aandroidtest
aandroidtest

Reputation: 1503

Python Scapy a Recursive DNS Query

I am trying to create a recursive DNS query packet using Python scapy to showcase the amplification vulnerability on open dns resolver. Below is the packet:

p = IP(src=srcIP,dst=destIP) / UDP(sport=53,dport=53) / DNS(qd=DNSQR(qname="isc.org", qtype="ANY"))
send(p)

However, the reply does not shows any amplification. In fact the response is lesser in size than the packet sent.

Is my packet structure correct above? How do I make it a recursive query?

Upvotes: 1

Views: 1189

Answers (1)

Pierre
Pierre

Reputation: 6237

Your packet is correct and should work. I have just checked with Google's public DNS server 8.8.8.8, the packet I send is 53 bytes long, the answer I get is 107.

The "recursion desired" bit is activated in Scapy by default (you can enter DNS().rd and check it returns 1), so there's nothing more you need to do here.

The only weird thing I can see is that you are using the source port 53, and some firewalls may filter packets with source ports < 1024. You can try with a random source port see if it works better.

Upvotes: 4

Related Questions