Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added support for upstream nameservers.

Browse Source 
Previously, upstream nameservers were configured by default even if the
config file did not specify them. Now upstream nameservers are only
used if they are specified. If none are given, then NXDOMAIN is
returned for unresolvable requests.
This commit is contained in:
soh_cah_toa
2014-04-25 13:06:33 -04:00
parent 82e4b1eac7
commit 9b3dfacce1
3 changed files with 34 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
extensions/dns/api.rb
View File

@@ -34,38 +34,25 @@ module BeEF
port = dns_config['port'] || 5300
interfaces = [[protocol, address, port]]
Thread.new { EventMachine.next_tick { dns.run(:listen => interfaces) } }
print_info "DNS Server: #{address}:#{port} (#{protocol})"
# @todo Upstream servers are not yet supported. Uncomment this section when they are.
=begin
servers = []
upstream_servers = ''
unless dns_config['upstream'].nil?
unless dns_config['upstream'].nil? || dns_config['upstream'].empty?
dns_config['upstream'].each do |server|
next if server[1].nil? or server[2].nil?
up_protocol = server[0].downcase
up_address = server[1]
up_port = server[2]
if server[0] == 'tcp'
servers << ['tcp', server[1], server[2]]
elsif server[0] == 'udp'
servers << ['udp', server[1], server[2]]
end
next if [up_protocol, up_address, up_port].include?(nil)
servers << [up_protocol.to_sym, up_address, up_port] if up_protocol =~ /^(tcp|udp)$/
upstream_servers << "Upstream Server: #{up_address}:#{up_port} (#{up_port})\n"
end
end
if servers.empty?
servers << ['tcp', '8.8.8.8', 53]
servers << ['udp', '8.8.8.8', 53]
end
upstream_servers = ''
servers.each do |server|
upstream_servers << "Upstream Server: #{server[1]}:#{server[2]} (#{server[0]})\n"
end
Thread.new { EventMachine.next_tick { dns.run(:upstream => servers, :listen => interfaces) } }
print_info "DNS Server: #{address}:#{port} (#{protocol})"
print_more upstream_servers
=end
end
# Mounts the handler for processing DNS RESTful API requests.

4
extensions/dns/config.yaml
View File

@@ -13,6 +13,6 @@ beef:
address: '127.0.0.1'
port: 5300
upstream: [
['tcp', '8.8.8.8', 53],
['udp', '8.8.8.8', 53]
['udp', '8.8.8.8', 53],
['tcp', '8.8.8.8', 53]
]

24
extensions/dns/dns.rb
View File

@@ -105,6 +105,26 @@ module BeEF
@lock.synchronize { @database.destroy }
end
# Starts the DNS server.
#
# @param options [Hash] server configuration options
# @option options [Array<Array>] :upstream upstream DNS servers (if ommitted, unresolvable
# requests return NXDOMAIN)
# @option options [Array<Array>] :listen local interfaces to listen on
def run(options = {})
@lock.synchronize do
upstream = options[:upstream]
listen = options[:listen]
unless upstream.nil? || upstream.empty?
resolver = RubyDNS::Resolver.new(upstream)
@otherwise = Proc.new { |t| t.passthrough!(resolver) }
end
super(:listen => listen)
end
end
# Entry point for processing incoming DNS requests. Attempts to find a matching rule and
# sends back its associated response.
#
@@ -131,12 +151,12 @@ module BeEF
end
end
# When no match is found, query upstream servers (if enabled)
if @otherwise
print_debug "No match found, querying upstream servers"
@otherwise.call(transaction)
else
print_debug "Failed to handle DNS request for #{name}"
print_debug "No match found, sending NXDOMAIN response"
transaction.fail!(:NXDomain)
end
end
end