Python: 从 DNS 获取 RA 标志
Python: Get the RA flag from DNS
我正在尝试专门从 DNS 获取递归可用 (RA) 标志。根据 RFC 1035,如果没有递归,它应该 return 为零,否则为非零。如果 DNS 响应被 Quad9 DNS 服务阻止,它 return 是一个带有“RA:0”
的“NXDOMAIN”
但是,使用 DNSPython 总是 returns 非零 (128)。这可以在 library 中硬编码吗?
import dns
import dns.resolver
# Allowed Domain
# should return an IP address with "RA" non-zero
domain = "google.com"
# Blocked domain
# Should return NXDOMAIN with "RA" to 0
#domain = "takelady.net" ---> UNCOMMENT
# Set Resolver to Quad9 (quad9.net)
my_resolver = dns.resolver.Resolver()
my_resolver.nameservers = ['9.9.9.9']
try:
dns_response = dns.resolver.query(domain, "A")
for resp in dns_response:
print("[+]", resp.to_text())
print("RA flag:", dns.flags.RA)
except dns.resolver.NXDOMAIN:
print("[+] NXDOMAIN")
print("RA flag:", dns.flags.RA)
pass
except dns.resolver.NoAnswer:
print("[+] NoAnswer")
pass
except dns.resolver.Timeout:
print("[+] Timeout")
pass
允许的响应:
[+] 172.217.214.100
[+] 172.217.214.101
[+] 172.217.214.138
[+] 172.217.214.139
[+] 172.217.214.113
[+] 172.217.214.102
RA flag: 128
已阻止响应:
[+] NXDOMAIN
RA flag: 128
您没有使用您创建的解析器对象,因此查询转到系统解析器。你应该改用这个:
dns_response = my_resolver.query(domain, "A")
query()执行搜索列表处理,所以你应该先清除搜索列表,像这样:
my_resolver = dns.resolver.Resolver()
my_resolver.nameservers = ['9.9.9.9']
my_resolver.search = []
最后,NXDOMAIN响应导致异常,需要从异常中的响应对象中读取flags,像这样:
except dns.resolver.NXDOMAIN as e:
print("[+] NXDOMAIN")
for (name, resp) in e.responses().items():
print(name, "RA flag:", resp.flags & dns.flags.RA)
我正在尝试专门从 DNS 获取递归可用 (RA) 标志。根据 RFC 1035,如果没有递归,它应该 return 为零,否则为非零。如果 DNS 响应被 Quad9 DNS 服务阻止,它 return 是一个带有“RA:0”
的“NXDOMAIN”但是,使用 DNSPython 总是 returns 非零 (128)。这可以在 library 中硬编码吗?
import dns
import dns.resolver
# Allowed Domain
# should return an IP address with "RA" non-zero
domain = "google.com"
# Blocked domain
# Should return NXDOMAIN with "RA" to 0
#domain = "takelady.net" ---> UNCOMMENT
# Set Resolver to Quad9 (quad9.net)
my_resolver = dns.resolver.Resolver()
my_resolver.nameservers = ['9.9.9.9']
try:
dns_response = dns.resolver.query(domain, "A")
for resp in dns_response:
print("[+]", resp.to_text())
print("RA flag:", dns.flags.RA)
except dns.resolver.NXDOMAIN:
print("[+] NXDOMAIN")
print("RA flag:", dns.flags.RA)
pass
except dns.resolver.NoAnswer:
print("[+] NoAnswer")
pass
except dns.resolver.Timeout:
print("[+] Timeout")
pass
允许的响应:
[+] 172.217.214.100
[+] 172.217.214.101
[+] 172.217.214.138
[+] 172.217.214.139
[+] 172.217.214.113
[+] 172.217.214.102
RA flag: 128
已阻止响应:
[+] NXDOMAIN
RA flag: 128
您没有使用您创建的解析器对象,因此查询转到系统解析器。你应该改用这个:
dns_response = my_resolver.query(domain, "A")
query()执行搜索列表处理,所以你应该先清除搜索列表,像这样:
my_resolver = dns.resolver.Resolver()
my_resolver.nameservers = ['9.9.9.9']
my_resolver.search = []
最后,NXDOMAIN响应导致异常,需要从异常中的响应对象中读取flags,像这样:
except dns.resolver.NXDOMAIN as e:
print("[+] NXDOMAIN")
for (name, resp) in e.responses().items():
print(name, "RA flag:", resp.flags & dns.flags.RA)