[tor-dev] exitmap/RESOLVE control command limitations

nusenu nusenu-lists at riseup.net
Tue Jul 9 08:55:00 UTC 2019 

Hi,

I noticed some unexpected answers in exitmap's [1] dnsenum results
and suspected that this has todo with IPv4 vs. IPv6.

First I looked at [2] and found that it only lists IPv4 and hostnames
as possible answers but then I realized that exitmap might not be using
the RESOLVE command?

>     def resolve(self, domain):
>         """
>         Resolve the given domain using Tor's SOCKS resolution extension.
>         """
> 
>         domain_len = len(domain)
>         if domain_len > 255:
>             raise error.SOCKSv5Error("Domain must not be longer than 255 "
>                                      "characters, but %d given." % domain_len)
> 
>         # Tor defines a new command value, \x0f, that is used for domain
>         # resolution.
> 
>         self._send_all("\x05\xf0\x00\x03%s%s%s" %
>                      (chr(domain_len), domain, "\x00\x00"))
> 
>         resp = self._recv_all(10)
>         if resp[:2] != "\x05\x00":
>             raise error.SOCKSv5Error("Invalid server response: 0x%s" %
>                                      resp[1].encode("hex"))
> 
>         return socket.inet_ntoa(resp[4:8])


Does Tor's SOCKS resolution extension support IPv6 answers
or does it only attempt A records?

I'm aiming to resolve a hostname and would like to get 
the IPv4 and if available the IPv6 address.

thanks,
nusenu


[1] https://github.com/NullHypothesis/exitmap
[2] https://gitweb.torproject.org/torspec.git/tree/control-spec.txt#n1349


-- 
https://twitter.com/nusenu_

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20190709/3937dd6c/attachment.sig>

More information about the tor-dev mailing list