starred/PHP-DNS-SERVER

Fork 0

mirror of https://github.com/yswery/PHP-DNS-SERVER.git synced 2026-04-25 17:25:53 +03:00

[GH-ISSUE #80] nmap udp scan crashes the server #30

New issue

Closed

opened 2026-03-04 23:23:52 +03:00 by kerem · 6 comments

kerem commented

2026-03-04 23:23:52 +03:00

Owner

Originally created by @nkakouros on GitHub (Nov 20, 2018).
Original GitHub issue: https://github.com/yswery/PHP-DNS-SERVER/issues/80

Originally assigned to: @samuelwilliams on GitHub.

Steps to reproduce:

sudo php examples/example.php
sudo nmap -sU -p53 127.0.0.1

This crashes the dns server with the following trace:

PHP Notice:  Undefined offset: 0 in /home/nikos/Projects/PHP-DNS-SERVER/src/Server.php on line 126
PHP Fatal error:  Uncaught Error: Call to a member function getName() on null in /home/nikos/Projects/PHP-DNS-SERVER/src/Server.php:126
Stack trace:
#0 /home/nikos/Projects/PHP-DNS-SERVER/src/Server.php(102): yswery\DNS\Server->handleQueryFromStream('\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00')
#1 /home/nikos/Projects/PHP-DNS-SERVER/vendor/evenement/evenement/src/Evenement/EventEmitterTrait.php(123): yswery\DNS\Server->onMessage('\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00', '127.0.0.1:35464', Object(React\Datagram\Socket))
#2 /home/nikos/Projects/PHP-DNS-SERVER/vendor/react/datagram/src/Socket.php(75): Evenement\EventEmitter->emit('message', Array)
#3 /home/nikos/Projects/PHP-DNS-SERVER/vendor/react/event-loop/src/StreamSelectLoop.php(238): React\Datagram\Socket->onReceive(Resource id #62)
#4 /home/nikos/Projects/PHP-DNS-SERVER/vendor/react/event-loop/src/StreamSelectLoop.php(205): React\EventLoop\StreamSelectLoop->waitForStreamActivity(NULL)
#5 /home/nikos/Projects/PHP-DNS-SERVER/src/Server.php(88): React\EventLoo in /home/nikos/Projects/PHP-DNS-SERVER/src/Server.php on line 126

Running tcpdump -i lo port 53 -vvv in parallel with nmap, shows the following captured packets being sent from nmap:

tcpdump: listening on lo, link-type EN10MB (Ethernet), capture size 262144 bytes
18:13:33.344773 IP (tos 0x0, ttl 49, id 30626, offset 0, flags [none], proto UDP (17), length 40)
    nikos-laptop.localdomain.45844 > nikos-laptop.localdomain.domain: [udp sum ok] 0 stat [0q] (12)

Here is a screenshot of the packet in wireshark:

Originally created by @nkakouros on GitHub (Nov 20, 2018). Original GitHub issue: https://github.com/yswery/PHP-DNS-SERVER/issues/80 Originally assigned to: @samuelwilliams on GitHub. Steps to reproduce: 1. `sudo php examples/example.php` 2. `sudo nmap -sU -p53 127.0.0.1` This crashes the dns server with the following trace: ``` PHP Notice: Undefined offset: 0 in /home/nikos/Projects/PHP-DNS-SERVER/src/Server.php on line 126 PHP Fatal error: Uncaught Error: Call to a member function getName() on null in /home/nikos/Projects/PHP-DNS-SERVER/src/Server.php:126 Stack trace: #0 /home/nikos/Projects/PHP-DNS-SERVER/src/Server.php(102): yswery\DNS\Server->handleQueryFromStream('\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00') #1 /home/nikos/Projects/PHP-DNS-SERVER/vendor/evenement/evenement/src/Evenement/EventEmitterTrait.php(123): yswery\DNS\Server->onMessage('\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00', '127.0.0.1:35464', Object(React\Datagram\Socket)) #2 /home/nikos/Projects/PHP-DNS-SERVER/vendor/react/datagram/src/Socket.php(75): Evenement\EventEmitter->emit('message', Array) #3 /home/nikos/Projects/PHP-DNS-SERVER/vendor/react/event-loop/src/StreamSelectLoop.php(238): React\Datagram\Socket->onReceive(Resource id #62) #4 /home/nikos/Projects/PHP-DNS-SERVER/vendor/react/event-loop/src/StreamSelectLoop.php(205): React\EventLoop\StreamSelectLoop->waitForStreamActivity(NULL) #5 /home/nikos/Projects/PHP-DNS-SERVER/src/Server.php(88): React\EventLoo in /home/nikos/Projects/PHP-DNS-SERVER/src/Server.php on line 126 ``` Running `tcpdump -i lo port 53 -vvv` in parallel with nmap, shows the following captured packets being sent from nmap: ``` tcpdump: listening on lo, link-type EN10MB (Ethernet), capture size 262144 bytes 18:13:33.344773 IP (tos 0x0, ttl 49, id 30626, offset 0, flags [none], proto UDP (17), length 40) nikos-laptop.localdomain.45844 > nikos-laptop.localdomain.domain: [udp sum ok] 0 stat [0q] (12) ``` Here is a screenshot of the packet in wireshark: ![screenshot_20181120_181557](https://user-images.githubusercontent.com/11805218/48790823-7db32a00-ecf0-11e8-9893-831de5681107.png)

kerem

2026-03-04 23:23:52 +03:00

closed this issue
added the
bug
label

kerem commented

2026-03-04 23:23:53 +03:00

Author

Owner

@samuelwilliams commented on GitHub (Nov 20, 2018):

This might be because the server just assumes that the DNS packet has a question, your packet has none. This should be an easy fix.

@samuelwilliams commented on GitHub (Nov 20, 2018): This might be because the server just assumes that the DNS packet has a question, your packet has none. This should be an easy fix.

kerem commented

2026-03-04 23:23:53 +03:00

Author

Owner

@samuelwilliams commented on GitHub (Nov 21, 2018):

@tterranigma give the latest commit a go

@samuelwilliams commented on GitHub (Nov 21, 2018): @tterranigma give the latest commit a go

kerem commented

2026-03-04 23:23:53 +03:00

Author

Owner

@nkakouros commented on GitHub (Nov 21, 2018):

It fails again with:

[nikos@localhost PHP-DNS-SERVER]$ sudo php example/example.php 
[2018-11-21T23:05:14+00:00] info: Server started.
[2018-11-21T23:05:14+00:00] info: Listening on 0.0.0.0:53
PHP Notice:  Undefined offset: 0 in /home/nikos/Projects/PHP-DNS-SERVER/src/Resolver/SystemResolver.php on line 44
PHP Fatal error:  Uncaught Error: Call to a member function getName() on null in /home/nikos/Projects/PHP-DNS-SERVER/src/Resolver/SystemResolver.php:46
Stack trace:
#0 /home/nikos/Projects/PHP-DNS-SERVER/src/Resolver/StackableResolver.php(35): yswery\DNS\Resolver\SystemResolver->getAnswer(Array)
#1 /home/nikos/Projects/PHP-DNS-SERVER/src/Server.php(129): yswery\DNS\Resolver\StackableResolver->getAnswer(Array)
#2 /home/nikos/Projects/PHP-DNS-SERVER/src/Server.php(102): yswery\DNS\Server->handleQueryFromStream('\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00')
#3 /home/nikos/Projects/PHP-DNS-SERVER/vendor/evenement/evenement/src/Evenement/EventEmitterTrait.php(123): yswery\DNS\Server->onMessage('\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00', '127.0.0.1:48652', Object(React\Datagram\Socket))
#4 /home/nikos/Projects/PHP-DNS-SERVER/vendor/react/datagram/src/Socket.php(75): Evenement\EventEmitter->emit('message', Array)
#5 /home/nikos/Projects/PHP-DNS-SERVER/vendor/react/event-loop/src/StreamSelectLoop.php(238): React\Datagram\ in /home/nikos/Projects/PHP-DNS-SERVER/src/Resolver/SystemResolver.php on line 46

@nkakouros commented on GitHub (Nov 21, 2018): It fails again with: ``` [nikos@localhost PHP-DNS-SERVER]$ sudo php example/example.php [2018-11-21T23:05:14+00:00] info: Server started. [2018-11-21T23:05:14+00:00] info: Listening on 0.0.0.0:53 PHP Notice: Undefined offset: 0 in /home/nikos/Projects/PHP-DNS-SERVER/src/Resolver/SystemResolver.php on line 44 PHP Fatal error: Uncaught Error: Call to a member function getName() on null in /home/nikos/Projects/PHP-DNS-SERVER/src/Resolver/SystemResolver.php:46 Stack trace: #0 /home/nikos/Projects/PHP-DNS-SERVER/src/Resolver/StackableResolver.php(35): yswery\DNS\Resolver\SystemResolver->getAnswer(Array) #1 /home/nikos/Projects/PHP-DNS-SERVER/src/Server.php(129): yswery\DNS\Resolver\StackableResolver->getAnswer(Array) #2 /home/nikos/Projects/PHP-DNS-SERVER/src/Server.php(102): yswery\DNS\Server->handleQueryFromStream('\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00') #3 /home/nikos/Projects/PHP-DNS-SERVER/vendor/evenement/evenement/src/Evenement/EventEmitterTrait.php(123): yswery\DNS\Server->onMessage('\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00', '127.0.0.1:48652', Object(React\Datagram\Socket)) #4 /home/nikos/Projects/PHP-DNS-SERVER/vendor/react/datagram/src/Socket.php(75): Evenement\EventEmitter->emit('message', Array) #5 /home/nikos/Projects/PHP-DNS-SERVER/vendor/react/event-loop/src/StreamSelectLoop.php(238): React\Datagram\ in /home/nikos/Projects/PHP-DNS-SERVER/src/Resolver/SystemResolver.php on line 46 ```

kerem commented

2026-03-04 23:23:53 +03:00

Author

Owner

@samuelwilliams commented on GitHub (Nov 23, 2018):

@tterranigma give the latest commit a go - I'm having issues with my system so I can't run my linux boxes at the moment to test

@samuelwilliams commented on GitHub (Nov 23, 2018): @tterranigma give the latest commit a go - I'm having issues with my system so I can't run my linux boxes at the moment to test

kerem commented

2026-03-04 23:23:53 +03:00

Author

Owner

@nkakouros commented on GitHub (Nov 23, 2018):

Yep! It worked!

[nikos@localhost PHP-DNS-SERVER]$ sudo nmap 127.0.0.1 -sU -p 53
Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-23 22:28 CET
Nmap scan report for nikos-laptop.localdomain (127.0.0.1)
Host is up (0.0038s latency).

PORT   STATE SERVICE
53/udp open  domain

Nmap done: 1 IP address (1 host up) scanned in 0.14 seconds

Thank you for the time you devoted on this issue!

@nkakouros commented on GitHub (Nov 23, 2018): Yep! It worked! ``` [nikos@localhost PHP-DNS-SERVER]$ sudo nmap 127.0.0.1 -sU -p 53 Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-23 22:28 CET Nmap scan report for nikos-laptop.localdomain (127.0.0.1) Host is up (0.0038s latency). PORT STATE SERVICE 53/udp open domain Nmap done: 1 IP address (1 host up) scanned in 0.14 seconds ``` Thank you for the time you devoted on this issue!

kerem commented

2026-03-04 23:23:53 +03:00

Author

Owner

@samuelwilliams commented on GitHub (Nov 23, 2018):

Issue resolved in v1.1.3

@samuelwilliams commented on GitHub (Nov 23, 2018): Issue resolved in v1.1.3

kerem referenced this issue

2026-03-04 23:24:05 +03:00

[PR #30] [MERGED] Sets aa flag if domain in db #59