Reputation: 1503
I am trying to create a recursive DNS query packet using Python scapy to showcase the amplification vulnerability on open dns resolver. Below is the packet:
p = IP(src=srcIP,dst=destIP) / UDP(sport=53,dport=53) / DNS(qd=DNSQR(qname="isc.org", qtype="ANY"))
send(p)
However, the reply does not shows any amplification. In fact the response is lesser in size than the packet sent.
Is my packet structure correct above? How do I make it a recursive query?
Upvotes: 1
Views: 1189
Reputation: 6237
Your packet is correct and should work. I have just checked with Google's public DNS server 8.8.8.8, the packet I send is 53 bytes long, the answer I get is 107.
The "recursion desired" bit is activated in Scapy by default (you can enter DNS().rd
and check it returns 1), so there's nothing more you need to do here.
The only weird thing I can see is that you are using the source port 53, and some firewalls may filter packets with source ports < 1024. You can try with a random source port see if it works better.
Upvotes: 4