PtrLoop1 - PTR Alias Loops (Variant 1)
This module implements alias loops using reverse DNS lookups (PTR records), which map IP addresses back to domain names.
It specifically handles reverse DNS queries for any IP address within the 192.0.2.0/24 private network range, known as TEST-NET-1, which is typically used for documentation and examples.
When this module receives a reverse DNS lookup query for an IP address such as 192.0.2.x (this means searching for the PTR record for x.2.0.192.in-addr.arpa domain), it responds with a PTR record that contains the exact same domain name, effectively creating a direct loop.
Category: Alias loops
Tags: Domain Lock-Up, Denial of Service
RFCs: RFC1035
Format
*.2.0.192.in-addr.arpa
This module has no parameters.
Examples
In this example, we perform a reverse lookup for the IP address 192.0.2.100. The result is the same domain name in in-addr.arpa format, creating a direct loop:
# dig -x 192.0.2.100 @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> -x 192.0.2.100 @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40946 ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;100.2.0.192.in-addr.arpa. IN PTR ;; ANSWER SECTION: 100.2.0.192.in-addr.arpa. 60 IN PTR 100.2.0.192.in-addr.arpa. ;; Query time: 4 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Wed Nov 06 15:24:12 +04 2024 ;; MSG SIZE rcvd: 56
The same query as above, but written in in-addr.arpa format. The result is idential, producing a direct loop:
# dig PTR 100.2.0.192.in-addr.arpa @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> PTR 100.2.0.192.in-addr.arpa @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19731 ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;100.2.0.192.in-addr.arpa. IN PTR ;; ANSWER SECTION: 100.2.0.192.in-addr.arpa. 60 IN PTR 100.2.0.192.in-addr.arpa. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Wed Nov 06 15:24:13 +04 2024 ;; MSG SIZE rcvd: 56
From the same category
- CnLoop - CNAME Alias Loops
- DnLoop - DNAME Alias Loops
- HtLoop - HTTPS Alias Loops
- Loop - Alias Loops
- MxLoop - MX Alias Loops
- NptEnumLoop - NAPTR ENUM Alias Loops
- NsLoop - NS Alias Loops
- PtrLoop2 - PTR Alias Loops (Variant 2)
- SpfLoop - SPF (TXT) Alias Loops
- SrLoop - SRV Alias Loops
- SvLoop - SVCB Alias Loops