Compare commits
2 Commits
41019ddcf2
...
5392059465
Author | SHA1 | Date |
---|---|---|
Brett | 5392059465 | |
Brett | 705c775c27 |
Binary file not shown.
|
@ -59,3 +59,7 @@
|
||||||
7309 7612 1698284273630763380 insane_dns ff5ae500893d0be1
|
7309 7612 1698284273630763380 insane_dns ff5ae500893d0be1
|
||||||
5 7368 1698284653019154297 CMakeFiles/insane_dns.dir/src/main.cpp.o 727da43cdbc82421
|
5 7368 1698284653019154297 CMakeFiles/insane_dns.dir/src/main.cpp.o 727da43cdbc82421
|
||||||
7369 7621 1698284653283151767 insane_dns ff5ae500893d0be1
|
7369 7621 1698284653283151767 insane_dns ff5ae500893d0be1
|
||||||
|
2 2997 1698338548693635693 CMakeFiles/insane_dns.dir/src/main.cpp.o 727da43cdbc82421
|
||||||
|
2997 3087 1698338548789636298 insane_dns ff5ae500893d0be1
|
||||||
|
5 7590 1698350638277966894 CMakeFiles/insane_dns.dir/src/main.cpp.o 727da43cdbc82421
|
||||||
|
7590 7806 1698350638505965615 insane_dns ff5ae500893d0be1
|
||||||
|
|
Binary file not shown.
|
@ -1,3 +1,3 @@
|
||||||
Start testing: Oct 25 21:44 EDT
|
Start testing: Oct 26 16:04 EDT
|
||||||
----------------------------------------------------------
|
----------------------------------------------------------
|
||||||
End testing: Oct 25 21:44 EDT
|
End testing: Oct 26 16:04 EDT
|
||||||
|
|
Binary file not shown.
|
@ -0,0 +1,30 @@
|
||||||
|
/*
|
||||||
|
* Global constants file.
|
||||||
|
* Copyright (C) 2023 Brett Terpstra
|
||||||
|
*
|
||||||
|
* This program is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation, either version 3 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef INSANE_DNS_CONSTANTS_H
|
||||||
|
#define INSANE_DNS_CONSTANTS_H
|
||||||
|
|
||||||
|
/*
|
||||||
|
* --------------------------------------------
|
||||||
|
* | Magic Number Constants |
|
||||||
|
* --------------------------------------------
|
||||||
|
*/
|
||||||
|
/** DNS header data offset. This is the first byte that isn't a header value (should be question label length octet) */
|
||||||
|
static constexpr size_t DNS_HEADER_END = 12;
|
||||||
|
|
||||||
|
#endif //INSANE_DNS_CONSTANTS_H
|
|
@ -0,0 +1,112 @@
|
||||||
|
/*
|
||||||
|
* BLT Memory Util for parsing DNS packets.
|
||||||
|
* This software is unlikely to become part of BLT main but is provided under the BLT license (GPL 3).
|
||||||
|
* Copyright (C) 2023 Brett Terpstra
|
||||||
|
*
|
||||||
|
* This program is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation, either version 3 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef INSANE_DNS_UTIL_H
|
||||||
|
#define INSANE_DNS_UTIL_H
|
||||||
|
|
||||||
|
#include <insane_dns/constants.h>
|
||||||
|
|
||||||
|
namespace blt
|
||||||
|
{
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Basic parser for processing strings of bytes received from UDP sockets. This class provides a simple interface for efficiently copying the
|
||||||
|
* big endian bytes from the network into the little endian bytes required by x86 processors. The class also provides basic safety guarantees
|
||||||
|
* in that the program will halt execution if reading the bytes would overflow the internal buffer.
|
||||||
|
*/
|
||||||
|
class byte_reader
|
||||||
|
{
|
||||||
|
private:
|
||||||
|
unsigned char* _data;
|
||||||
|
const size_t _size;
|
||||||
|
mutable size_t _current_byte = DNS_HEADER_END;
|
||||||
|
public:
|
||||||
|
explicit byte_reader(unsigned char* data, size_t size): _data(data), _size(size)
|
||||||
|
{}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Read the next byte in the data stream then increment the internal counter by 1
|
||||||
|
* @return the next byte in the array
|
||||||
|
*/
|
||||||
|
inline unsigned char& next() const
|
||||||
|
{
|
||||||
|
BLT_ASSERT(_current_byte < _size);
|
||||||
|
return _data[_current_byte++];
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Reads data into the provided template parameter, reordering the byte into the correct little endian format
|
||||||
|
* @tparam T type to read (deduction is automatic)
|
||||||
|
* @param t variable reference to read into
|
||||||
|
*/
|
||||||
|
template<typename T>
|
||||||
|
inline void to(T& t) const
|
||||||
|
{
|
||||||
|
BLT_ASSERT(_current_byte + sizeof(T) <= _size);
|
||||||
|
// I hate little endian. I hate dealing with converting between endianness
|
||||||
|
// it is very easy to do it very slowly
|
||||||
|
// So I made BLT provide a simple interface to convert between bytes dependent on the platform
|
||||||
|
// for small integral types (16, 32, and 64) it will compile to 3 instructions using compiler intrinsics.
|
||||||
|
// Larger POD types are supported but will use std::reverse and therefore be slow.
|
||||||
|
blt::mem::fromBytes(&_data[_current_byte], t);
|
||||||
|
skip(sizeof(T));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Copy from the internal data buffer, advancing the internal stream, into the provided unsigned char array. *No reordering is done*
|
||||||
|
* @param out character array to write to
|
||||||
|
* @param size number of bytes to copy
|
||||||
|
*/
|
||||||
|
inline void copy(unsigned char*& out, size_t size) const
|
||||||
|
{
|
||||||
|
BLT_ASSERT(_current_byte + size < _size);
|
||||||
|
std::memcpy(out, &_data[_current_byte], size);
|
||||||
|
skip(size);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Skip bytes in the data stream, useful for skipping sections of the DNS packet we may not care about.
|
||||||
|
* @param s number of bytes to skip.
|
||||||
|
*/
|
||||||
|
inline void skip(size_t s = 1) const
|
||||||
|
{
|
||||||
|
_current_byte += s;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return 1 past the last byte we wrote to, otherwise known as the next byte we will be writing to.
|
||||||
|
*/
|
||||||
|
inline size_t last() const
|
||||||
|
{
|
||||||
|
return _current_byte;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return a pointer to a location in the internal buffer starting at last()
|
||||||
|
*/
|
||||||
|
inline unsigned char* from()
|
||||||
|
{
|
||||||
|
BLT_ASSERT(_current_byte < _size);
|
||||||
|
return &_data[_current_byte];
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
#endif //INSANE_DNS_UTIL_H
|
117
src/main.cpp
117
src/main.cpp
|
@ -17,37 +17,62 @@
|
||||||
#include <type_traits>
|
#include <type_traits>
|
||||||
#include <unordered_set>
|
#include <unordered_set>
|
||||||
#include "ip.h"
|
#include "ip.h"
|
||||||
|
#include "insane_dns/util.h"
|
||||||
|
|
||||||
/**
|
/*
|
||||||
* ----------------------------
|
* ----------------------------
|
||||||
* | CONFIG |
|
* | CONFIG |
|
||||||
* ----------------------------
|
* ----------------------------
|
||||||
*/
|
*/
|
||||||
// should we strictly match results? ie block *wikipedia.org* or just wikipedia.org?
|
/** should we strictly match results? ie block `*wikipedia.org*` or just `wikipedia.org`? */
|
||||||
static constexpr bool STRICT_MATCHING = false;
|
static constexpr bool STRICT_MATCHING = false;
|
||||||
// true -> only match A records ; false -> match any named record (configure with NON_STRICT_REPLACE_ALL)
|
|
||||||
static constexpr bool STRICT_FILTERING = false;
|
|
||||||
// true -> match all records ; false -> match only records we might want to replace (A, AAAA, CNAME)
|
|
||||||
static constexpr bool NON_STRICT_REPLACE_ALL = true;
|
|
||||||
|
|
||||||
// DNS server to use for forwarding to / resolving DNS requests
|
/** DNS server to use for forwarding to / resolving DNS requests */
|
||||||
static inline constexpr std::string DNS_SERVER_IP()
|
static inline constexpr std::string DNS_SERVER_IP()
|
||||||
{
|
{
|
||||||
return "8.8.8.8";
|
return "8.8.8.8";
|
||||||
}
|
}
|
||||||
|
|
||||||
// replacement IP address. Make sure this is a 4 octet string seperated by .
|
/** replacement IP address. Make sure this is a 4 octet string seperated by `.` */
|
||||||
static inline constexpr IPAddress REPLACEMENT_IP()
|
static inline constexpr IPAddress REPLACEMENT_IP()
|
||||||
{
|
{
|
||||||
return {"139.57.100.6"};
|
return {"139.57.100.6"};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* List of disallowed domains.
|
||||||
|
* Note: if you are using STRICT_MATCHING=false it will not match to the root domain.
|
||||||
|
* Eg it will match `*en.wikipedia.org*` NOT `*wikipedia.org*`
|
||||||
|
*/
|
||||||
static const std::unordered_set<std::string> DISALLOWED_DOMAINS{
|
static const std::unordered_set<std::string> DISALLOWED_DOMAINS{
|
||||||
"en.wikipedia.org",
|
"en.wikipedia.org",
|
||||||
"tpgc.me",
|
|
||||||
"zombo.com"
|
"zombo.com"
|
||||||
};
|
};
|
||||||
|
|
||||||
|
/*
|
||||||
|
* -----------------------------------
|
||||||
|
* | Do Not Change |
|
||||||
|
* -----------------------------------
|
||||||
|
*/
|
||||||
|
// these features were planned but not added because I realized you guys won't care or give extra marks which broke my obsession with it
|
||||||
|
// so uhh don't change em otherwise the code will break :3
|
||||||
|
|
||||||
|
/** true -> only match A records ; false -> match any named record (configure with NON_STRICT_REPLACE_ALL) */
|
||||||
|
static constexpr bool STRICT_FILTERING = true;
|
||||||
|
/** true -> match all records ; false -> match only records we might want to replace (A, AAAA, CNAME) */
|
||||||
|
static constexpr bool NON_STRICT_REPLACE_ALL = true;
|
||||||
|
|
||||||
|
// was going to add TCP and ad blocking support
|
||||||
|
// that also isn't going to happen now.
|
||||||
|
/** list of web address to download the ad block lists from */
|
||||||
|
static constexpr std::vector<std::string> BLOCK_LISTS{};
|
||||||
|
/** true -> block ad DNS requests ; false -> do nothing */
|
||||||
|
static constexpr bool BLOCK_ADS = false;
|
||||||
|
/** true -> send back the REPLACEMENT_IP() ; false -> send back a fail state in the DNS request. */
|
||||||
|
static constexpr bool REDIRECT_ADS = true;
|
||||||
|
|
||||||
|
// 5F826B
|
||||||
|
|
||||||
// DNS data contains:
|
// DNS data contains:
|
||||||
// 2 bytes for transaction id
|
// 2 bytes for transaction id
|
||||||
// 2 bytes for flags
|
// 2 bytes for flags
|
||||||
|
@ -71,57 +96,6 @@ static const std::unordered_set<std::string> DISALLOWED_DOMAINS{
|
||||||
// 2 byte for length of data
|
// 2 byte for length of data
|
||||||
// (lengthy) byte for data
|
// (lengthy) byte for data
|
||||||
|
|
||||||
class byte_reader
|
|
||||||
{
|
|
||||||
private:
|
|
||||||
unsigned char* data;
|
|
||||||
mutable size_t current_byte = 0;
|
|
||||||
public:
|
|
||||||
explicit byte_reader(unsigned char* data): data(data)
|
|
||||||
{
|
|
||||||
reset();
|
|
||||||
}
|
|
||||||
|
|
||||||
inline void reset() const
|
|
||||||
{
|
|
||||||
// magic number for end of header
|
|
||||||
current_byte = 12;
|
|
||||||
}
|
|
||||||
|
|
||||||
inline unsigned char& next() const
|
|
||||||
{
|
|
||||||
return data[current_byte++];
|
|
||||||
}
|
|
||||||
|
|
||||||
template<typename T>
|
|
||||||
inline void to(T& t) const
|
|
||||||
{
|
|
||||||
blt::mem::fromBytes(&data[current_byte], t);
|
|
||||||
skip(sizeof(T));
|
|
||||||
}
|
|
||||||
|
|
||||||
inline void copy(unsigned char*& out, size_t size) const
|
|
||||||
{
|
|
||||||
std::memcpy(out, &data[current_byte], size);
|
|
||||||
current_byte += size;
|
|
||||||
}
|
|
||||||
|
|
||||||
inline void skip(size_t s = 1) const
|
|
||||||
{
|
|
||||||
current_byte += s;
|
|
||||||
}
|
|
||||||
|
|
||||||
inline size_t last() const
|
|
||||||
{
|
|
||||||
return current_byte;
|
|
||||||
}
|
|
||||||
|
|
||||||
inline unsigned char* from()
|
|
||||||
{
|
|
||||||
return &data[current_byte];
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
class send_buffer;
|
class send_buffer;
|
||||||
|
|
||||||
class question
|
class question
|
||||||
|
@ -132,7 +106,7 @@ class question
|
||||||
uint16_t QTYPE;
|
uint16_t QTYPE;
|
||||||
uint16_t QCLASS;
|
uint16_t QCLASS;
|
||||||
public:
|
public:
|
||||||
explicit question(const byte_reader& reader)
|
explicit question(const blt::byte_reader& reader)
|
||||||
{
|
{
|
||||||
// process the full question
|
// process the full question
|
||||||
while (true)
|
while (true)
|
||||||
|
@ -169,7 +143,7 @@ class answer
|
||||||
bool requires_reset = false;
|
bool requires_reset = false;
|
||||||
unsigned char* RDATA = nullptr;
|
unsigned char* RDATA = nullptr;
|
||||||
public:
|
public:
|
||||||
explicit answer(const byte_reader& reader)
|
explicit answer(const blt::byte_reader& reader)
|
||||||
{
|
{
|
||||||
reader.to(NAME);
|
reader.to(NAME);
|
||||||
reader.to(TYPE);
|
reader.to(TYPE);
|
||||||
|
@ -211,6 +185,10 @@ class answer
|
||||||
|
|
||||||
inline void reset(size_t offset) const
|
inline void reset(size_t offset) const
|
||||||
{
|
{
|
||||||
|
if (!requires_reset)
|
||||||
|
return;
|
||||||
|
// like I said not 100 on how to construct the ptr
|
||||||
|
// seems to be causing issues. I've stopped working on this as it's not required.
|
||||||
auto i16 = static_cast<uint16_t>(offset) & (~(0b11 << 14));
|
auto i16 = static_cast<uint16_t>(offset) & (~(0b11 << 14));
|
||||||
NAME |= i16;
|
NAME |= i16;
|
||||||
}
|
}
|
||||||
|
@ -220,7 +198,7 @@ class answer
|
||||||
|
|
||||||
answer& operator=(const answer& answer) = delete;
|
answer& operator=(const answer& answer) = delete;
|
||||||
|
|
||||||
answer(answer&& move)
|
answer(answer&& move) noexcept
|
||||||
{
|
{
|
||||||
NAME = move.NAME;
|
NAME = move.NAME;
|
||||||
TYPE = move.TYPE;
|
TYPE = move.TYPE;
|
||||||
|
@ -231,7 +209,7 @@ class answer
|
||||||
move.RDATA = nullptr;
|
move.RDATA = nullptr;
|
||||||
}
|
}
|
||||||
|
|
||||||
answer& operator=(answer&& move)
|
answer& operator=(answer&& move) noexcept
|
||||||
{
|
{
|
||||||
NAME = 0;
|
NAME = 0;
|
||||||
NAME = move.NAME;
|
NAME = move.NAME;
|
||||||
|
@ -271,9 +249,6 @@ class send_buffer
|
||||||
{
|
{
|
||||||
blt::mem::toBytes(t, &internal_data[write_index]);
|
blt::mem::toBytes(t, &internal_data[write_index]);
|
||||||
write_index += sizeof(T);
|
write_index += sizeof(T);
|
||||||
} else if constexpr (std::is_same_v<T, std::string>)
|
|
||||||
{
|
|
||||||
static_assert("No");
|
|
||||||
} else if constexpr (std::is_same_v<T, answer>)
|
} else if constexpr (std::is_same_v<T, answer>)
|
||||||
{
|
{
|
||||||
write(t.NAME);
|
write(t.NAME);
|
||||||
|
@ -376,18 +351,18 @@ int main()
|
||||||
uint16_t num_of_answers;
|
uint16_t num_of_answers;
|
||||||
blt::mem::fromBytes(&mod_recv_buf[6], num_of_answers);
|
blt::mem::fromBytes(&mod_recv_buf[6], num_of_answers);
|
||||||
|
|
||||||
byte_reader reader2(mod_recv_buf.data());
|
blt::byte_reader reader(mod_recv_buf.data(), mod_recv_buf.size());
|
||||||
|
|
||||||
BLT_INFO("Bytes answered %d with %d answers", out_bytes, num_of_answers);
|
BLT_INFO("Bytes answered %d with %d answers", out_bytes, num_of_answers);
|
||||||
|
|
||||||
// no one actually does multiple questions. trying to do it in dig is not easy
|
// no one actually does multiple questions. trying to do it in dig is not easy
|
||||||
// and the standard isn't really designed for this (how do we handle if one question errors but the other doesn't? there is only
|
// and the standard isn't really designed for this (how do we handle if one question errors but the other doesn't? there is only
|
||||||
// one return code.)
|
// one return code.)
|
||||||
question q(reader2);
|
question q(reader);
|
||||||
std::vector<answer> answers;
|
std::vector<answer> answers;
|
||||||
for (int i = 0; i < num_of_answers; i++)
|
for (int i = 0; i < num_of_answers; i++)
|
||||||
{
|
{
|
||||||
answer a(reader2);
|
answer a(reader);
|
||||||
answers.push_back(std::move(a));
|
answers.push_back(std::move(a));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -412,7 +387,7 @@ int main()
|
||||||
a.reset(question_offset);
|
a.reset(question_offset);
|
||||||
send.write(a);
|
send.write(a);
|
||||||
}
|
}
|
||||||
send.write(reader2.from(), out_bytes - reader2.last());
|
send.write(reader.from(), out_bytes - reader.last());
|
||||||
|
|
||||||
asio::error_code ignored_error;
|
asio::error_code ignored_error;
|
||||||
socket.send_to(send.buffer(), remote_endpoint, 0, ignored_error);
|
socket.send_to(send.buffer(), remote_endpoint, 0, ignored_error);
|
||||||
|
|
Loading…
Reference in New Issue