In [1]:
import socket
import binascii
import time
import struct

## Step 1: Build a DNS Query

In [9]:
# DNS Header

# Only working on ID, QR, Opcode, TC, RD, and QDCount (all other fields get value of 0)

# ID = 1010101000000000 -> 16 bit identifier assigned by the program that generates any query. Used by the requester to match up replies

# QR = 0 -> One bit field that specifies whether this message is a query (0), or a response (1)

# Opcode = 0000 -> Four bit field that specifies kind of query, this one is a standard query

# TC = 0 -> Specifies that this message was truncated due to length greater than that permitted on the transmission channel

# RD = 1 -> Recurion Desired - It directs the name server to pursue the query recursively.

# QDCount = 0000000000000001 -> an unsigned 16 bit integer specifying the number of entries in the question section.

dnsHeader = "AA0001000001000000000000"

In [10]:
def input_padding(s):
    return '0x' + s[2:].zfill(2)


In [11]:
def dnsURLParser(user_input):
    host = ""
    tld = ""
    index_start = 0

    # Parse out hostname
    for element in range(0, len(user_input)):
        if user_input[element] == ".":
            index_start = element
            break
        else:
            host = host + user_input[element]

    # Parse out TLD
    for element in range(index_start+1, len(user_input)):
        tld = tld + user_input[element]


    hex_host = binascii.hexlify(host.encode("utf-8"))
    hex_tld = binascii.hexlify(tld.encode("utf-8"))

    len_host = input_padding(str(hex(len(host))))
    len_tld = input_padding(str(hex(len(tld))))

    query = len_host[2:] + hex_host.decode("utf-8") + len_tld[2:] + hex_tld.decode("utf-8")
    query = query.upper()
    print(query)

    return query

In [12]:
queryYT = dnsURLParser("youtube.com")
queryFB = dnsURLParser("facebook.com")
queryTMZ = dnsURLParser("tmz.com")
queryNYT = dnsURLParser("nytimes.com")
queryCNN = dnsURLParser("cnn.com")

07796F757475626503636F6D
0866616365626F6F6B03636F6D
03746D7A03636F6D
076E7974696D657303636F6D
03636E6E03636F6D


In [13]:
# DNS Question
dnsQuestionYT = queryYT + "000001" + "0001"
yt_offset = len(dnsQuestionYT)
dnsQuestionFB = queryFB + "000001" + "0001"
fb_offset = len(dnsQuestionFB)
dnsQuestionTMZ = queryTMZ + "000001" + "0001"
tmz_offset = len(dnsQuestionTMZ)
dnsQuestionNYT = queryNYT + "000001" + "0001"
nyt_offset = len(dnsQuestionNYT)
dnsQuestionCNN = queryCNN + "000001" + "0001"
cnn_offset = len(dnsQuestionCNN)




In [14]:
# Create DNS Query
dnsQueryYT = dnsHeader + dnsQuestionYT
print(dnsQueryYT)
dnsQueryFB = dnsHeader + dnsQuestionFB
dnsQueryTMZ = dnsHeader + dnsQuestionTMZ
dnsQueryNYT = dnsHeader + dnsQuestionNYT
dnsQueryCNN = dnsHeader + dnsQuestionCNN

AA000100000100000000000007796F757475626503636F6D0000010001
