//DNS Query Program on Linux//Author : Silver Moon (m00n.silv3r@gmail.com)//

1. //DNS Query Program on Linux
2. //Author : Silver Moon ([email protected])
3. //Dated : 29/4/2009
4.  
5. //Header Files
6. #include<stdio.h> //printf
7. #include<string.h>    //strlen
8. #include<stdlib.h>    //malloc
9. #include<sys/socket.h>    //you know what this is for
10. #include<arpa/inet.h> //inet_addr , inet_ntoa , ntohs etc
11. #include<netinet/in.h>
12. #include<unistd.h>    //getpid
13.  
14. //List of DNS Servers registered on the system
15. char dns_servers[10][100];
16. int dns_server_count = 0;
17. //Types of DNS resource records :)
18.  
19. #define T_A 1 //Ipv4 address
20. #define T_NS 2 //Nameserver
21. #define T_CNAME 5 // canonical name
22. #define T_SOA 6 /* start of authority zone */
23. #define T_PTR 12 /* domain name pointer */
24. #define T_MX 15 //Mail server
25.  
26. //Function Prototypes
27. void ngethostbyname (unsigned char* , int);
28. void ChangetoDnsNameFormat (unsigned char*,unsigned char*);
29. unsigned char* ReadName (unsigned char*,unsigned char*,int*);
30. void get_dns_servers();
31.  
32. //DNS header structure
33. struct DNS_HEADER
34. {
35.     unsigned short id; // identification number
36.  
37.     unsigned char rd :1; // recursion desired
38.     unsigned char tc :1; // truncated message
39.     unsigned char aa :1; // authoritive answer
40.     unsigned char opcode :4; // purpose of message
41.     unsigned char qr :1; // query/response flag
42.  
43.     unsigned char rcode :4; // response code
44.     unsigned char cd :1; // checking disabled
45.     unsigned char ad :1; // authenticated data
46.     unsigned char z :1; // its z! reserved
47.     unsigned char ra :1; // recursion available
48.  
49.     unsigned short q_count; // number of question entries
50.     unsigned short ans_count; // number of answer entries
51.     unsigned short auth_count; // number of authority entries
52.     unsigned short add_count; // number of resource entries
53. };
54.  
55. //Constant sized fields of query structure
56. struct QUESTION
57. {
58.     unsigned short qtype;
59.     unsigned short qclass;
60. };
61.  
62. //Constant sized fields of the resource record structure
63. #pragma pack(push, 1)
64. struct R_DATA
65. {
66.     unsigned short type;
67.     unsigned short _class;
68.     unsigned int ttl;
69.     unsigned short data_len;
70. };
71. #pragma pack(pop)
72.  
73. //Pointers to resource record contents
74. struct RES_RECORD
75. {
76.     unsigned char *name;
77.     struct R_DATA *resource;
78.     unsigned char *rdata;
79. };
80.  
81. //Structure of a Query
82. typedef struct
83. {
84.     unsigned char *name;
85.     struct QUESTION *ques;
86. } QUERY;
87.  
88. int main( int argc , char *argv[])
89. {
90.     unsigned char hostname[100];
91.  
92.     //Get the DNS servers from the resolv.conf file
93.     get_dns_servers();
94.      
95.     //Get the hostname from the terminal
96.     printf("Enter Hostname to Lookup : ");
97.     scanf("%s" , hostname);
98.      
99.     //Now get the ip of this hostname , A record
100.     ngethostbyname(hostname , T_A);
101.  
102.     return 0;
103. }
104.  
105. /*
106.  * Perform a DNS query by sending a packet
107.  * */
108. void ngethostbyname(unsigned char *host , int query_type)
109. {
110.     unsigned char buf[65536],*qname,*reader;
111.     int i , j , stop , s;
112.  
113.     struct sockaddr_in a;
114.  
115.     struct RES_RECORD answers[20],auth[20],addit[20]; //the replies from the DNS server
116.     struct sockaddr_in dest;
117.  
118.     struct DNS_HEADER *dns = NULL;
119.     struct QUESTION *qinfo = NULL;
120.  
121.     printf("Resolving %s" , host);
122.  
123.     s = socket(AF_INET , SOCK_DGRAM , IPPROTO_UDP); //UDP packet for DNS queries
124.  
125.     dest.sin_family = AF_INET;
126.     dest.sin_port = htons(53);
127.     dest.sin_addr.s_addr = inet_addr(dns_servers[0]); //dns servers
128.  
129.     //Set the DNS structure to standard queries
130.     dns = (struct DNS_HEADER *)&buf;
131.  
132.     dns->id = (unsigned short) htons(getpid());
133.     dns->qr = 0; //This is a query
134.     dns->opcode = 0; //This is a standard query
135.     dns->aa = 0; //Not Authoritative
136.     dns->tc = 0; //This message is not truncated
137.     dns->rd = 1; //Recursion Desired
138.     dns->ra = 0; //Recursion not available! hey we dont have it (lol)
139.     dns->z = 0;
140.     dns->ad = 0;
141.     dns->cd = 0;
142.     dns->rcode = 0;
143.     dns->q_count = htons(1); //we have only 1 question
144.     dns->ans_count = 0;
145.     dns->auth_count = 0;
146.     dns->add_count = 0;
147.  
148.     //point to the query portion
149.     qname =(unsigned char*)&buf[sizeof(struct DNS_HEADER)];
150.  
151.     ChangetoDnsNameFormat(qname , host);
152.     qinfo =(struct QUESTION*)&buf[sizeof(struct DNS_HEADER) + (strlen((const char*)qname) + 1)]; //fill it
153.  
154.     qinfo->qtype = htons( query_type ); //type of the query , A , MX , CNAME , NS etc
155.     qinfo->qclass = htons(1); //its internet (lol)
156.  
157.     printf("\nSending Packet...");
158.     if( sendto(s,(char*)buf,sizeof(struct DNS_HEADER) + (strlen((const char*)qname)+1) + sizeof(struct QUESTION),0,(struct sockaddr*)&dest,sizeof(dest)) < 0)
159.     {
160.         perror("sendto failed");
161.     }
162.     printf("Done");
163.      
164.     //Receive the answer
165.     i = sizeof dest;
166.     printf("\nReceiving answer...");
167.     if(recvfrom (s,(char*)buf , 65536 , 0 , (struct sockaddr*)&dest , (socklen_t*)&i ) < 0)
168.     {
169.         perror("recvfrom failed");
170.     }
171.     printf("Done");
172.  
173.     dns = (struct DNS_HEADER*) buf;
174.  
175.     //move ahead of the dns header and the query field
176.     reader = &buf[sizeof(struct DNS_HEADER) + (strlen((const char*)qname)+1) + sizeof(struct QUESTION)];
177.  
178.     printf("\nThe response contains : ");
179.     printf("\n %d Questions.",ntohs(dns->q_count));
180.     printf("\n %d Answers.",ntohs(dns->ans_count));
181.     printf("\n %d Authoritative Servers.",ntohs(dns->auth_count));
182.     printf("\n %d Additional records.\n\n",ntohs(dns->add_count));
183.  
184.     //Start reading answers
185.     stop=0;
186.  
187.     for(i=0;i<ntohs(dns->ans_count);i++)
188.     {
189.         answers[i].name=ReadName(reader,buf,&stop);
190.         reader = reader + stop;
191.  
192.         answers[i].resource = (struct R_DATA*)(reader);
193.         reader = reader + sizeof(struct R_DATA);
194.  
195.         if(ntohs(answers[i].resource->type) == 1) //if its an ipv4 address
196.         {
197.             answers[i].rdata = (unsigned char*)malloc(ntohs(answers[i].resource->data_len));
198.  
199.             for(j=0 ; j<ntohs(answers[i].resource->data_len) ; j++)
200.             {
201.                 answers[i].rdata[j]=reader[j];
202.             }
203.  
204.             answers[i].rdata[ntohs(answers[i].resource->data_len)] = '\0';
205.  
206.             reader = reader + ntohs(answers[i].resource->data_len);
207.         }
208.         else
209.         {
210.             answers[i].rdata = ReadName(reader,buf,&stop);
211.             reader = reader + stop;
212.         }
213.     }
214.  
215.     //read authorities
216.     for(i=0;i<ntohs(dns->auth_count);i++)
217.     {
218.         auth[i].name=ReadName(reader,buf,&stop);
219.         reader+=stop;
220.  
221.         auth[i].resource=(struct R_DATA*)(reader);
222.         reader+=sizeof(struct R_DATA);
223.  
224.         auth[i].rdata=ReadName(reader,buf,&stop);
225.         reader+=stop;
226.     }
227.  
228.     //read additional
229.     for(i=0;i<ntohs(dns->add_count);i++)
230.     {
231.         addit[i].name=ReadName(reader,buf,&stop);
232.         reader+=stop;
233.  
234.         addit[i].resource=(struct R_DATA*)(reader);
235.         reader+=sizeof(struct R_DATA);
236.  
237.         if(ntohs(addit[i].resource->type)==1)
238.         {
239.             addit[i].rdata = (unsigned char*)malloc(ntohs(addit[i].resource->data_len));
240.             for(j=0;j<ntohs(addit[i].resource->data_len);j++)
241.             addit[i].rdata[j]=reader[j];
242.  
243.             addit[i].rdata[ntohs(addit[i].resource->data_len)]='\0';
244.             reader+=ntohs(addit[i].resource->data_len);
245.         }
246.         else
247.         {
248.             addit[i].rdata=ReadName(reader,buf,&stop);
249.             reader+=stop;
250.         }
251.     }
252.  
253.     //print answers
254.     printf("\nAnswer Records : %d \n" , ntohs(dns->ans_count) );
255.     for(i=0 ; i < ntohs(dns->ans_count) ; i++)
256.     {
257.         printf("Name : %s ",answers[i].name);
258.  
259.         if( ntohs(answers[i].resource->type) == T_A) //IPv4 address
260.         {
261.             long *p;
262.             p=(long*)answers[i].rdata;
263.             a.sin_addr.s_addr=(*p); //working without ntohl
264.             printf("has IPv4 address : %s",inet_ntoa(a.sin_addr));
265.         }
266.          
267.         if(ntohs(answers[i].resource->type)==5)
268.         {
269.             //Canonical name for an alias
270.             printf("has alias name : %s",answers[i].rdata);
271.         }
272.  
273.         printf("\n");
274.     }
275.  
276.     //print authorities
277.     printf("\nAuthoritive Records : %d \n" , ntohs(dns->auth_count) );
278.     for( i=0 ; i < ntohs(dns->auth_count) ; i++)
279.     {
280.          
281.         printf("Name : %s ",auth[i].name);
282.         if(ntohs(auth[i].resource->type)==2)
283.         {
284.             printf("has nameserver : %s",auth[i].rdata);
285.         }
286.         printf("\n");
287.     }
288.  
289.     //print additional resource records
290.     printf("\nAdditional Records : %d \n" , ntohs(dns->add_count) );
291.     for(i=0; i < ntohs(dns->add_count) ; i++)
292.     {
293.         printf("Name : %s ",addit[i].name);
294.         if(ntohs(addit[i].resource->type)==1)
295.         {
296.             long *p;
297.             p=(long*)addit[i].rdata;
298.             a.sin_addr.s_addr=(*p);
299.             printf("has IPv4 address : %s",inet_ntoa(a.sin_addr));
300.         }
301.         printf("\n");
302.     }
303.     return;
304. }
305.  
306. /*
307.  *
308.  * */
309. u_char* ReadName(unsigned char* reader,unsigned char* buffer,int* count)
310. {
311.     unsigned char *name;
312.     unsigned int p=0,jumped=0,offset;
313.     int i , j;
314.  
315.     *count = 1;
316.     name = (unsigned char*)malloc(256);
317.  
318.     name[0]='\0';
319.  
320.     //read the names in 3www6google3com format
321.     while(*reader!=0)
322.     {
323.         if(*reader>=192)
324.         {
325.             offset = (*reader)*256 + *(reader+1) - 49152; //49152 = 11000000 00000000 ;)
326.             reader = buffer + offset - 1;
327.             jumped = 1; //we have jumped to another location so counting wont go up!
328.         }
329.         else
330.         {
331.             name[p++]=*reader;
332.         }
333.  
334.         reader = reader+1;
335.  
336.         if(jumped==0)
337.         {
338.             *count = *count + 1; //if we havent jumped to another location then we can count up
339.         }
340.     }
341.  
342.     name[p]='\0'; //string complete
343.     if(jumped==1)
344.     {
345.         *count = *count + 1; //number of steps we actually moved forward in the packet
346.     }
347.  
348.     //now convert 3www6google3com0 to www.google.com
349.     for(i=0;i<(int)strlen((const char*)name);i++)
350.     {
351.         p=name[i];
352.         for(j=0;j<(int)p;j++)
353.         {
354.             name[i]=name[i+1];
355.             i=i+1;
356.         }
357.         name[i]='.';
358.     }
359.     name[i-1]='\0'; //remove the last dot
360.     return name;
361. }
362.  
363. /*
364.  * Get the DNS servers from /etc/resolv.conf file on Linux
365.  * */
366. void get_dns_servers()
367. {
368.     FILE *fp;
369.     char line[200] , *p;
370.     if((fp = fopen("/etc/resolv.conf" , "r")) == NULL)
371.     {
372.         printf("Failed opening /etc/resolv.conf file \n");
373.     }
374.      
375.     while(fgets(line , 200 , fp))
376.     {
377.         if(line[0] == '#')
378.         {
379.             continue;
380.         }
381.         if(strncmp(line , "nameserver" , 10) == 0)
382.         {
383.             p = strtok(line , " ");
384.             p = strtok(NULL , " ");
385.              
386.             //p now is the dns ip :)
387.             //????
388.         }
389.     }
390.      
391.     strcpy(dns_servers[0] , "208.67.222.222");
392.     strcpy(dns_servers[1] , "208.67.220.220");
393. }
394.  
395. /*
396.  * This will convert www.google.com to 3www6google3com
397.  * got it :)
398.  * */
399. void ChangetoDnsNameFormat(unsigned char* dns,unsigned char* host)
400. {
401.     int lock = 0 , i;
402.     strcat((char*)host,".");
403.      
404.     for(i = 0 ; i < strlen((char*)host) ; i++)
405.     {
406.         if(host[i]=='.')
407.         {
408.             *dns++ = i-lock;
409.             for(;lock<i;lock++)
410.             {
411.                 *dns++=host[lock];
412.             }
413.             lock++; //or lock=i+1;
414.         }
415.     }
416.     *dns++='\0';
417. }