This is my homework in NCTU. Input the victim's ip, domain queried, the DNS server's ip and type of DNS, seeing the effects via wireshark.
In this program DNS querying message is sent via UDP (port 53); hence raw sockets are applied. The opt and EDNS0 is used to make size of reply greater.
You can see the whole list on wiki.
| Code (input) | Type name | Descriptyion |
|---|---|---|
| 1 | A | Returns a 32-bit IPv4 address, most commonly used to map hostnames to an IP address of the host. |
| 26 | AAAA | Returns a 128-bit IPv6 address. |
| 48 | DNSKEY | The key record used in DNSSEC. Uses the same format as the KEY record. |
| 12 | PTR | Pointer to a canonical name. Unlike a CNAME, DNS processing stops and just the name is returned. The most common use is for implementing reverse DNS lookups, but other uses include such things as DNS-SD. |
| 16 | TXT | Originally for arbitrary human-readable text in a DNS record. Since the early 1990s, however, this record more often carries machine-readable data, such as specified by RFC 1464, opportunistic encryption, Sender Policy Framework, DKIM, DMARC, DNS-SD, etc. In some cases this returns lots of data resulting in good DNS amplification. |
| 255 | ANY | Returns all records of all types known to the name server. In most cases this returns lots of data resulting in good DNS amplification; however, a good dns server may ignore this type of request. |