempio n. 3
0
def valid_over2k(request):
    """Sends a reply > 2048 bytes with valid header/question"""
    flags = DNSFlags(request.header.flags.flags_int())
    flags.set(["QR", "AA"])

    question = request.questions[0]

    header = DNSHeader(request.header.ID, flags, 1, 0, 0, 0)
    return header.bytes() + question.bytes() + b"\x42" * 32768
def invalid_over2k(request):
    """Sends a reply > 2048 bytes with invalid ID"""
    flags = DNSFlags(request.header.flags.flags_int())
    flags.set(["QR", "AA"])

    question = request.questions[0]

    header = DNSHeader(0x0000, flags, 1, 0, 0, 0)
    return header.bytes() + question.bytes() + b"\x42" * 2048
def truncated_over1k(request):
    """Sends a reply > 1024 bytes (but less than 2048 bytes) with valid header/question and TC flag set"""
    flags = DNSFlags(request.header.flags.flags_int())
    flags.set(["QR", "AA", "TC"])

    question = request.questions[0]

    header = DNSHeader(request.header.ID, flags, 1, 0, 0, 0)
    return header.bytes() + question.bytes() + b"\x42" * 1024
Esempio n. 6
0
def valid_exact1k(request):
    """Sends a reply exactly 1024 bytes long with valid header/question"""
    flags = DNSFlags(request.header.flags.flags_int())
    flags.set(["QR", "AA"])

    question = request.questions[0]

    header = DNSHeader(request.header.ID, flags, 1, 0, 0, 0)
    padlen = 1024 - len(header.bytes()) - len(question.bytes())
    return header.bytes() + question.bytes() + b"\x42" * padlen
def valid_exact1k(request):
    """Sends a reply exactly 1024 bytes long with valid header/question"""
    flags = DNSFlags(request.header.flags.flags_int())
    flags.set(["QR", "AA"])

    question = request.questions[0]

    header = DNSHeader(request.header.ID, flags, 1, 0, 0, 0)
    padlen = 1024 - len(header.bytes()) - len(question.bytes())
    return header.bytes() + question.bytes() + b"\x42" * padlen
Esempio n. 8
0
def payload_size(request, size):
    """Send a reply with a valid payload of specified length"""
    flags = DNSFlags(request.header.flags.flags_int())
    flags.set(["QR", "AA"])

    question = request.questions[0]
    rtype = question.qtype

    if rtype == 28:
        answer = dw(0xc00c) + dw(rtype) + dw(1) + dd(0) + dw(16) + b"\x42" * 16
    elif rtype == 1:
        answer = dw(0xc00c) + dw(rtype) + dw(1) + dd(0) + dw(4) + b"\x42" * 4

    ancount = 1 + size // len(answer)

    header = DNSHeader(request.header.ID, flags, 1, ancount, 0, 0)
    return header.bytes() + question.bytes() + b"".join([answer[:-2] + dw(i) for i in range(ancount)])
Esempio n. 9
0
def attack_udp_only(request):

    flags = DNSFlags(request.header.flags.flags_int())
    flags.set(["QR", "AA"])

    namelen = len(request.questions[0].bytes()) - 4  
    ancount = (2048 - 16 - namelen) // (len(request.questions[0].bytes()) + 10)

    header = DNSHeader(request.header.ID, flags, 1, ancount, 0, 1)
    question = request.questions[0]
    answers = []

    for i in range(ancount):
        answers.append(DNSRR(question.labels, 1, 1, 0, 4, bytes([i]*4)))

    additional = DNSRR(question.labels, 16, 1, 0, 16, bytes([15] + [68]*15))

    return DNSMessage(header, [question], answers, [], [additional])