2017-01-14 00:58:52 +00:00
|
|
|
header
|
|
|
|
=====
|
|
|
|
|
2017-01-14 03:10:53 +00:00
|
|
|
How to create a JSON file with information about your project:
|
2017-01-14 00:58:52 +00:00
|
|
|
|
|
|
|
```bash
|
|
|
|
npm init
|
2017-01-14 03:05:53 +00:00
|
|
|
```
|
2017-01-14 03:10:53 +00:00
|
|
|
How to duplicate DNS crash:
|
2017-01-14 02:04:27 +00:00
|
|
|
|
2017-01-14 03:04:21 +00:00
|
|
|
```
|
2017-01-14 03:10:53 +00:00
|
|
|
>> cd ~/dns_test
|
|
|
|
>> node listen.js
|
2017-01-14 03:04:21 +00:00
|
|
|
```
|
2017-01-14 03:10:53 +00:00
|
|
|
Then in another terminal enter:
|
2017-01-14 00:58:52 +00:00
|
|
|
|
2017-01-14 03:04:21 +00:00
|
|
|
```
|
2017-01-14 17:08:07 +00:00
|
|
|
>> dig @224.0.0.251 -p 5353 -t PTR _cloud._tcp.local
|
2017-01-14 03:04:21 +00:00
|
|
|
```
|
|
|
|
|
2017-01-14 03:10:53 +00:00
|
|
|
The listener then crashes with an output of:
|
2017-01-14 03:04:21 +00:00
|
|
|
|
|
|
|
```
|
|
|
|
START DNS PACKET
|
|
|
|
/home/daplie/dns_test/node_modules/dns-js/lib/bufferconsumer.js:52
|
|
|
|
throw new Error('Buffer overflow')
|
|
|
|
^
|
|
|
|
|
|
|
|
Error: Buffer overflow
|
|
|
|
at BufferConsumer.slice (/home/daplie/dns_test/node_modules/dns-js/lib/bufferconsumer.js:52:13)
|
|
|
|
s at Function.DNSRecord.parse (/home/daplie/dns_test/node_modules/dns-js/lib/dnsrecord.js:237:46)
|
|
|
|
at /home/daplie/dns_test/node_modules/dns-js/lib/dnspacket.js:164:30
|
|
|
|
at Array.forEach (native)
|
|
|
|
at Function.DNSPacket.parse (/home/daplie/dns_test/node_modules/dns-js/lib/dnspacket.js:159:17)
|
|
|
|
at /home/daplie/dns_test/cloud-respond.js:86:31
|
|
|
|
at Array.forEach (native)
|
|
|
|
at /home/daplie/dns_test/cloud-respond.js:11:21
|
|
|
|
at Array.forEach (native)
|
|
|
|
at Object.module.exports.respond (/home/daplie/dns_test/cloud-respond.js:10:11)
|
|
|
|
|
|
|
|
```
|
2017-01-14 17:08:07 +00:00
|
|
|
After commenting out lines 45-53 in dns_test/node_modules/dns-js/lib/bufferconsumer.js
|
|
|
|
and rerunning the previous commands, the result is a new error:
|
|
|
|
|
|
|
|
```
|
|
|
|
START DNS PACKET
|
|
|
|
buffer.js:829
|
|
|
|
throw new RangeError('Index out of range');
|
|
|
|
^
|
|
|
|
|
|
|
|
RangeError: Index out of range
|
|
|
|
at checkOffset (buffer.js:829:11)
|
|
|
|
at Buffer.readUInt8 (buffer.js:867:5)
|
|
|
|
at BufferConsumer.byte (/home/daplie/dns_test/node_modules/dns-js/lib/bufferconsumer.js:67:22)
|
|
|
|
at BufferConsumer.name (/home/daplie/dns_test/node_modules/dns-js/lib/bufferconsumer.js:120:14)
|
|
|
|
at Function.DNSRecord.parse (/home/daplie/dns_test/node_modules/dns-js/lib/dnsrecord.js:187:14)
|
|
|
|
at /home/daplie/dns_test/node_modules/dns-js/lib/dnspacket.js:164:30
|
|
|
|
at Array.forEach (native)
|
|
|
|
at Function.DNSPacket.parse (/home/daplie/dns_test/node_modules/dns-js/lib/dnspacket.js:159:17)
|
|
|
|
at /home/daplie/dns_test/cloud-respond.js:86:31
|
|
|
|
at Array.forEach (native)
|
|
|
|
|
|
|
|
```
|
|
|
|
which is located in the node.js buffer module. The API is [here](https://nodejs.org/api/buffer.html).
|
|
|
|
|
|
|
|
|
|
|
|
When can a Buffer overflow problem occur in js?
|
2017-01-14 03:04:21 +00:00
|
|
|
|
|
|
|
|
2017-01-14 17:08:07 +00:00
|
|
|
What are the possible problems?
|
2017-01-14 03:04:21 +00:00
|
|
|
|
|
|
|
|
2017-01-14 17:08:07 +00:00
|
|
|
How to print out hex values of the DNS message in node.js?
|
2017-01-14 03:04:21 +00:00
|
|
|
|
|
|
|
```javascript
|
|
|
|
socket.on('message', function (message, rinfo) {
|
|
|
|
console.log('Received %d bytes from %s:%d\n',
|
|
|
|
message.length, rinfo.address, rinfo.port);
|
|
|
|
//console.log(msg.toString('utf8'));
|
|
|
|
|
|
|
|
console.log(message.toString('hex'));
|
|
|
|
```
|