Clever Geek Handbook

Python Scapy Recursive DNS Query - Script from Book

I am reading a Python book and it has a tutorial for installing and using scapy. One scenario to try is "recursive DNS query for www.oreilly.com using the Caltech University public DNS server." I'm not sure why anyone would want to do this for any useful reason. If someone can also explain why this is useful, that would be awesome.: D

I run scapy from the directory bin

, ./bin/scapy

after installing this program on my computer. Scapy version:Welcome to Scapy (2.2.0)

Well, anyway, this is the script that doesn't work for me:

sr1(IP(dst="131.215.9.49")/UDP()/DNS(rd=1,qd=DNSQR(qname="www.oreilly.com")))

Printing does it all:

Begin emission:
Finished to send 1 packets. 
.......tons of never ending dots in the shell.............................
..........................................................................
.......................................................................etc

How can I fix this script to make it work? I have looked at some of the functions and / or methods using help()

, but that didn't give me enough information to troubleshoot. I was hoping that someone familiar with this would read this for some reason and help me figure it out.

Thanks for this.

Happy Holidays

user_loser

+3


source to share


1 answer


It just seems like your package is not getting a response (which is fine, there is no reason why 131.215.9.49 should respond to your recursive queries).

If you want your call to sr1()

complete, you can add an argument timeout=

(the value is in seconds).

If you want to make sure 131.215.9.49 is not responding, but your call sr1()

works, you can:



  • Problem host www.oreilly.com 131.215.9.49

    from shell and check what you get ;; connection timed out; no servers could be reached

    .
  • Change 131.215.9.49 with the IP address of your DNS server (this answer should answer your recursive queries) and check if you get the answer.

You can also, to understand what's going on, try running tcpdump

while your tests are running and see if and / or what packets are being sent.

+2


source






More articles:


All Articles