Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/python-3.x/18.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Python 拦截DNS请求-推断QR、Opccode、AA、TC等_Python_Python 3.x_Dns - Fatal编程技术网
Fatal编程技术网
  • python/
  • Python 拦截DNS请求-推断QR、Opccode、AA、TC等

Python 拦截DNS请求-推断QR、Opccode、AA、TC等

python python-3.x dns

Python 拦截DNS请求-推断QR、Opccode、AA、TC等,python,python-3.x,dns,Python,Python 3.x,Dns,试图通过启动一个小型udp服务器来拦截传入的DNS请求,但最终尝试了 为了推导QR、操作码、AA、TC等,我们正在进行: DNS_QUERY_MESSAGE_HEADER = struct.Struct("!6H") id, misc, qdcount, ancount, nscount, arcount = DNS_QUERY_MESSAGE_HEADER.unpack_from(message) qr = (misc & 0x8000) != 0 opcode = (misc &a

试图通过启动一个小型udp服务器来拦截传入的DNS请求,但最终尝试了

为了推导QR、操作码、AA、TC等,我们正在进行:

DNS_QUERY_MESSAGE_HEADER = struct.Struct("!6H")
id, misc, qdcount, ancount, nscount, arcount = DNS_QUERY_MESSAGE_HEADER.unpack_from(message)

qr = (misc & 0x8000) != 0
opcode = (misc & 0x7800) >> 11
aa = (misc & 0x0400) != 0
tc = (misc & 0x200) != 0
rd = (misc & 0x100) != 0
ra = (misc & 0x80) != 0
z = (misc & 0x70) >> 4
rcode = misc & 0xF
虽然Scapy让一切变得超级简单(),但我想利用这个机会在这里学到更多

我如何确定使用0x8000、0x7800、0x0400。。0x70、0xF等用于执行这些AND?我们如何找到并锁定这些值

DNS wire格式在中定义

例如,您有:

4.1.1. Header section format

The header contains the following fields:

                                    1  1  1  1  1  1
      0  1  2  3  4  5  6  7  8  9  0  1  2  3  4  5
    +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
    |                      ID                       |
    +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
    |QR|   Opcode  |AA|TC|RD|RA|   Z    |   RCODE   |
    +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
    |                    QDCOUNT                    |
    +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
    |                    ANCOUNT                    |
    +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
    |                    NSCOUNT                    |
    +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
    |                    ARCOUNT                    |
    +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
您在顶部看到的是字节,因此将显示用于获取每个特定零件的必要偏移量

您还可以研究当前DNS解析器/生成器库是如何做到这一点的,例如在Python中:

4.1.1. Header section format

The header contains the following fields:

                                    1  1  1  1  1  1
      0  1  2  3  4  5  6  7  8  9  0  1  2  3  4  5
    +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
    |                      ID                       |
    +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
    |QR|   Opcode  |AA|TC|RD|RA|   Z    |   RCODE   |
    +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
    |                    QDCOUNT                    |
    +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
    |                    ANCOUNT                    |
    +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
    |                    NSCOUNT                    |
    +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
    |                    ARCOUNT                    |
    +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+