I look at this example from an involuntary portal built on the NodeMCU platform, and I'm trying to understand how DNS queries work. (Corresponding file dns-liar.lua). I have more or less decoded what an answer is, but I donβt know what each part of it does, and I canβt find any online resources that show a similar package structure.
NodeMCU Node IP:
a.b.c.d
Request:
|A|B| ... |(13th byte) \0 terminated string (str)| ...
Answer: (bytes separated by "|")
| A | B | x80 | x00 | x00 | x01 | x00 | x01 | x00 | x00 | x00 | x00 | str | x00 | x01 | x00 | x01 | xC0 | x0C | x00 | x01 | x00 | x01 | x00 | x00 | x03 | x00 | x00 | x04 | a | b | c | d |
I understand that str, most likely, the domain to search for abcdis just NodeMCU responding to each request with its own IP address, but I'm not sure what any of the other bytes do.
Aaron source
share