Interesting DNS HacksFrederic Cambus January 09, 2013 [DNS]
DNS Gateway for Twitter and Identi.ca:
A neat hack allowing to query Twitter statuses, timelines, and user information over DNS:
dig fcambus.twitter.any.io TXT +short "Teletext in Poland - Part I and II: http://t.co/0t0FiXY8 and http://t.co/rKYR0FJH #textmode #teletext" "Wed Jan 09 13:26:12 +0000 2013" dig fcambus.identica.any.io TXT +short "Just released my ANSi Social Media Icon Set - http://bit.ly/jIYYLi" "Thu Jun 09 16:17:32 +0000 2011" dig statdns.timeline.twitter.any.io TXT +short ;; Truncated, retrying in TCP mode. "DANE (RFC 6698) has been deployed on StatDNS' DNS Testground domain: https://t.co/Uox3VobV #dnssec #dane" "Thu Jan 03 17:46:50 +0000 2013" "Zone Files Statistics - January 2013 Reports - http://t.co/2iGhqJNc #dns #dnssec" "Wed Jan 02 11:50:54 +0000 2013" "Added RFC 6781: DNSSEC Operational Practices, Version 2 - http://t.co/wWowpmx3 #DNS #DNSSEC #RFC" "Mon Dec 24 16:41:32 +0000 2012" "Zone Files Statistics - December 2012 Reports - http://t.co/2iGhqJNc #dns #dnssec" "Sun Dec 02 09:19:21 +0000 2012" "Zone Files Statistics - November 2012 Reports - http://t.co/2iGhqJNc #dns #dnssec" "Fri Nov 02 11:27:40 +0000 2012" "Zone Files Statistics - October 2012 Reports - http://t.co/2iGhqJNc #dns #dnssec" "Sat Oct 06 12:09:53 +0000 2012" "Zone Files Statistics - September 2012 Reports - http://t.co/2iGhqJNc #dns #dnssec" "Sun Sep 02 17:34:33 +0000 2012" "DNS related RFCs (An up to date list of Domain Name System RFCs) - http://t.co/7dLCO68H #DNS #DNSSEC #RFC" "Mon Aug 27 10:55:15 +0000 2012" "StatDNS' DNS Testground hosts some seldom used resource record types, useful to test DNS tools: http://t.co/EabRV1U3 #DNS #DNSSEC" "Wed Apr 04 16:21:29 +0000 2012" dig statdns.twitter @any.io TXT +short "DANE (RFC 6698) has been deployed on StatDNS' DNS Testground domain: https://t.co/Uox3VobV #dnssec #dane" "Thu Jan 03 17:46:50 +0000 2013" "StatDNS" "127.0.0.1" "http://www.statdns.com" "DNS and Domain Names statistics and tools" statdns.twitter.
Wikipedia over DNS:
This one is pretty much self-explanatory, you can query DNS related articles (and not only!) over DNS (more information here):
dig bind.wp.dg.cx TXT +short "BIND , or named , is the most widely used DNS software on the Internet. On Unix-like operating systems it is the de facto standard. http://en.wikipedia.org/wiki/BIND" dig nsd.wp.dg.cx TXT +short "In Internet computing, NSD (for \"name server daemon\") is an open-source server program for the Domain Name System. It was developed by NLnet Labs of Amsterdam in cooperation with the RIPE NCC, from scratch as an authoritative name server (i.e., not implem" "enting the recursive caching function by design). The intention of this development is to add variance to the \"gene pool... http://en.wikipedia.org/wiki/NSD" dig powerdns.wp.dg.cx TXT +short "PowerDNS is a DNS server, written in C++ and licensed under the GPL. It runs on most Unix derivatives and on Microsoft Windows. PowerDNS features a large number of different backends ranging from simple BIND style zonefiles to relational databases and loa" "d balancing/failover algorithms. A DNS recursor is also included as a separate program. http://en.wikipedia.org/wiki/PowerDNS"
You can find the geographic location of any UK postcode by querying LOC records on find.me.uk subdomains:
dig FK102NX.find.me.uk. LOC +short 56 7 27.822 N 3 50 35.480 W 0.00m 0.00m 0.00m 0.00m
For the curious mind, you can check on Google Maps why I picked up this exact postcode :)
A calculator supporting addition, subtraction, multiplication and division (respectively: ADD, SUB ,MUL, and DIV operations). More information here.
dig @dns.postel.org 2.8.add.calc.postel.org +short 0.10.0.0 dig @dns.postel.org 8.2.sub.calc.postel.org +short 0.6.0.0 dig @dns.postel.org 2.8.mul.calc.postel.org +short 0.16.0.0 dig @dns.postel.org 8.2.div.calc.postel.org +short 0.4.0.0
Secure Reverse Polish DNS Calculator:
An even better calculator using Reverse Polish notation (RPN), and providing DNSSEC signed answers, making it impossible for third parties to temper with the results :D More information here.
Here is an example showing how to calculate 2*3+2 (as you can see, the answers are signed):
dig 2.3.*.2.+.rp.secret-wg.org TXT +dnssec ; <<>> DiG 9.7.3 <<>> 2.3.*.2.+.rp.secret-wg.org TXT +dnssec ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14766 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 4096 ;; QUESTION SECTION: ;2.3.*.2.+.rp.secret-wg.org. IN TXT ;; ANSWER SECTION: 2.3.*.2.+.rp.secret-wg.org. 10 IN TXT "8" 2.3.*.2.+.rp.secret-wg.org. 10 IN TXT "This DNS message (including the RR(s) in the additional section) is confidential, proprietary, may be subject to copyright and legal privilege and no related rights are waived." "If you are not the intended recipient or its agent, any review, dissemination, distribution or copying of this DNS message. or any of its content is strictly prohibited and may be unlawful." "All messages may be monitored as permitted by applicable law and regulations and our policies to protect our business." "DNS messages are not secure and you are deemed to have accepted any risk if you communicate with us using DNS." "If received in error, please notify us immediately and delete the DNS message (and any of its sections) from any computer or any storage medium without printing a copy." 2.3.*.2.+.rp.secret-wg.org. 10 IN RRSIG TXT 1 8 10 20130427124228 20130226124228 27900 rp.secret-wg.org. 4Gi6ald7O06e8/1anCmCYE3EThUUJP9ikMo3QWa1ZUJteWmCFcbL34cJ ebt5cNGQsYYbwl4QCV/Vt++JLbL3Xw== ;; Query time: 26 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Feb 26 12:42:28 2013 ;; MSG SIZE rcvd: 959
IP to ASN Mapping via DNS
A service providing a way to map IPv4 and IPv6 addresses or prefixs to ASNs, get information about ASNs, and even find possible peers. More details here.
Mapping an IP address or prefix to a corresponding BGP Origin ASN:
dig 18.104.22.168.origin.asn.cymru.com TXT +short "23028 | 22.214.171.124/24 | US | arin | 1998-09-25" dig 108.90.216.origin.asn.cymru.com TXT +short "23028 | 126.96.36.199/24 | US | arin | 1998-09-25" dig 2.0.0.b.0.6.8.4.188.8.131.52.origin6.asn.cymru.com TXT +short "15169 | 2001:4860::/32 | US | arin | 2005-03-14"
Getting information about a given ASN:
dig AS23028.asn.cymru.com TXT +short "23028 | US | arin | 2002-01-04 | TEAM-CYMRU - Team Cymru Inc."
Getting external IP address via DNS
Probably the fastest way to get your external IP address (supports IPv4 only), as unlike the various HTTP services available it doesn't require initializing a TCP connection (if you're looking for such services, I recommend Telize, working for both IPv4 and IPv6):
dig myip.opendns.com @resolver1.opendns.com +short 184.108.40.206 dig myip.opendns.com @resolver2.opendns.com +short 220.127.116.11
Google also provides a similar service:
dig o-o.myaddr.l.google.com @ns1.google.com TXT +short 18.104.22.168 dig o-o.myaddr.l.google.com @ns2.google.com TXT +short 22.214.171.124 dig o-o.myaddr.l.google.com @ns3.google.com TXT +short 126.96.36.199 dig o-o.myaddr.l.google.com @ns4.google.com TXT +short 188.8.131.52
Distributing source code via DNS
A clever hack using CNAME chains to distribute gzipped data. More information here.
for DVDs in Linux screw the MPAA and ; do dig $DVDs.z.zoy.org ; done | \ perl -ne 's/\.//g; print pack("H224",$1) if(/^x([^z]*)/)' | gunzip
Back to top