Nmap DNS leak and proxychains redesign?

[Jacek Wielemborek <d33tah () gmail com>]

W dniu 04.07.2015 o 04:29, Daniel Miller pisze:> Jasey,
> Jasey
>
> Nsock supports HTTP proxies, so this should work for you. Currently, 
> all of our proxy options require local name resolution, so they
> suffer from the classic "DNS leak" problem. This is something that we
> are aware of and working to address, but it requires more of an
> architectural redesign of the proxy chain mechanism, so it will take
> longer to accomplish.
>
> Dan

This made me wonder where the DNS leaks actually are and how difficult
it would be to fix them. Here are my thoughts:

1. nmap_dns.cc - already uses Nsock routines for UDP. My idea is that
perhaps proxy support could be integrated here for SOCKS5 only with code
similar to one from nsock_connect_internal. This seems rather easy, am I
missing something?

2. Hostname resolution in NSE connect() scripts. Since those can be
arbitrary strings, the point above doesn't handle that.

3. Establishing connections to proxies defined by hostname in --proxy.

I guess there are other spots, can you think of any? Is there any
previous discussion of this topic in nmap-dev archives?

BTW, is there any specific reason why nmap_dns.cc doesn't seem to handle
DNS resolution over TCP as well? Perhaps such a resolver could work with
proxies out of the box, at least for bullet #1.

Cheers,
d33tah

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/