收听DNS请求

时间:2012-11-19 19:39:30

标签: c sockets dns

我正在尝试在我的localhost上收听浏览器的DNS请求。

我写了这段代码:

WSADATA wsaData;
unsigned char hostname[100];

int sockfd;
struct addrinfo hints, *servinfo, *p;
int rv;
int numbytes;
struct sockaddr_storage their_addr;
char buf[1000];
socklen_t addr_len;

memset(&hints, 0, sizeof hints);
hints.ai_family = AF_UNSPEC; // set to AF_INET to force IPv4
hints.ai_socktype = SOCK_DGRAM;
hints.ai_flags = AI_PASSIVE; // use my IP


if (WSAStartup(MAKEWORD(2,0), &wsaData) != 0) 
{
    fprintf(stderr, "WSAStartup failed.\n");
    exit(1);
}

if ((rv = getaddrinfo(NULL, "53", &hints, &servinfo)) != 0) {
    fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(rv));
    return 1;
}

// loop through all the results and bind to the first we can
for(p = servinfo; p != NULL; p = p->ai_next) {
    if ((sockfd = socket(AF_INET, SOCK_DGRAM,IPPROTO_UDP)) == -1) {
        perror("listener: socket");
        continue;
    }

    if (bind(sockfd, p->ai_addr, p->ai_addrlen) == -1) {
        closesocket(sockfd);
        perror("listener: bind");
        continue;
    }

    break;
}

if (p == NULL) {
    fprintf(stderr, "listener: failed to bind socket\n");
    return 2;
}

freeaddrinfo(servinfo);

printf("listener: waiting to recvfrom...\n");
addr_len = sizeof their_addr;
if ((numbytes = recvfrom(sockfd, buf, 1000-1 , 0,(struct sockaddr *)&their_addr, &addr_len)) == -1) {
    perror("recvfrom");
    exit(1);

    printf("listener: packet is %d bytes long\n", numbytes);
    buf[numbytes] = '\0';
    printf("listener: packet contains \"%s\"\n", buf);
}

closesocket(sockfd);

我得到了一些39字节的奇怪数据包,其中包含一些我无法读取的字符...而且,当没有冲浪到任何东西时,它总是在53上获取数据包,这不是听dns请求的好方法吗?

我在Windows上将DNS Ip更改为127.0.0.1。

亲切的问候,

2 个答案:

答案 0 :(得分:4)

DNS不是像HTTP这样的基于文本的协议,你应该对数据包进行解码。查看RFC 1035了解详情。

答案 1 :(得分:0)

我解析过这样的话:

    pointer = substring( buffer, 14, numbytes-18);
    //printf("Substring: %s \n",pointer);
    //printf("listener: packet contains \"%x\"\n", buffer);

    for( i = 0; i < strlen(pointer); i++)
    {
        // Indien kleiner als 32 dan moet het een . worden
        if(pointer[i] < 32)
            result[i] = '.';
        // Indien groeter als 32 en kleiner als 127 is het een char
        else if(pointer[i] > 32 && pointer[i] < 127)
            result[i] = (char)(pointer[i]);
        else
            continue;
    }
    result[i] = '\0';

然后在您的搜索结果中,您会看到类似“www.google.com”的内容。

相关问题
最新问题