DNS abuse
It seems nowadays moving away from bloat is a permanent state of mind of mine. I was digging (pun, sorry) around as one does on a Saturday afternoon for a less bloaty way to query and get a response over the network, when I stumbled on dns.toys that uses the DNS protocol to achieve this. The DNS protocol is used to translate human readable domain names into their corresponding IP addresses. It was never --and I can't stress this enough-- it was never meant to act like a query service to convert miles into kilometers or what have you. That's where the abuse comes in. The dns.toys is written in Go, so I thought why not JavaScript. I ended up writing a very rudimentary DNS server and some basic utilities to go with it.
A typical DNS query and response takes anywhere between 100 - 512 bytes, header and all. It uses UDP, so it's faster even on a choppy network. If I want some very basic queries answered, like the distance conversion or finding the local time of a city or the weather there, I don't need to run them on the browser and wait for the bloat to download. Instead, we can abuse DNS. It is quite simple, really -- a DNS query will have a "question" section and the response will have both "question" and an "answer" section like below. We parse the question from the query and look for keywords like "coin" or "fortune" or "km-mi" etc, and then craft a response accordingly and put them in the answer section and send it back as a TXT record.
; <<>> DiG 9.18.28-0ubuntu0.24.04.1-Ubuntu <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40840
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 13 IN A 142.250.70.46
;; Query time: 2 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Mon Nov 04 13:11:27 CST 2024
;; MSG SIZE rcvd: 55
The dns.toys has a lot of features built in, mine just has three -- a coin toss, a fortune cookie, and a distance convertor. I'll be adding more in the coming days. It's a work in progress. Check out if you're interested.
https://github.com/prasilprakash/toy-dns-server
Once you run it you can use the dig program to test it.
How to run?
As a node app -
node dns-server.js --ip '127.0.0.1' --port '53'
You may want to run with sudo to use port 53. If you don't want to do that, try other ports -
node dns-server.js --ip '127.0.0.1' --port '5354'
As a containerized app -
docker build -t dns-server .
docker run -d -e PORT=53 -p 53:53/udp dns-server
How to use?
If you're running locally and want to use the fortune cookie thingy, you may want to install fortune first -
apt-get install fortune
To use dig you'll have to install dnsutils -
apt-get install dnsutils
Use dig to test the app -
dig coin @localhost
dig 20.coin @localhost
dig 42km-mi @localhost
dig 42mi-km @localhost
dig fortune @localhost
With other ports -
dig coin @localhost -p 5354
dig 20.coin @localhost -p 5354
dig 42km-mi @localhost -p 5354
dig 42mi-km @localhost -p 5354
dig fortune @localhost -p 5354
You can use the +short option with dig to get a concise response -
dig 42km-mi @localhost -p 5354 +short
I've been running it on this server, too. So this should work as well -
dig 42km-mi @shadowfacsimile.in -p 5354 +short
Let's see a sample output with and without +short.
❯ dig 42km-mi @shadowfacsimile.in -p 5354
; <<>> DiG 9.20.3 <<>> 42km-mi @shadowfacsimile.in -p 5354
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16479
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;42km-mi. IN A
;; ANSWER SECTION:
42km-mi. 1 IN TXT "26.097582"
;; Query time: 300 msec
;; SERVER: 134.209.159.92#5354(shadowfacsimile.in) (UDP)
;; WHEN: Mon Nov 04 13:17:39 CST 2024
;; MSG SIZE rcvd: 54
❯ dig 42km-mi @shadowfacsimile.in -p 5354 +short
"26.097582"