fixed errors in dns_tcp

Author: s0i37

dns_tcp.c

@@ -7,7 +7,6 @@
 
 #define BUF_SIZE 1024
 #define MAX_CON 10
-#define ZONE "txt.yourzone.tk"
 #define TIMEOUT 100
 #define DNS_SIZE 50
 
@@ -16,6 +15,7 @@ cl /c dns_tcp.c
 link /out:dns_tcp.exe dns_tcp.obj ws2_32.lib dnsapi.lib
 */
 
+char *zone;
 int new_connection = 1;
 int timeout;
 int dns_size;
@@ -45,18 +45,18 @@ void dns_send(char *buf, int buf_size, int socket)
     if(buf_size == 0)
     {
     	memset(dns, '\x00', 1000);
-    	sprintf(dns, "s%d.%d.00.%d.%s", bytes, buf_size, socket, ZONE);
+    	sprintf(dns, "s%d.%d.00.%d.%s", bytes, buf_size, socket, zone);
     	DnsQuery(dns, DNS_TYPE_A, DNS_QUERY_BYPASS_CACHE, (PIP4_ARRAY)0, &pDnsRecord, 0);
     }
     while(pos < buf_size)
 	{
 		j = 0;
 		memset(dns, '\x00', 1000);
-		j += sprintf(dns, "s%d.%d.", bytes, buf_size);
+		j += sprintf(dns, "%d.s%d.%d.", rand(), bytes, buf_size);
 		for(i = 0; (i < dns_size && pos < buf_size); i++, pos++)
 			j += sprintf(dns+j, "%02x", (unsigned char)buf[pos]);
 		j += sprintf(dns+j, ".%d", socket);
-		sprintf(dns+j, ".%s", ZONE);
+		sprintf(dns+j, ".%s", zone);
 		printf("[+] -> %s\n", dns);
 		while(1)
 		{
@@ -93,7 +93,7 @@ int dns_recv(char *buf, int buf_size, int socket)
     while(pos < buf_size)
     {
     	memset(dns, '\x00', 100);
-    	sprintf(dns, "r%d.%d.%s", pos, socket, ZONE);
+    	sprintf(dns, "%d.r%d.%d.%s", rand(), pos, socket, zone);
 
     	while(1)
     	{
@@ -160,6 +160,7 @@ void _recv(int * socket)
 	char buf[BUF_SIZE];
 	int buf_size;
 	int is_new = 1;
+	srand(time(0));
 	while(1)
 	{
 		if(! *socket)
@@ -284,6 +285,7 @@ void main(int argc, char **argv)
 	char *ip;
 	int port;
 
+	zone = getenv("ZONE");
 	timeout = getenv("TIMEOUT") ? atoi(getenv("TIMEOUT")) : TIMEOUT;
 	dns_size = (getenv("DNS_SIZE") ? atoi(getenv("DNS_SIZE")) : DNS_SIZE)/2;
 	mode = argv[1][0];

dns_tcp.exe

@@ -24,9 +24,10 @@ def __getattr__(self, item):
         return DomainName(item + '.' + self)
 
 
-D = DomainName('txt.yourzone.tk.')
+TXT_SIZE = int(250/2)
+D = DomainName('s0i37.ga.')
 IP = '10.0.0.1'
-TTL = 60 * 5
+TTL = 1
 datas = {}
 socks = {}
 new_connection = False
@@ -62,50 +63,58 @@ def dns_response(data):
 
     qname = request.q.qname
     qn = str(qname)
-    if qn.find(".txt.yourzone.tk") != -1:
-        if qn.split(".")[0].startswith("s"):
-            pos,size,data,sock = qn.split(".")[:4]
-            pos = int(pos[1:])
-            size = int(size)
-            if size > 0:
-                data = bytes.fromhex(data)
+    if qn.find("s0i37.ga") != -1:
+        try:
+            if qn.split(".")[1].startswith("s"):
+                rand,pos,size,data,sock = qn.split(".")[:5]
+                pos = int(pos[1:])
+                size = int(size)
+                if size > 0:
+                    data = bytes.fromhex(data)
+
+                    if not sock in datas:
+                        new_connection = True
+                        datas[sock] = {"size": None, "input": {}, "output": {}, "prev": None}
+
+                    if not sock in socks and last_socket:
+                        socks[last_socket] = sock
+                        last_socket = None
+
+                    datas[sock]["size"] = size
+                    if len(b"".join(datas[sock]["input"].values())) == pos:
+                        datas[sock]["input"][pos] = data
+                else:
+                    datas[sock]["size"] = -1
+                records[DomainName(qn)] = [A("127.0.0.1")]
+                print(f"[*] {qn}")
 
-                if not sock in datas:
-                    new_connection = True
-                    datas[sock] = {"size": None, "input": {}, "output": {}}
+            elif qn.split(".")[1].startswith("r"):
+                rand,pos,sock = qn.split(".")[:3]
+                pos = int(pos[1:])
 
                 if not sock in socks and last_socket:
                     socks[last_socket] = sock
                     last_socket = None
 
-                datas[sock]["size"] = size
-                datas[sock]["input"][pos] = data
-            else:
-                datas[sock]["size"] = -1
-            records[DomainName(qn)] = [A("127.0.0.1")]
-            print(f"[*] {qn}")
-
-        elif qn.split(".")[0].startswith("r"):
-            pos,sock = qn.split(".")[:2]
-            pos = int(pos[1:])
-
-            if not sock in socks and last_socket:
-                socks[last_socket] = sock
-                last_socket = None
+                if not sock in datas:
+                    new_connection = True
+                    datas[sock] = {"size": None, "input": {}, "output": {}, "prev": None}
+                    
+                if datas[sock]["size"] == -1:
+                    answer = "-"
+                elif pos in datas[sock]["output"]:
+                    answer = datas[sock]["output"][pos].hex()
+                else:
+                    answer = ""
+                records[DomainName(qn)] = [TXT(answer)]
 
-            if not sock in datas:
-                new_connection = True
-                datas[sock] = {"size": None, "input": {}, "output": {}}
+                if datas[sock]["prev"] != None and datas[sock]["prev"] != pos and datas[sock]["prev"] in datas[sock]["output"]:
+                    del( datas[sock]["output"][ datas[sock]["prev"] ] )
+                datas[sock]["prev"] = pos
 
-            if datas[sock]["size"] == -1:
-                answer = "-"
-            elif pos in datas[sock]["output"]:
-                answer = datas[sock]["output"][pos].hex()
-                del(datas[sock]["output"][pos])
-            else:
-                answer = ""
-            records[DomainName(qn)] = [TXT(answer)]
-            print(f"[*] {qn} {answer}")
+                print(f"[*] {qn} {answer}")
+        except Exception as e:
+            pass
 
     qtype = request.q.qtype
     qt = QTYPE[qtype]
@@ -196,7 +205,6 @@ def tcp_send(sock): # dns_recv
 def tcp_recv(sock): # dns_send
     global datas, socks
     buf = ""
-    FRAG = int(250/2)
     while True:
         try:
             if not buf:
@@ -208,8 +216,8 @@ def tcp_recv(sock): # dns_send
                         break
                     if not datas[socks[sock]]["output"].keys():
                         print(f"[+] <- {buf.hex()}")
-                        for p in range(0, len(buf), FRAG):
-                            datas[socks[sock]]["output"][p] = buf[p:p+FRAG]
+                        for p in range(0, len(buf), TXT_SIZE):
+                            datas[socks[sock]]["output"][p] = buf[p:p+TXT_SIZE]
                         buf = ""
                 else:
                     print("[*] connection closed, no data")
@@ -225,7 +233,7 @@ def _listen(port):
     global last_socket
     s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
     s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
-    s.bind(("0.0.0.0", port))
+    s.bind(("172.16.0.1", port))
     s.listen(10)
     while True:
         c,info = s.accept()