coolaj86
/
dig.js
1
0
Fork 0
Code Issues Pull Requests Releases Activity

fix security check on id, note security concerns

This commit is contained in:
AJ ONeal 2017-10-06 18:42:37 -06:00
parent 6287f13f2b
commit b3d7408db4
3 changed files with 20 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@ -90,3 +90,10 @@ Options
--debug verbose output
```
Security Concerns
-----------------
The 16-bit `id` of the query must match that of the response.
Extra entropy is added by using `dns0x20`, the de facto standard for RanDOmCASiNg on the query which must be matched in the response.

4
bin/dig.js
View File

@ -189,7 +189,9 @@ cli.main(function (args, cli) {
var fail0x20;
if (packet.id !== query.id) {
console.log('ignoring packet for ', packet.question[0].name);
console.error('[SECURITY] ignoring packet for \'' + packet.question[0].name + '\' due to mismatched id');
console.error(packet);
return;
}
if (cli.debug) {

19
dns-request.js
View File

@ -8,24 +8,24 @@ function logQuestion(packet) {
var flags = "";
// TODO opcode 0 QUERY rcode 0 NOERROR
console.log(';; ->>HEADER<<- [opcode: ' + packet.header.opcode + ', status: ' + packet.header.rcode + '], id: ' + packet.header.id);
if (packet.header.tc) { console.log("Truncated [tc] (we don't know the normal way to print a tc packet... you should record this with -o tc-packet.dig and send it to us)"); }
console.info(';; ->>HEADER<<- [opcode: ' + packet.header.opcode + ', status: ' + packet.header.rcode + '], id: ' + packet.header.id);
if (packet.header.tc) { console.info("Truncated [tc] (we don't know the normal way to print a tc packet... you should record this with -o tc-packet.dig and send it to us)"); }
flags += ";; flags:";
if (packet.header.qr) { flags += " qr"; }
if (packet.header.aa) { flags += " aa"; }
if (packet.header.rd) { flags += " rd"; }
if (packet.header.ra) { flags += " ra"; }
flags += "; QUERY: " + packet.question.length + ", ANSWER: " + packet.answer.length + ", AUTHORITY: " + packet.authority.length + ", ADDITIONAL: " + packet.additional.length;
console.log(flags);
if (packet.header.res1) { console.log("[res1] (we don't know how to print a packet with res1 yet)"); }
if (packet.header.res2) { console.log("[res2] (we don't know how to print a packet with res2 yet)"); }
if (packet.header.res3) { console.log("[res3] (we don't know how to print a packet with res2 yet)"); }
console.info(flags);
if (packet.header.res1) { console.info("[res1] (we don't know how to print a packet with res1 yet)"); }
if (packet.header.res2) { console.info("[res2] (we don't know how to print a packet with res2 yet)"); }
if (packet.header.res3) { console.info("[res3] (we don't know how to print a packet with res2 yet)"); }
// {"id":32736,"qr":1,"opcode":0,"aa":0,"tc":0,"rd":1,"ra":0,"res1":0,"res2":0,"res3":0,"rcode":5}
//console.log(JSON.stringify(packet.header));
console.log('');
console.log(';; QUESTION SECTION:');
console.info('');
console.info(';; QUESTION SECTION:');
packet.question.forEach(function (q) {
console.log(';' + q.name + '.', ' ', q.className, q.typeName);
console.info(';' + q.name + '.', ' ', q.className, q.typeName);
});
}
@ -103,6 +103,7 @@ function resolve(queryAb, opts) {
function resolveJson(query, opts) {
var queryAb = dnsjs.DNSPacket.write(query);
//console.log('[DEV] nameserver', opts.nameserver);
var options = {
onError: opts.onError
, onMessage: function (nb) {