Add new checksum feature for more detection case

jaeles-project · Feb 3, 2021 · e47f16b · e47f16b
1 parent 54537ea
commit e47f16b
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 2 deletions.
diff --git a/core/dns.go b/core/dns.go
@@ -6,6 +6,7 @@ import (
 	"github.com/jaeles-project/jaeles/libs"
 	"github.com/jaeles-project/jaeles/utils"
 	"github.com/robertkrimen/otto"
+	"regexp"
 	"strings"
 )
 
@@ -18,6 +19,12 @@ func InitDNSRunner(url string, sign libs.Signature, opt libs.Options) (Runner, e
 	runner.RunnerType = "dns"
 	runner.PrepareTarget()
 
+	// @NOTE: add some variables due to the escape issue
+	runner.Target["RexDomain"] = regexp.QuoteMeta(runner.Target["Domain"])
+	if strings.Contains(runner.Target["RexDomain"], `\.`) {
+		runner.Target["RexDomain"] = strings.ReplaceAll(runner.Target["RexDomain"], `\.`, `\\.`)
+	}
+
 	return runner, nil
 }
 
@@ -118,7 +125,7 @@ func (r *Record) DnsDetector() bool {
 
 		// add extra things for standard output
 		r.Request.URL = r.Dns.Domain
-		r.Request.Beautify = fmt.Sprintf("dig %s %s", r.Dns.RecordType, r.Dns.Domain)
+		r.Request.Beautify = fmt.Sprintf("dig %s %s @%s", r.Dns.RecordType, r.Dns.Domain, r.Dns.Resolver)
 		r.Response.Beautify = record.Response.Beautify
 
 		utils.DebugF("[Detection] %v -- %v", analyze, r.IsVulnerable)

diff --git a/dns/query.go b/dns/query.go
@@ -32,10 +32,11 @@ func QueryDNS(dnsRecord *libs.Dns, options libs.Options) {
 	}
 	domain := dnsRecord.Domain
 	queryType := dnsRecord.RecordType
+	dnsRecord.Resolver = resolver
 
 	var dig dnsutil.Dig
 	dig.Retry = options.Retry
-	dig.SetDNS(resolver)
+	dig.SetDNS(dnsRecord.Resolver)
 	utils.InforF("[resolved] %v -- %v", domain, queryType)
 
 	if queryType == "ANY" || queryType == "" {
@@ -47,6 +48,7 @@ func QueryDNS(dnsRecord *libs.Dns, options libs.Options) {
 				return
 			}
 			dnsResult.Data = msg.String()
+			//utils.DebugF(dnsResult.Data)
 			dnsResult.RecordType = k
 			dnsRecord.Results = append(dnsRecord.Results, dnsResult)
 		}
@@ -58,6 +60,7 @@ func QueryDNS(dnsRecord *libs.Dns, options libs.Options) {
 			return
 		}
 		dnsResult.Data = msg.String()
+		//utils.DebugF(dnsResult.Data)
 		dnsResult.RecordType = queryType
 		dnsRecord.Results = append(dnsRecord.Results, dnsResult)
 	}