dnsx icon indicating copy to clipboard operation
dnsx copied to clipboard

Published 20 hours ago verified publisher icon projectdiscovery

Issue with OpenDNS

Open ocervell opened this issue 5 months ago • 0 comments

dnsx version:

1.2.1

Current Behavior:

An error is displayed and parsed as a TXT record when running from France where the OpenDNS service is currently unavailable due to a court order.

Expected Behavior:

I expect the error to be parsed correctly as an error, not as a TXT record.

Steps To Reproduce:

$ echo google.com | dnsx -a -aaaa -cname -mx -ns -srv -txt -json -threads 50 | jq '.'

{
  "host": "google.com",
  "ttl": 102,
  "resolver": [
    "1.0.0.1:53",
    "8.8.8.8:53",
    "8.8.4.4:53",
    "9.9.9.9:53",
    "149.112.112.112:53",
    "208.67.222.222:53",
    "208.67.220.220:53",
    "1.1.1.1:53"
  ],
   ...
  "txt": [
    ...
    "cisco-ci-domain-verification=479146de172eb01ddee38b1a455ab9e8bb51542ddd7f1fa298557dfa7b22d963",
    "docusign=1b0a6754-49b1-4db5-8540-d2c12664b289",
    "The OpenDNS service is currently unavailable in France and some French territories due to a court order under Article L.333-10 of the French Sport Code. See https://support.opendns.com/hc/en-us"
  ],
  "all": [
    ...
    "google.com.\t0\tIN\tTXT\t\"The OpenDNS service is currently unavailable in France and some French territories due to a court order under Article L.333-10 of the French Sport Code. See https://support.opendns.com/hc/en-us\"",
    "\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1410\n; EDE: 16 (Censored): ()",
  ],
  "status_code": "NOERROR",
  "timestamp": "2024-09-13T05:38:17.594888889-04:00"
}

We can see the TXT record is The OpenDNS service is currently unavailable ....

Weirdly enough, it only happens when this exact combination of flags is passed. Maybe dnsx queries the OpenDNS service only when all those flags are passed ?

If I run simply the TXT resolution, it works fine and I don't get the OpenDNS error:

$ echo google.com | dnsx -txt -json -threads 50 | jq '.'

In the JSON, the resolver in this case is just 1.0.0.1:53 (compared to the previous list of 8 resolvers).

Even weirder, when I skip the -srv flag, I get no results:

$ echo google.com | dnsx -a -aaaa -cname -mx -ns -txt -json -threads 50 | jq '.'

ocervell avatar Sep 13 '24 09:09 ocervell