Fix ANY queries and TCP socket for DNS (#182)

Sets up both TCP and UDP DNS servers, which should allow for the occasional case where a TCP query can make it to the server but UDP can't, and fixes support for ANY queries. ANY queries are deprecated in RFC8482 but this may also provide for additional interaction opportunities. Re-organises the error handling around DNS server creation slightly because 'error' was always returned as nil anyway. Co-authored-by: Michael Fincham <[email protected]>
projectdiscovery · Jan 14, 2022 · 96ec574 · 96ec574
1 parent cad8f15
commit 96ec574
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 15 deletions.
diff --git a/cmd/interactsh-server/main.go b/cmd/interactsh-server/main.go
@@ -112,20 +112,20 @@ func main() {
 	acmeStore := acme.NewProvider()
 	options.ACMEStore = acmeStore
 
-	dnsServer, err := server.NewDNSServer(options)
-	if err != nil {
-		gologger.Fatal().Msgf("Could not create DNS server")
-	}
-	dnsAlive := make(chan bool, 1)
-	go dnsServer.ListenAndServe(dnsAlive)
+	dnsTcpServer := server.NewDNSServer("tcp", options)
+	dnsUdpServer := server.NewDNSServer("udp", options)
+	dnsTcpAlive := make(chan bool, 1)
+	dnsUdpAlive := make(chan bool, 1)
+	go dnsTcpServer.ListenAndServe(dnsTcpAlive)
+	go dnsUdpServer.ListenAndServe(dnsUdpAlive)
 
 	trimmedDomain := strings.TrimSuffix(options.Domain, ".")
 
 	var tlsConfig *tls.Config
 	if !skipacme {
 		acmeManagerTLS, acmeErr := acme.HandleWildcardCertificates(fmt.Sprintf("*.%s", trimmedDomain), options.Hostmaster, acmeStore)
 		if acmeErr != nil {
-			gologger.Warning().Msgf("An error occurred while applying for an certificate, error: %v", err)
+			gologger.Warning().Msgf("An error occurred while applying for an certificate, error: %v", acmeErr)
 			gologger.Warning().Msgf("Could not generate certs for auto TLS, https will be disabled")
 		}
 		tlsConfig = acmeManagerTLS
@@ -188,46 +188,60 @@ func main() {
 	go func() {
 		for {
 			service := ""
+			network := ""
 			port := 0
 			status := true
 			fatal := false
 			select {
-			case status = <-dnsAlive:
+			case status = <-dnsUdpAlive:
 				service = "DNS"
+				network = "UDP"
 				port = options.DnsPort
 				fatal = true
+			case status = <-dnsTcpAlive:
+				service = "DNS"
+				network = "TCP"
+				port = options.DnsPort
 			case status = <-httpAlive:
 				service = "HTTP"
+				network = "TCP"
 				port = options.HttpPort
 				fatal = true
 			case status = <-httpsAlive:
 				service = "HTTPS"
+				network = "TCP"
 				port = options.HttpsPort
 			case status = <-smtpAlive:
 				service = "SMTP"
+				network = "TCP"
 				port = options.SmtpPort
 			case status = <-smtpsAlive:
 				service = "SMTPS"
+				network = "TCP"
 				port = options.SmtpsPort
 			case status = <-ftpAlive:
 				service = "FTP"
+				network = "TCP"
 				port = options.FtpPort
 			case status = <-responderAlive:
 				service = "Responder"
+				network = "TCP"
 				port = 445
 			case status = <-smbAlive:
 				service = "SMB"
+				network = "TCP"
 				port = options.SmbPort
 			case status = <-ldapAlive:
 				service = "LDAP"
+				network = "TCP"
 				port = options.LdapPort
 			}
 			if status {
-				gologger.Silent().Msgf("[%s] Listening on %s:%d", service, options.ListenIP, port)
+				gologger.Silent().Msgf("[%s] Listening on %s %s:%d", service, network, options.ListenIP, port)
 			} else if fatal {
-				gologger.Fatal().Msgf("The %s service has unexpectedly stopped", service)
+				gologger.Fatal().Msgf("The %s %s service has unexpectedly stopped", network, service)
 			} else {
-				gologger.Warning().Msgf("The %s service has unexpectedly stopped", service)
+				gologger.Warning().Msgf("The %s %s service has unexpectedly stopped", network, service)
 			}
 		}
 	}()

diff --git a/pkg/server/dns_server.go b/pkg/server/dns_server.go
@@ -27,7 +27,7 @@ type DNSServer struct {
 }
 
 // NewDNSServer returns a new DNS server.
-func NewDNSServer(options *Options) (*DNSServer, error) {
+func NewDNSServer(network string, options *Options) (*DNSServer) {
 	dotdomain := dns.Fqdn(options.Domain)
 	server := &DNSServer{
 		options:    options,
@@ -40,17 +40,17 @@ func NewDNSServer(options *Options) (*DNSServer, error) {
 	}
 	server.server = &dns.Server{
 		Addr:    options.ListenIP + fmt.Sprintf(":%d", options.DnsPort),
-		Net:     "udp",
+		Net:     network,
 		Handler: server,
 	}
-	return server, nil
+	return server
 }
 
 // ListenAndServe listens on dns ports for the server.
 func (h *DNSServer) ListenAndServe(dnsAlive chan bool) {
 	dnsAlive <- true
 	if err := h.server.ListenAndServe(); err != nil {
-		gologger.Error().Msgf("Could not serve dns on port %d: %s\n", h.options.DnsPort, err)
+		gologger.Error().Msgf("Could not listen for %s DNS on %s (%s)\n", strings.ToUpper(h.server.Net), h.server.Addr, err)
 		dnsAlive <- false
 	}
 }