-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.go
66 lines (54 loc) · 1.58 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
package main
import (
"flag"
"fmt"
"strings"
"time"
"github.com/miekg/dns"
"github.com/slack-go/slack"
)
func main() {
domain := flag.String("domain", "", "Your registered domain name")
webhook := flag.String("webhook", "", "Your Slack webhook URL")
flag.Parse()
if *domain == "" {
fmt.Println("Error: Must supply a domain")
return
}
dns.HandleFunc(".", func(w dns.ResponseWriter, r *dns.Msg) {
m := new(dns.Msg)
m.SetReply(r)
remoteAddr := w.RemoteAddr().String()
q1 := r.Question[0]
t := time.Now()
if !dns.IsSubDomain(*domain+".", q1.Name) || !strings.HasSuffix(q1.Name, "bb.ctoyan.com."){
return
}
addrParts := strings.Split(remoteAddr, ":")
name := fmt.Sprintf("Lookup Query: `%v`", q1.Name)
date := fmt.Sprintf("Received At: `%v`", t.Format("Mon Jan _2 15:04:05 2006"))
from := fmt.Sprintf("Received From: `%v`", addrParts[0])
queryType := fmt.Sprintf("Query Type: `%v`", dns.TypeToString[q1.Qtype])
message := fmt.Sprintf("*Received DNS interaction:*\n %v \n %v \n %v \n %v \n", date, from, name, queryType)
if *webhook != "" {
sendSlack(message, *webhook)
} else {
fmt.Println(message)
}
// Server must responsd, because the client keeps making requests
// and therefor more slack messages are received
w.WriteMsg(m)
})
if err := dns.ListenAndServe("0.0.0.0:53", "udp", nil); err != nil {
fmt.Println(err.Error())
return
}
}
func sendSlack(message string, webhook string) {
msg := slack.WebhookMessage{
Text: message,
}
_ = slack.PostWebhook(webhook, &msg)
}
func handleInteraction(w dns.ResponseWriter, r *dns.Msg) {
}