Hi, one of our users found an issue in nmap, that it does not resolves hostname if dns answer is too big for udp payload.
nmap is not able to resolve hostname if dns server reply is more than 512 bytes.nmap expects reply from dns server side in the form of UDP Packet but if size is more than 512 bytes then it is failed to process data so it is not able to resolve hostname.
Steps to Reproduce:
Add the dummy entries in named zone configuration file to increase the size of packet
Set localhost as nameserver in reosolv.conf
Execute namp command nmap -O -T5
It returns the line as "Nmap scan report for 10.65.2.210" No hostname is showing.
In successful case it shows as "Nmap scan report for dhcp2-210..com (10.65.2.210)"
It is not returning hostname in case if dns packet reply size is more than 512 bytes.
It should send the query on tcp also in case if size is more than 512 bytes as glibc does in case of using --system-dns in nmap command
The text was updated successfully, but these errors were encountered:
Reported earlier as #103. We added support for parsing truncated replies, which helps somewhat, but did not implement TCP fallback. The reverse DNS code in nmap_dns.cc is quite modular, so it shouldn't be too difficult to implement this.