4 * This is just a quick and dirty hack to grab the Version of ISC bind 8+9
\r
5 * nameservers. It detects the difference between bind 8+9 even if the version
\r
6 * has been disguised.
\r
7 * The code is 2 years old and i never shared it before, but as we
\r
8 * opened a tool section now, i think it's worth to share it to the public.
\r
10 * COMPILE (with Microsoft C++):
\r
14 * C:\ccode\THCbindinfo>THCbindinfo.exe 10.65.57.153
\r
16 * ----------------------------------------
\r
17 * DNS Version Query for BIND 8+9 Servers
\r
18 * coding jcyberpunk@thc.org
\r
19 * ----------------------------------------
\r
21 * Query for : 10.65.57.153 in progress...pleaze wait!
\r
23 * ahh...that must be a bind 8...trying to get more details...
\r
25 * DNS Version : BIND 8.3.4
\r
29 * http://www.thc.org
\r
35 #include <winsock2.h>
\r
38 #define errno WSAGetLastError()
\r
40 #define STATUS_FAILED 0xFFFF
\r
42 #pragma comment(lib, "ws2_32.lib")
\r
46 main(int argc,char **argv)
\r
48 struct sockaddr_in myudp;
\r
49 struct hostent * hp;
\r
51 unsigned short port=53;
\r
52 unsigned int addr=0;
\r
54 struct timeval mytimeout;
\r
56 char data[30]= {0x00,0x06,0x01,0x00,0x00,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x07,0x76,0x65,0x72,0x73,0x69,0x6f,0x6e,0x04,0x62,0x69,0x6e,0x64,0x00,0x00,0x10,0x00,0x03};
\r
57 unsigned char *dataout;
\r
58 unsigned int error, open;
\r
62 printf("\n----------------------------------------\n");
\r
63 printf("DNS Version Query for BIND 8+9 Servers\n");
\r
64 printf(" coding jcyberpunk@thc.org\n");
\r
65 printf("----------------------------------------\n\n");
\r
73 if (WSAStartup(MAKEWORD(2,1),&wsaData) != 0)
\r
75 fprintf(stderr,"WSAStartup failed: %d\n",GetLastError());
\r
76 ExitProcess(STATUS_FAILED);
\r
79 memset(&myudp,0,sizeof(myudp));
\r
81 hp = gethostbyname(argv[1]);
\r
84 addr = inet_addr(argv[1]);
\r
86 if ((!hp) && (addr == INADDR_NONE) )
\r
88 fprintf(stderr,"Unable to resolve %s\n",argv[1]);
\r
89 ExitProcess(STATUS_FAILED);
\r
93 memcpy(&(myudp.sin_addr),hp->h_addr,hp->h_length);
\r
95 myudp.sin_addr.s_addr = addr;
\r
98 myudp.sin_family = hp->h_addrtype;
\r
100 myudp.sin_family = AF_INET;
\r
102 printf("Query for : %s in progress...pleaze wait!\n\n",inet_ntoa(myudp.sin_addr));
\r
104 dataout=(char*)malloc(100);
\r
105 memset(dataout,0,sizeof(*dataout));
\r
108 mytimeout.tv_sec = TIMEOUT;
\r
109 mytimeout.tv_usec = 0;
\r
111 myudp.sin_port = htons(port);
\r
113 if ((udpsock = socket (PF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1)
\r
115 printf("error binding socket!\n");
\r
119 if (connect (udpsock, (struct sockaddr *) &myudp, sizeof (
\r
120 struct sockaddr_in)) == 0)
\r
124 FD_SET (udpsock, &r);
\r
125 mytimeout.tv_sec = TIMEOUT;
\r
126 mytimeout.tv_usec = 0;
\r
128 send (udpsock, data, sizeof data, 0);
\r
129 error = select ((udpsock + 1), &r, NULL, NULL, &mytimeout);
\r
133 printf("Port 53 udp is up, but i haven't received data within 5 seconds.\n");
\r
134 printf("it seems that this is not a bind 8 or 9 ! :(\n");
\r
139 printf("select error : %d\n",errno);
\r
142 open = recv(udpsock, dataout, 100, 0);
\r
145 printf("sorry, no nameserver running :(\n");
\r
150 if ((dataout[3]&127)==0)
\r
152 if(dataout[30]==192)
\r
154 printf ("ahh...that must be a bind 9...trying to get more details...\n\n");
\r
155 printf ("DNS Version : %s\n",dataout+43);
\r
159 printf ("ahh...that must be a bind 8...trying to get more details...\n\n");
\r
160 printf("DNS Version : %s\n",dataout+55);
\r
164 printf("DNS Version : unknown\n");
\r
166 shutdown(udpsock,1);
\r
167 closesocket(udpsock);
\r
171 printf("connect () error : %d\n",errno);
\r
180 printf("Gimme <Hostname|IP-Address>\n");
\r