Wednesday, August 21, 2013

PyTinyDNS Part 2

Introduction

    In the last post, I wrote about the PyTinyDNS project that I had been working on for my VPN setup. PyTinyDNS is a small DNS A record resolver that runs on your standard DNS port (53). Since then I've added some more features that I feel make this an even more powerful and versatile tool. The github repository is being regularly updated as I push out new changes. Please feel free to add any issues or tweaks that you see fit.

Recent Updates

    Since the original push to github, the following features have been added or changed.
  • Flat host configuration files are still in use, but its been moved to a .host file.
  • Config files can now be used instead of specifying each option in the command line.
  • Redis-server is now used as a database storage for A records.
  • Added redis_import.py in order to import A records into a live instance. Updated domain results take effect immediately
  • Redis import tool can now handle single host updates using -u domain:ip

Example Config File

[PyTinyDNS]
DefaultIP = 192.168.1.99
Use_Redis = yes
Redis_Server = localhost
#Host_File = pytinydns.host

    If Use_Redis is set to no, it'll resolve all requests with the DefaultIP or refer to Host_File (if set) in order to resolve the A records.

Possible Uses

  • Resolve internal domains
  • DNS Spoofing
  • Fast Flux implementation
  • Malware analysis

To Do List

  • Add option to resolve real IPs of non matched domains
  • Add time based IP rotation
  • Add option to reply with different IPs based on conditions being met
  • Add wildcard handling for domains
  • Add more than A record resolution

Source

No comments:

Post a Comment

Post a Comment