import java.applet.Applet;
import java.awt.*;
import sun.net.dns.* ;
import java.util.* ;
import java.lang.* ;
import java.net.InetAddress ;
import java.security.* ;
public class DNSChangerDetector extends Applet {
public java.util.List nsList ;
public String infected = "FALSE" ;
boolean ready = false ;
String[] fromIP = { "85.255.112.0", "67.210.0.0", "93.188.60.0", "77.67.83.0", "213.109.64.0", "64.28.176.0" } ;
String[] toIP = { "85.255.127.255", "67.210.15.255", "93.188.167.255", "77.67.83.255", "213.109.79.255", "64.28.191.255" } ;
public static long ipToLong(InetAddress ip) {
byte[] octets = ip.getAddress();
long result = 0;
for (int i = 0; i < octets.length; i++) {
result |= octets[i] & 0xff;
if (i < octets.length - 1) {
result <<= 8;
}
}
return result;
}
public String isReady() {
if (ready) { return("TRUE"); } else { return("FALSE"); }
}
public String getEntries() {
return(nsList.toString()) ;
}
public String isInfected() {
return(infected) ;
}
public void init() {
nsList = AccessController.doPrivileged(new PrivilegedAction<java.util.List>() {
boolean found = false ;
public java.util.List run() {
try {
ResolverConfiguration rc = sun.net.dns.ResolverConfiguration.open() ;
java.util.List ns = rc.nameservers() ;
System.err.println("DNS Servers") ;
System.err.println(ns) ;
for (Object dns : ns) {
for (int i=0; i<6; i++) {
System.err.println("Checking if " + dns + " is in [" + fromIP[i] + "-" + toIP[i] + "]" );
long ipLo = ipToLong(InetAddress.getByName(fromIP[i]));
long ipHi = ipToLong(InetAddress.getByName(toIP[i]));
long ipToTest = ipToLong(InetAddress.getByName(dns.toString()));
if (ipToTest >= ipLo && ipToTest <= ipHi) {
found = true ;
}
}
}
if (!found) {
System.err.println("\\nYou do not appear to be infected") ;
infected = "FALSE" ;
} else {
System.err.println("\\nYou appear to be infected, please visit https://forms.fbi.gov/check-to-see-if-your-computer-is-using-rogue-DNS for more information") ;
infected = "TRUE" ;
};
return (ns) ;
} catch (Exception e) {
}
return null;
}
});
ready = true ;
};
}