It is currently Mon Nov 20, 2017 12:58 am

All times are UTC + 1 hour




Post new topic Reply to topic  [ 11 posts ] 
Author Message
 Post subject: DNSproxy - spy for yourself
PostPosted: Wed Aug 02, 2017 4:17 pm 
Offline
Addict
Addict
User avatar

Joined: Mon Oct 26, 2015 2:55 am
Posts: 887
Location: Ukraine
Here is one more stuff I've played recently.
The idea was to made DNS proxy server and run it locally to collect all DNS queries made by Windows/programs using windows domain service.

So it's done. Currently it only logs requests (also resolves them using Google DNS and sends results back to a programs).
Further I'm going to add something like "DNS firewall" functionality, which will have some advantages over regular firewall.
Such stuff can be used to block access to any site by name (well not by IPs), so ad-blocking or even whole internet by whitelist can be made easily. Generally funny enough :3

Here is current test version, acts only as monitor:
http://geocities.ws/lunasole/data/dnsproxy/l

_________________
Time beyond time

Like a copyleft notify: all the source code created by me and posted on Purebasic official forums is free to use and modification in all possible (and several impossible) ways for anyone, without asking my permission


Top
 Profile  
Reply with quote  
 Post subject: Re: DNSproxy - spy for yourself
PostPosted: Sun Aug 13, 2017 9:07 am 
Offline
Enthusiast
Enthusiast

Joined: Wed Nov 09, 2011 8:58 am
Posts: 268
Love it, thanks for sharing!

However it crashes on me after a few minutes, for no obvious reason. (Win 10 x64) Are you aware of the issue?

Tiny feature request: can you make the listview always show the bottom row, to avoid the need for scrolling down all the time?

_________________
Yep... Still a noob.


Top
 Profile  
Reply with quote  
 Post subject: Re: DNSproxy - spy for yourself
PostPosted: Sun Aug 13, 2017 2:00 pm 
Offline
Addict
Addict
User avatar

Joined: Mon Oct 26, 2015 2:55 am
Posts: 887
Location: Ukraine
firace wrote:
Love it, thanks for sharing!

However it crashes on me after a few minutes, for no obvious reason. (Win 10 x64) Are you aware of the issue?

Tiny feature request: can you make the listview always show the bottom row, to avoid the need for scrolling down all the time?


Thank for reply. I have looked on code, it is even strange that it worked whole few minutes with that bug found :D
Anyway should be fine now, also added auto-scrolling and exception handler

_________________
Time beyond time

Like a copyleft notify: all the source code created by me and posted on Purebasic official forums is free to use and modification in all possible (and several impossible) ways for anyone, without asking my permission


Top
 Profile  
Reply with quote  
 Post subject: Re: DNSproxy - spy for yourself
PostPosted: Sun Aug 13, 2017 7:19 pm 
Offline
Enthusiast
Enthusiast

Joined: Wed Nov 09, 2011 8:58 am
Posts: 268
Lunasole wrote:
firace wrote:
Love it, thanks for sharing!

However it crashes on me after a few minutes, for no obvious reason. (Win 10 x64) Are you aware of the issue?

Tiny feature request: can you make the listview always show the bottom row, to avoid the need for scrolling down all the time?


Thank for reply. I have looked on code, it is even strange that it worked whole few minutes with that bug found :D
Anyway should be fine now, also added auto-scrolling and exception handler


Wow, that was fast! Awesome! :shock: :D

It's working fine now, except for a small mystery: if I open http://www.reddit.com in my browser, I see some DNS lookups for a few related domains, but not for http://www.reddit.com itself... Any idea why? I did flush my DNS cache first.


Edit: same result in Nirsoft's DNSQuerySniffer - so at least it's not a bug in DNSproxy :)

_________________
Yep... Still a noob.


Top
 Profile  
Reply with quote  
 Post subject: Re: DNSproxy - spy for yourself
PostPosted: Mon Aug 14, 2017 5:10 am 
Offline
Addict
Addict
User avatar

Joined: Mon Oct 26, 2015 2:55 am
Posts: 887
Location: Ukraine
firace wrote:

It's working fine now, except for a small mystery: if I open http://www.reddit.com in my browser, I see some DNS lookups for a few related domains, but not for http://www.reddit.com itself... Any idea why? I did flush my DNS cache first.


Edit: same result in Nirsoft's DNSQuerySniffer - so at least it's not a bug in DNSproxy :)


That's really strange. On my Win7 there is correct log (http://www.reddit.com query present) using 3 different browsers.
The only idea I have now -- "hosts" file. If some domain stored on it, there will be no DNS request for this domain (like http://localhost/ will not be displayed in log). Or maybe Win10 itself has some extra surprise with that ^^

_________________
Time beyond time

Like a copyleft notify: all the source code created by me and posted on Purebasic official forums is free to use and modification in all possible (and several impossible) ways for anyone, without asking my permission


Top
 Profile  
Reply with quote  
 Post subject: Re: DNSproxy - spy for yourself
PostPosted: Tue Aug 15, 2017 4:16 am 
Offline
Enthusiast
Enthusiast

Joined: Wed Nov 09, 2011 8:58 am
Posts: 268
Lunasole wrote:
firace wrote:

It's working fine now, except for a small mystery: if I open http://www.reddit.com in my browser, I see some DNS lookups for a few related domains, but not for http://www.reddit.com itself... Any idea why? I did flush my DNS cache first.


Edit: same result in Nirsoft's DNSQuerySniffer - so at least it's not a bug in DNSproxy :)


That's really strange. On my Win7 there is correct log (http://www.reddit.com query present) using 3 different browsers.
The only idea I have now -- "hosts" file. If some domain stored on it, there will be no DNS request for this domain (like http://localhost/ will not be displayed in log). Or maybe Win10 itself has some extra surprise with that ^^



Problem solved! It turns out that Windows 10 has so-called "smart" DNS resolution, which spontaneously tries the "best" or fastest way to get a DNS response. See https://medium.com/@ValdikSS/beware-of- ... c5bfb4e3f1

In my case, the missing queries were in fact simply going over IPv6. After I disabled it, I started seeing *all* queries on the proxy. :)

By the way, just wondering, is DNSproxy entirely written in PB or is it using some 3rd party DLLs?

_________________
Yep... Still a noob.


Top
 Profile  
Reply with quote  
 Post subject: Re: DNSproxy - spy for yourself
PostPosted: Tue Aug 15, 2017 5:54 pm 
Offline
Addict
Addict
User avatar

Joined: Mon Oct 26, 2015 2:55 am
Posts: 887
Location: Ukraine
firace wrote:
Problem solved! It turns out that Windows 10 has so-called "smart" DNS resolution, which spontaneously tries the "best" or fastest way to get a DNS response. See https://medium.com/@ValdikSS/beware-of- ... c5bfb4e3f1

Hah, they even DNS resolving made complicated and questionable in those newer Windows. Thank for link.

firace wrote:
By the way, just wondering, is DNSproxy entirely written in PB


Yes, coded from scratch and mostly "for fun" ^^
There is nothing complex btw, just UDP proxy with partially implemented DNS protocol. Maybe I'll post sources somehow later

_________________
Time beyond time

Like a copyleft notify: all the source code created by me and posted on Purebasic official forums is free to use and modification in all possible (and several impossible) ways for anyone, without asking my permission


Top
 Profile  
Reply with quote  
 Post subject: Re: DNSproxy - spy for yourself
PostPosted: Tue Aug 15, 2017 10:31 pm 
Offline
Enthusiast
Enthusiast

Joined: Mon Jan 20, 2014 6:32 pm
Posts: 141
Is it using any win API or can you make a linux version?

_________________
WARNING: I dont know what I am doing! I just put stuff here and there and sometimes like magic it works. So please improve on my code and post your changes so I can learn more. TIA


Top
 Profile  
Reply with quote  
 Post subject: Re: DNSproxy - spy for yourself
PostPosted: Wed Aug 16, 2017 5:26 pm 
Offline
Addict
Addict
User avatar

Joined: Mon Oct 26, 2015 2:55 am
Posts: 887
Location: Ukraine
vwidmer wrote:
Is it using any win API or can you make a linux version?


Nothing especial, should work fine on linux too (maybe with some changes).

I've just uploaded version 1.0.0.2 + sources btw, you can try to build for linux.

_________________
Time beyond time

Like a copyleft notify: all the source code created by me and posted on Purebasic official forums is free to use and modification in all possible (and several impossible) ways for anyone, without asking my permission


Top
 Profile  
Reply with quote  
 Post subject: Re: DNSproxy - spy for yourself
PostPosted: Wed Aug 16, 2017 7:46 pm 
Offline
Enthusiast
Enthusiast

Joined: Mon Jan 20, 2014 6:32 pm
Posts: 141
Yes it works fine on linux. I am not sure though I had to remove the /opengl ? and I comment out these lines but seems to work fine.

Code:
   ;Protected LenT.GETTEXTLENGTHEX
      ;Protected S.CHARRANGE
      ;S\cpMin = SendMessage_(GadgetID(l), #EM_GETTEXTLENGTHEX, LenT, 0)
      ;S\cpMax = S\cpMin
      ;SendMessage_(GadgetID(l), #EM_EXSETSEL, 0, S)

_________________
WARNING: I dont know what I am doing! I just put stuff here and there and sometimes like magic it works. So please improve on my code and post your changes so I can learn more. TIA


Top
 Profile  
Reply with quote  
 Post subject: Re: DNSproxy - spy for yourself
PostPosted: Wed Aug 16, 2017 10:24 pm 
Offline
Addict
Addict
User avatar

Joined: Mon Oct 26, 2015 2:55 am
Posts: 887
Location: Ukraine
vwidmer wrote:
Yes it works fine on linux. I am not sure though I had to remove the /opengl ? and I comment out these lines but seems to work fine.

Code:
   ;Protected LenT.GETTEXTLENGTHEX
      ;Protected S.CHARRANGE
      ;S\cpMin = SendMessage_(GadgetID(l), #EM_GETTEXTLENGTHEX, LenT, 0)
      ;S\cpMax = S\cpMin
      ;SendMessage_(GadgetID(l), #EM_EXSETSEL, 0, S)


Nice then ^^
/opengl makes no difference. Those lines too, that's just log scrolling

_________________
Time beyond time

Like a copyleft notify: all the source code created by me and posted on Purebasic official forums is free to use and modification in all possible (and several impossible) ways for anyone, without asking my permission


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 11 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 6 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  

 


Powered by phpBB © 2008 phpBB Group
subSilver+ theme by Canver Software, sponsor Sanal Modifiye