Government Security
Network Security Resources

Jump to content


hex encoding dns querys using scapy

- - - - - security networking network dns programming perl tutorial
  • Please log in to reply
No replies to this topic

#1 thecowman


    Private First Class

  • Members
  • 60 posts

Posted 05 June 2008 - 07:40 AM

Right so im using scapy, to make some networking scripts to use on my openwrt and i ran into trouble when im trying to make a dns query
i cannot seem to encode the query string properly, i have read somewhere that the string must begin with a new line, end in a null byte and use 0x3 for dots and found this

in a scapy paper online, and this seems to work in my code when i check it with wireshark, howver something like


will not work and often comes up as an invalid query in wireshark
so what im asking is, can anyone tell me the correct way to encode a dns query like this?

So i found out how it works, mostly thanks to this article here:

basicly when encoding the domain before each term you must put in hex the length of the word so becomes:
where x06 is the length of google
x03 is the length of com

Also tagged with one or more of these keywords: security, networking, network, dns, programming, perl, tutorial