--- /dev/null
+/*\r
+ * THC/2004\r
+ * \r
+ * This is just a quick and dirty hack to grab the Version of ISC bind 8+9\r
+ * nameservers. It detects the difference between bind 8+9 even if the version\r
+ * has been disguised.\r
+ * The code is 2 years old and i never shared it before, but as we\r
+ * opened a tool section now, i think it's worth to share it to the public.\r
+ *\r
+ * COMPILE (with Microsoft C++): \r
+ * cl THCbindinfo.c\r
+ *\r
+ * RUN:\r
+ * C:\ccode\THCbindinfo>THCbindinfo.exe 10.65.57.153\r
+ * \r
+ * ----------------------------------------\r
+ * DNS Version Query for BIND 8+9 Servers\r
+ * coding jcyberpunk@thc.org\r
+ * ----------------------------------------\r
+ *\r
+ * Query for : 10.65.57.153 in progress...pleaze wait!\r
+ * \r
+ * ahh...that must be a bind 8...trying to get more details...\r
+ * \r
+ * DNS Version : BIND 8.3.4\r
+ * \r
+ * Enjoy,\r
+ * \r
+ * http://www.thc.org\r
+ */\r
+\r
+#include <stdlib.h>\r
+#include <stdio.h>\r
+#include <string.h>\r
+#include <winsock2.h>\r
+\r
+#define TIMEOUT 5 \r
+#define errno WSAGetLastError()\r
+\r
+#define STATUS_FAILED 0xFFFF\r
+\r
+#pragma comment(lib, "ws2_32.lib")\r
+\r
+void usage();\r
+\r
+main(int argc,char **argv)\r
+{\r
+ struct sockaddr_in myudp;\r
+ struct hostent * hp;\r
+ SOCKET udpsock;\r
+ unsigned short port=53;\r
+ unsigned int addr=0;\r
+ fd_set r;\r
+ struct timeval mytimeout;\r
+\r
+ char data[30]= {0x00,0x06,0x01,0x00,0x00,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x07,0x76,0x65,0x72,0x73,0x69,0x6f,0x6e,0x04,0x62,0x69,0x6e,0x64,0x00,0x00,0x10,0x00,0x03};\r
+ unsigned char *dataout;\r
+ unsigned int error, open;\r
+\r
+ WSADATA wsaData;\r
+\r
+ printf("\n----------------------------------------\n");\r
+ printf("DNS Version Query for BIND 8+9 Servers\n");\r
+ printf(" coding jcyberpunk@thc.org\n");\r
+ printf("----------------------------------------\n\n");\r
+\r
+ if(argc != 2)\r
+ {\r
+ usage();\r
+ exit(-1);\r
+ }\r
+\r
+ if (WSAStartup(MAKEWORD(2,1),&wsaData) != 0)\r
+ {\r
+ fprintf(stderr,"WSAStartup failed: %d\n",GetLastError());\r
+ ExitProcess(STATUS_FAILED);\r
+ }\r
+\r
+ memset(&myudp,0,sizeof(myudp));\r
+\r
+ hp = gethostbyname(argv[1]);\r
+\r
+ if (!hp){\r
+ addr = inet_addr(argv[1]);\r
+ }\r
+ if ((!hp) && (addr == INADDR_NONE) )\r
+ {\r
+ fprintf(stderr,"Unable to resolve %s\n",argv[1]);\r
+ ExitProcess(STATUS_FAILED);\r
+ }\r
+\r
+ if (hp != NULL)\r
+ memcpy(&(myudp.sin_addr),hp->h_addr,hp->h_length);\r
+ else\r
+ myudp.sin_addr.s_addr = addr;\r
+\r
+ if (hp)\r
+ myudp.sin_family = hp->h_addrtype;\r
+ else\r
+ myudp.sin_family = AF_INET;\r
+\r
+ printf("Query for : %s in progress...pleaze wait!\n\n",inet_ntoa(myudp.sin_addr));\r
+ \r
+ dataout=(char*)malloc(100);\r
+ memset(dataout,0,sizeof(*dataout)); \r
+\r
+\r
+ mytimeout.tv_sec = TIMEOUT;\r
+ mytimeout.tv_usec = 0;\r
+\r
+ myudp.sin_port = htons(port);\r
+\r
+ if ((udpsock = socket (PF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1)\r
+ {\r
+ printf("error binding socket!\n");\r
+ exit(0);\r
+ }\r
+\r
+ if (connect (udpsock, (struct sockaddr *) &myudp, sizeof (\r
+ struct sockaddr_in)) == 0)\r
+ {\r
+\r
+ FD_ZERO (&r);\r
+ FD_SET (udpsock, &r);\r
+ mytimeout.tv_sec = TIMEOUT;\r
+ mytimeout.tv_usec = 0;\r
+\r
+ send (udpsock, data, sizeof data, 0);\r
+ error = select ((udpsock + 1), &r, NULL, NULL, &mytimeout);\r
+\r
+ if (error==0)\r
+ {\r
+ printf("Port 53 udp is up, but i haven't received data within 5 seconds.\n");\r
+ printf("it seems that this is not a bind 8 or 9 ! :(\n");\r
+ exit(-1);\r
+ }\r
+ if (error==-1)\r
+ {\r
+ printf("select error : %d\n",errno);\r
+ exit(-1);\r
+ }\r
+ open = recv(udpsock, dataout, 100, 0);\r
+ if (open==-1)\r
+ {\r
+ printf("sorry, no nameserver running :(\n");\r
+ exit(-1);\r
+ }\r
+\r
+ dataout[open]=0;\r
+ if ((dataout[3]&127)==0)\r
+ {\r
+ if(dataout[30]==192)\r
+ {\r
+ printf ("ahh...that must be a bind 9...trying to get more details...\n\n");\r
+ printf ("DNS Version : %s\n",dataout+43);\r
+ }\r
+ else\r
+ {\r
+ printf ("ahh...that must be a bind 8...trying to get more details...\n\n");\r
+ printf("DNS Version : %s\n",dataout+55);\r
+ }\r
+ }\r
+ else\r
+ printf("DNS Version : unknown\n");\r
+\r
+ shutdown(udpsock,1);\r
+ closesocket(udpsock);\r
+ }\r
+ \r
+ else\r
+ printf("connect () error : %d\n",errno);\r
+\r
+ free(dataout);\r
+\r
+ exit(0);\r
+}\r
+\r
+void usage()\r
+{\r
+ printf("Gimme <Hostname|IP-Address>\n");\r
+ exit(-1);\r
+}\r