github/bettercap
1
0
Fork 0
mirror of https://github.com/bettercap/bettercap synced 2025-08-14 02:36:57 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

new: passive mdns collector for hostnames

Browse source
This commit is contained in:
evilsocket 2018-08-29 17:51:02 +03:00
commit cd1510f60d
No known key found for this signature in database
GPG key ID: 1564D7F30393A456
308 changed files with 40633 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

29
packets/mdns.go Normal file
View file

@ -0,0 +1,29 @@
package packets
import (
"github.com/google/gopacket"
"github.com/google/gopacket/layers"
"github.com/miekg/dns"
)
const MDNSPort = 5353
func MDNSGetHostname(pkt gopacket.Packet) string {
if ludp := pkt.Layer(layers.LayerTypeUDP); ludp != nil {
if udp := ludp.(*layers.UDP); udp != nil && udp.SrcPort == MDNSPort && udp.DstPort == MDNSPort {
var msg dns.Msg
if err := msg.Unpack(udp.Payload); err == nil && msg.Opcode == dns.OpcodeQuery && len(msg.Answer) > 0 {
for _, answer := range append(msg.Answer, msg.Extra...) {
switch rr := answer.(type) {
case *dns.PTR:
case *dns.A:
case *dns.AAAA:
return rr.Header().Name
}
}
}
}
}
return ""
}