new: net.probe now also sends multicast dns queries to force mDNS traffic and responses

2025-08-14 10:46:57 -07:00 · 2018-09-06 17:41:51 +03:00 · 2018-09-06 17:41:51 +03:00 · e993bf73f8
commit e993bf73f8
parent 84228f532f
3 changed files with 69 additions and 0 deletions
--- a/modules/net_probe.go
+++ b/modules/net_probe.go
@ -102,6 +102,8 @@ func (p *Prober) Start() error {
 		throttle := time.Duration(p.throttle) * time.Millisecond

 		for p.Running() {
+			p.sendProbeMDNS(from, from_hw)
+
 			for _, ip := range addresses {
 				if !p.Running() {
 					return
--- a/modules/net_probe_mdns.go
+++ b/modules/net_probe_mdns.go
@ -0,0 +1,21 @@
+package modules
+
+import (
+	"net"
+
+	"github.com/bettercap/bettercap/log"
+	"github.com/bettercap/bettercap/packets"
+)
+
+func (p *Prober) sendProbeMDNS(from net.IP, from_hw net.HardwareAddr) {
+	err, raw := packets.NewMDNSProbe(from, from_hw)
+	if err != nil {
+		log.Error("error while sending mdns probe: %v", err)
+		return
+	}
+
+	log.Debug("sending %d bytes of mdns probe query", len(raw))
+	if err := p.Session.Queue.Send(raw); err != nil {
+		log.Error("error sending mdns packet: %s", err)
+	}
+}
--- a/packets/mdns.go
+++ b/packets/mdns.go
@ -1,6 +1,7 @@
 package packets

 import (
+	"net"
 	"strings"

 	"github.com/bettercap/bettercap/core"
@ -11,6 +12,11 @@ import (

 const MDNSPort = 5353

+var (
+	MDNSDestMac = net.HardwareAddr{0x01, 0x00, 0x5e, 0x00, 0x00, 0xfb}
+	MDNSDestIP  = net.ParseIP("224.0.0.251")
+)
+
 func MDNSGetMeta(pkt gopacket.Packet) map[string]string {
 	if ludp := pkt.Layer(layers.LayerTypeUDP); ludp != nil {
 		if udp := ludp.(*layers.UDP); udp != nil && udp.SrcPort == MDNSPort && udp.DstPort == MDNSPort {
@ -59,3 +65,43 @@ func MDNSGetHostname(pkt gopacket.Packet) string {
 	}
 	return ""
 }
+
+func NewMDNSProbe(from net.IP, from_hw net.HardwareAddr) (error, []byte) {
+	eth := layers.Ethernet{
+		SrcMAC:       from_hw,
+		DstMAC:       MDNSDestMac,
+		EthernetType: layers.EthernetTypeIPv4,
+	}
+
+	ip4 := layers.IPv4{
+		Protocol: layers.IPProtocolUDP,
+		Version:  4,
+		TTL:      64,
+		SrcIP:    from,
+		DstIP:    MDNSDestIP,
+	}
+
+	udp := layers.UDP{
+		SrcPort: layers.UDPPort(12345),
+		DstPort: layers.UDPPort(MDNSPort),
+	}
+
+	dns := layers.DNS{
+		ID:     1,
+		RD:     true,
+		OpCode: layers.DNSOpCodeQuery,
+		Questions: []layers.DNSQuestion{
+			layers.DNSQuestion{
+				Name:  []byte("_services._dns-sd._udp.local"),
+				Type:  layers.DNSTypePTR,
+				Class: layers.DNSClassIN,
+			},
+		},
+	}
+
+	if err := udp.SetNetworkLayerForChecksum(&ip4); err != nil {
+		return err, nil
+	}
+
+	return Serialize(&eth, &ip4, &udp, &dns)
+}