QueryBack1 - Query Reflection
Instead of returning a DNS response, this module sends back the original query exactly as it was received.
This behavior is likely to result in unexpected errors, especially when targetting resolvers.
Category: Empty responses
Format
queryback1.yourdomain.com
This module has no parameters.
Examples
In this example, we see the effects of receiving a query instead of a response. The client (dig) struggles to interpret the response, which lacks any actual response data. We see two different warnings and no answer:
# dig queryback1.yourdomain.com @127.0.0.1 ;; Warning: query response not set ; <<>> DiG 9.18.10-2-Debian <<>> queryback1.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48190 ;; flags: rd ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ; COOKIE: 869618c70fe0979b (echoed) ;; QUESTION SECTION: ;queryback1.yourdomain.com. IN A ;; Query time: 4 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Tue Oct 29 16:05:21 +04 2024 ;; MSG SIZE rcvd: 66
In TCP mode, the results are the same as in the previous example in UDP mode, leading to multiple warnings with no answer:
# dig queryback1.yourdomain.com @127.0.0.1 +tcp ;; Warning: query response not set ; <<>> DiG 9.18.10-2-Debian <<>> queryback1.yourdomain.com @127.0.0.1 +tcp ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61158 ;; flags: rd ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ; COOKIE: b9eb7f1c05b1f8a5 (echoed) ;; QUESTION SECTION: ;queryback1.yourdomain.com. IN A ;; Query time: 4 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (TCP) ;; WHEN: Tue Oct 29 16:05:22 +04 2024 ;; MSG SIZE rcvd: 66
In this example, we also request to generate a new Transaction ID in the response (using the newid modifier). This could potentially cause further confusion for a resolver receiving such a response:
# dig queryback1.newid.yourdomain.com @127.0.0.1 ;; Warning: ID mismatch: expected ID 22611, got 46426 ;; Warning: query response not set ;; communications error to 127.0.0.1#53: timed out ;; Warning: ID mismatch: expected ID 22611, got 13720 ;; Warning: query response not set ;; communications error to 127.0.0.1#53: timed out ;; Warning: ID mismatch: expected ID 22611, got 41617 ;; Warning: query response not set ;; communications error to 127.0.0.1#53: timed out ; <<>> DiG 9.18.10-2-Debian <<>> queryback1.newid.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; no servers could be reached
From the same category
- Close - Close the Connection
- Empty1 - Empty Packet
- Empty2 - Only NULL Bytes
- Empty3 - Only NULL Bytes (Suitable for TCP)
- Empty4 - Only Transaction ID and NULL Bytes
- Empty5 - Only DNS Header and NULL Bytes
- Empty6 - ANSWER Section Missing
- Empty7 - ANSWER Section Is NULL Bytes
- QueryBack2 - Query Reflection (Stripped)
- QueryBack3 - Query Reflection (To Port 53)
- QueryBack4 - Query Reflection (Random, to Port 53)
- Timeout - Do Not Respond