Switch back to ::Net::DNS::Packet.new

2015-08-13 11:29:56 -07:00 · 2015-08-13 11:29:56 -07:00 · 61e23ad23e
parent 9f2c62d4ce
commit 61e23ad23e
3 changed files with 5 additions and 38 deletions
--- a/lib/msf/core/auxiliary/mdns.rb
+++ b/lib/msf/core/auxiliary/mdns.rb
@ -24,24 +24,11 @@ module Msf
      query_type_name
    end

-    # Returns the raw query message
-    def query
-      # Note that we don't use ::Net::DNS::Packet or similar here because of
-      # the current restrictions it places on RRs, specifically the values that
-      # it allows for RR names (it only allows valid RR names, we often need to
-      # query invalid ones for various purposes)
-      [
-        0, #        rand(65535), # id
-        0, # all-0 qr, opcode, conflict, truncation, tentative, reserved an rcode
-        1, # number of questions
-        0, # number of answer RRs
-        0, # number of authority RRs
-        0, # number of additional RRs
-        query_name.length,
-        query_name,
-        query_type_num,
-        query_class_num
-      ].pack("nnnnnnCa#{query_name.length + 1}nn")
+    def build_probe
+      @probe ||= ::Net::DNS::Packet.new(query_name, query_type_num, query_class_num).data
+      # TODO: support QU vs QM probes
+      # @probe[@probe.size-2] = [0x80].pack('C')
+      # @probe
    end

    def query_class
--- a/modules/auxiliary/scanner/llmnr/query.rb
+++ b/modules/auxiliary/scanner/llmnr/query.rb
@ -30,15 +30,6 @@ class Metasploit3 < Msf::Auxiliary
    )
  end

-  def build_probe
-    @probe ||= query
-  end
-
-  def scanner_process(data, shost, _sport)
-    @results[shost] ||= []
-    @results[shost] << data
-  end
-
  def scanner_prescan(batch)
    print_status("Sending LLMNR #{query_type_name}/#{query_class_name} queries for #{query_name} to #{batch[0]}->#{batch[-1]} port #{rport} (#{batch.length} hosts)")
    @results = {}
--- a/modules/auxiliary/scanner/mdns/query.rb
+++ b/modules/auxiliary/scanner/mdns/query.rb
@ -28,17 +28,6 @@ class Metasploit3 < Msf::Auxiliary
    )
  end

-  def build_probe
-    @probe ||= query
-    #@probe[@probe.size-2] = [0x80].pack('C')
-    #@probe
-  end
-
-  def scanner_process(data, shost, _sport)
-    @results[shost] ||= []
-    @results[shost] << data
-  end
-
  def scanner_prescan(batch)
    print_status("Sending mDNS #{query_type_name} #{query_class_name} queries for " +
                 "#{query_name} to #{batch[0]}->#{batch[-1]} port #{rport} (#{batch.length} hosts)")