RageLtMan
c4e29eaa94
Rex::Proto::DNS::Resolver is currently unable to approximate the host OS' native resolver because: 1. It cannot cache responses and has to go out to its defined NS' each time to query for the answers, 2. Because it is not aware of the system's hostsfile entries which can result in leaks/mis-targeted execution, and a bunch of other unpleasantly nuanced problems. Address the concern by: 1. Creating a descendant CachedResolver class from Rex::Proto::DNS::Resolver, with a #send method override which performs cache query and population. 2. Moving the Cache class up one namespace to Rex::Proto::DNS and updating the server accordingly. 3. Fixing the MATCH_HOSTNAME regex in Rex::Proto::DNS::Constants to allow a short-name (vs FQDN) and creating a relevant MATCH_FQDN. TODO: 1. Deal with adding search domains from the system to short-name queries and records; if we decide this is a good idea (potential for leaks). 2. Look at performance optimization for multiple concurrent queries via singleton/refcounted/other optimized concurrent access patters. Testing: 1. Pry-level tests of the objects edited/created in this PR. Needs some runtime testing to QA.
16 lines
368 B
Ruby
16 lines
368 B
Ruby
# -*- coding: binary -*-
|
|
|
|
module Rex
|
|
module Proto
|
|
module DNS
|
|
|
|
module Constants
|
|
MATCH_HOSTNAME= /^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])(\.?))+([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9]\.*?)$/
|
|
MATCH_FQDN = /^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)+([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9]\.*)$/
|
|
end
|
|
|
|
end
|
|
end
|
|
end
|
|
|