code and result submitted.

DNSv6/Code/README.md

@@ -1,9 +0,0 @@
-## 组织结构
-
-```
-allv6.py 			#汇总所有v6地址结果
-ch_dns.py			#全国探针发送程序
-dnsfound_util.py	#DNSv6工具包
-ipmatch.py			#IP段匹配（山东）
-```
-

DNSv6/Code/allv6.py

@@ -1,20 +0,0 @@
-'''
-    用于将多个NS端pcap导出结果进行合并（另一种方法是将pcap文件合并后再导出）
-'''
-import pandas as pd
-
-# 结果保存位置
-res_path="./result/v6/allv6dns.csv"
-# 创建结果文件
-allip=pd.DataFrame(columns=["IPv6","Count"])
-allip.to_csv("./result/v6/allv6dns.csv",encoding='gbk', header=True, index=False)
-
-for i in range(5):
-    # 资源路径
-    path="./result/v6/v6-"+str(i+1)+".csv"
-    ip_datas=pd.read_csv(path,skiprows=2,names=["level","parent","IPv6","count","ave","min","max","rate","per","BR","BS"])
-    data = ip_datas.iloc[1:, [2,3]]
-    data.to_csv(res_path,mode="a", encoding='gbk', header=False, index=False)
-
-
-

DNSv6/Code/ch_dns.py

@@ -1,23 +0,0 @@
-'''
-    探针发送主程序
-'''
-import pandas as pd
-import dnsfound_util as dnsu
-
-alphabet=dnsu.alphabet
-#IPv4地址
-spath="./res_data/china/forwarder.xlsx"
-#返回结果保存
-dpath="./result/china/forward/res-5.csv"
-ch_dns=pd.read_excel(spath,names=["rdns","loc","company"])
-# 对于直接响应dns
-# ch_dns=pd.read_excel(spath,names=["rdns","dns"])
-# dns_result = pd.DataFrame(columns=["rdns", "result"],)
-
-#保存所有多线程生成器
-List=[dnsu.dnsresolver(i,ch_dns) for i in dnsu.tqdm(range(ch_dns.shape[0]))]
-
-#从所有多线程生成器中读取结果
-dns_result=pd.concat([pd.DataFrame([res.result()],columns=["rdns","result"]) for res in List],ignore_index=True)
-
-dns_result.to_csv(dpath)

DNSv6/Code/dnsfound_util.py

@@ -1,51 +0,0 @@
-'''
-    DNSv6工具包，注意tomorrow3无法在arm架构处理器上使用（m1）
-'''
-import dns.resolver
-import pandas as pd
-import random as rd
-import tomorrow3 as tm
-from tqdm import tqdm
-
-
-alphabet = "abcdefghijklmnopqrstuvwxyz1234567890"
-
-
-result = pd.DataFrame(columns=["rdns", "result"])
-dot_ressult = pd.DataFrame(columns=["dot", "result"])
-
-
-
-# val负责定位，dataframe指定数据来源
-@tm.threads(200)
-def dnsresolver(val,dataframe):
-    characters = "".join(rd.sample(alphabet, 10))  # 生成子域名
-    test = dataframe.loc[val, "rdns"]
-    reso = dns.resolver.Resolver()
-    reso.nameservers = [test]
-    reso.timeout = 10
-    try:
-        AAAA = reso.resolve(characters + ".v4.testv4-v6.live", "AAAA").response
-        # result = result.append([[test, AAAA.rcode()]], ignore_index=True)
-        return [test,AAAA.rcode()]
-    except:
-        # result=result.append([[test, 1]], ignore_index=True)
-        return [test,1]
-
-
-
-# if __name__=="__main__":
-#     mode="main"
-#     rdns = pd.read_csv("./res_data/rdns-shandong.csv", names=["rdns"])
-#     dot = pd.read_csv("./res_data/853-shandong.csv", names=["dot"])
-#     ch_rdns = pd.read_excel("./res_data/全国-递归DNS测量结果.xlsx", names=["rdns", "loc", "company"])
-#
-#     for i in tqdm(range(ch_rdns.shape[0])):
-#         dnsresolver(i,ch_rdns,result)
-#
-#     if (mode == "rdns"):
-#         result.to_csv("./result/"+str(2)+"-ch_rdns.csv")
-#     else:
-#         dot_ressult.to_csv("./result/dot.csv")
-
-

DNSv6/Code/ipmatch.py

@@ -1,44 +0,0 @@
-'''
-    IP段匹配
-'''
-import ipaddress as ipaddr
-import pandas as pd
-
-
-def makecidr(DATAframe):
-    cidr=pd.DataFrame()
-    for i in range(DATAframe.shape[0]):
-        if ":" in DATAframe.loc[i,"start_ip"]:
-            start_ip=ipaddr.ip_address(DATAframe.loc[i,"start_ip"])
-            end_ip=ipaddr.ip_address(DATAframe.loc[i,"end_ip"])
-            ipcidr=ipaddr.summarize_address_range(start_ip,end_ip)
-            for ips in ipcidr:
-                cidr = cidr.append([[ips]])
-
-    return cidr
-def matchIP(ip,cidrs):
-    for c in cidrs.keys():
-        for j in range(cidrs[c].shape[0]):
-            if (ipaddr.IPv6Address(ip) in ipaddr.IPv6Network(cidrs[c].iloc[j, 0])):
-
-                return str(c)
-if __name__=="__main__":
-    # 读取原始数据
-    cidrs=[]
-    dx = pd.read_excel("./res_data/IPrange/山东电信.xlsx", names=["time", "start_ip", "end_ip", "organization", "company"])
-    yd = pd.read_excel("./res_data/IPrange/山东移动.xlsx", names=["time", "start_ip", "end_ip", "organization", "company"])
-    lt = pd.read_excel("./res_data/IPrange/山东联通.xlsx", names=["time", "start_ip", "end_ip", "organization", "company"])
-    ips=pd.read_csv("./result/v6/allv6dns.csv",header=0)
-
-    # dx_cidr=makecidr(dx)
-    # yd_cidr=makecidr(yd)
-    # lt_cidr=makecidr(lt)
-    cidrs={"dx":makecidr(dx),"yd":makecidr(yd),"lt":makecidr(lt)}
-    ips["company"]=ips["IPv6"].map(lambda x:matchIP(x,cidrs))
-    ips_n=pd.pivot_table(ips,values=["Count"],index=["IPv6"],aggfunc=sum)
-    ips_c=ips.drop_duplicates(subset=["IPv6"],keep="first")
-    ips_L=ips_n.merge(ips_c.loc[:,["IPv6","company"]],how="left",on="IPv6")
-    ips_L.to_csv("./result/v6/v6DNSs.csv",index=False)
-    # for i in range(ips.shape[0]):
-
-

DNSv6/README.md

@@ -1,33 +0,0 @@
-# DNSv6
-
-### 组织结构
-
-```
-├─Code				#dns探针发送代码
-├─result			#自建NS端的pcap结果以及5次探针发送情况
-│  └─china
-│      ├─forward	#转发
-│      ├─gkdg		#公开递归
-│      ├─jjdg		#间接递归
-│      └─zjxy		#直接响应
-└─src
-	├─china 		#ipv4的种子地址数据，来自@莫迪凯
-	└─shandong		#山东v4数据
-		├─IPrange 	#三大运营商IPv4网段数据
-		└─dns		#已知v4 dns
-```
-
-### 原理
-
-
-
-### 配置
-
-#### 自建NS端
-
-![自建NS端配置](README.assets/自建NS端配置.png)
-
-#### godaddy端
-
-![Godaddy NS配置](README.assets/Godaddy NS配置.png)
-

DNSv6/result/china/allv6dns.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:8db10fe0868b210265cadfc885607c03de3b70323c21cd350b4c5113aad87be4
-size 90037

DNSv6/result/china/forward/Allv6dns.pcap

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:aad73406bc157c7de98728e70862aabef110242fabaa1745bd07dd2746e33766
-size 390231878

DNSv6/result/china/forward/allv6-address.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:11dda37428083717e91bfef79c38d1bddfdbdb867b3b56519e891c5cdd7e2c3a
-size 286315

DNSv6/result/china/forward/res-1.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:39a04b88100a61ddf42a41481cebab2549e6cc902774987da60b5bc09cc6016b
-size 18903728

DNSv6/result/china/forward/res-2.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:4b6e478064c402803a7001197c24e5ea12ad561fe379bfd9792a4176b89be973
-size 18903728

DNSv6/result/china/forward/res-3.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:c3d2d29c0daa9e2a7340d37d837d65442fa53781f03f3a4146e5a19191592649
-size 18903728

DNSv6/result/china/forward/res-4.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d4c55429f1611df000fefbf321852c175f5deeee5ab0049c24ed04b9989b6f34
-size 18903728

DNSv6/result/china/forward/res-5.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:3b0df54d837eee7cf3a1fb03ab54cd1a072f2f44763d9aaebfa6df8db28039f2
-size 18903728

DNSv6/result/china/gkdg/20220401-OR-ch_v6.pcap

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:976ab6a95ee8fcc1ce0f3488542681e8743eb9e4e7df7f0aa36f5864c38ed3c5
-size 685566

DNSv6/result/china/gkdg/rdns-1.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:559f21c923ecd000065c18187f01f7763883c62a374545d293ffead7a43932ea
-size 80110

DNSv6/result/china/gkdg/rdns-2.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:bf9a2daa1810cd9645737530b306a28b5d4ea9510a0d13629c6a58d78b659ec3
-size 80110

DNSv6/result/china/gkdg/rdns-3.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:b08821bb3d4e58ff8b1f619f2aad87f615df04e9a394ece9718939e6c12e2712
-size 80110

DNSv6/result/china/gkdg/rdns-4.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:260216ea35f7a4f14d90dd6f617331f37ffbf50e50125c52c845b4be00fd72cc
-size 80110

DNSv6/result/china/gkdg/rdns-5.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:7124c588bd4210a8dd2a02b81411dc9b46ef7fc72e8921935a6a98fecba4364b
-size 80110

DNSv6/result/china/gkdg/v6dns.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:0965522b8685befb3ba5bef5eb4a99a0e08a0c6cf1a02d76b7c01786a7af4212
-size 39175

DNSv6/result/china/jjdg/20220401-IR-ch_v6.pcap

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:1449fb680f91609be49bcc85cd5d8fe94922cdc82c62e9087f0eaf16fbbb17a5
-size 144906

DNSv6/result/china/jjdg/rdns-1.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:5be788e7ab415b82a41adaea14874183b14db10aade4d5b7abfe1e2db23defa5
-size 107407

DNSv6/result/china/jjdg/rdns-2.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:256df35e84ef30fb21e4f5f81f315715ed4aeac694d17e13d5aa195e212268cc
-size 107407

DNSv6/result/china/jjdg/rdns-3.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:03ef11ce72f50841cb2a46d26473d1604a13ade41f6c7bee98e3b39410ec84f2
-size 107407

DNSv6/result/china/jjdg/rdns-4.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:9c43fa7fc18897bb2573f2558fdfbadb361435958eac94fe63466a53d9467d21
-size 107407

DNSv6/result/china/jjdg/rdns-5.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:66ff3e9df2b02cc4f18f521dd2dba7ff1e3225e05f43135414e7add68cce965d
-size 107407

DNSv6/result/china/jjdg/v6dns.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:5cbeaf443756fd60e151da461595f19281e361c3a2b06d5408a6dcc7b75bf1ab
-size 9473

DNSv6/result/china/zjxy/20220401-DR-ch_v6.pcap

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:b72992a643af3dc0e72ff0992550732f2280de6de082a5701cef990e141e6fba
-size 147401

DNSv6/result/china/zjxy/rdns-1.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:ef74027f8e4d7b464ca82187020768b184f6091dd2a6ef1dd5933c9c970e954d
-size 31587

DNSv6/result/china/zjxy/rdns-2.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:88582297fe0a20463a002984ea81e9d868d45d7f665f6d355553ed39dd7cd6d7
-size 31587

DNSv6/result/china/zjxy/rdns-3.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:88a3e7192e8a67cf18adb80e32596921844a8b4305fe816179461de5abbafe1f
-size 31587

DNSv6/result/china/zjxy/rdns-4.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:c0b2c4f2d1d161971d3127fb1722457550ecf29225e269ae3e037022f4f54033
-size 31587

DNSv6/result/china/zjxy/rdns-5.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:b23ae77b51b06c8b73d05069f23df7c526bcccb862aa1e009c5850c28dc60c73
-size 31587

DNSv6/result/china/zjxy/v6dns.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:474277b8eb90a986fc6251fc28ceb4552c90ccafe9d56986362459deeb563be7
-size 11632

DNSv6/src/shandong/dns/853-shandong.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:44d48c187a3b433539040669c65008d876adb3ae13b0cc72111a708e57d7c203
-size 36150

DNSv6/src/shandong/dns/rdns-shandong.csv

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:514cdca439bd9660ec8bde7ded09601e38ffa630edd3853565ce8d4646848105
-size 677892

rdns_scan/zmap4rdns/.clang-format

@@ -0,0 +1,11 @@
+BasedOnStyle: LLVM
+IndentWidth: 8
+UseTab: Always
+BreakBeforeBraces: Linux
+AllowShortIfStatementsOnASingleLine: false
+IndentCaseLabels: false
+DerivePointerAlignment: false
+PointerAlignment: Right
+BreakStringLiterals: false
+SortIncludes: false
+ReflowComments: false

rdns_scan/zmap4rdns/.editorconfig

@@ -0,0 +1,18 @@
+root = true
+
+[*]
+end_of_line = lf
+insert_final_newline = true
+
+[*.{c,h}]
+indent_style = tab
+indent_size = 8
+
+[CMakeLists.txt]
+indent_style = spaces
+indent_size = 4
+
+[*.py]
+indent_style = spaces
+indent_size = 4
+

rdns_scan/zmap4rdns/CMakeLists.txt

@@ -0,0 +1,162 @@
+cmake_minimum_required(VERSION 2.8.12 FATAL_ERROR)
+project(ZMAP C)
+set(ZMAP_VERSION DEVELOPMENT) # Change DEVELOPMENT to version number for release
+
+option(ENABLE_DEVELOPMENT "Enable development specific compiler and linker flags" OFF)
+option(ENABLE_LOG_TRACE "Enable log trace messages" OFF)
+option(RESPECT_INSTALL_PREFIX_CONFIG "Respect CMAKE_INSTALL_PREFIX for /etc" OFF)
+option(WITH_WERROR "Build with -Werror" OFF)
+option(WITH_PFRING "Build with PF_RING ZC for send (10 GigE)" OFF)
+option(FORCE_CONF_INSTALL "Overwrites existing configuration files at install" OFF)
+
+if("${CMAKE_CXX_COMPILER_ID}" STREQUAL "Clang")
+    set(USING_CLANG "YES")
+else()
+    set(USING_GCC "YES")
+endif()
+
+if("${CMAKE_SYSTEM_NAME}" MATCHES "FreeBSD" OR "${CMAKE_SYSTEM_NAME}" MATCHES "NetBSD" OR "${CMAKE_SYSTEM_NAME}" MATCHES "DragonFly")
+    set(BSD "YES")
+endif()
+
+if("${CMAKE_SYSTEM_NAME}" MATCHES "NetBSD")
+    set(NetBSD "YES")
+endif()
+
+# Hardening and warnings for building with gcc
+# Maybe add -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations
+set(GCCWARNINGS
+    "-Wall -Wformat=2 -Wno-format-nonliteral"
+    "-pedantic -fno-strict-aliasing"
+    "-Wextra"
+    "-Wfloat-equal -Wundef -Wwrite-strings -Wredundant-decls"
+    "-Wnested-externs -Wbad-function-cast -Winit-self"
+    "-Wmissing-noreturn"
+    "-Wstack-protector"
+)
+
+# Fix line breaks
+string(REPLACE ";" " "  GCCWARNINGS "${GCCWARNINGS}")
+
+if(WITH_WERROR)
+    set(GCCWARNINGS "${GCCWARNINGS} -Werror")
+endif()
+
+if(ENABLE_DEVELOPMENT)
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -ggdb")
+    set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -g")
+else()
+    # Hardening and optimizations for building with gcc
+    set(GCCHARDENING "-U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fstack-protector-all -fwrapv -fPIC --param ssp-buffer-size=1")
+    if(NOT APPLE AND NOT BSD)
+        set(LDHARDENING "-z relro -z now")
+    else()
+        set(LDHARDENING "")
+    endif()
+
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${GCCHARDENING} -O2")
+    set(CMAKE_EXE_LINKER_FLAGS "${LDHARDENING} ${CMAKE_EXE_LINKER_FLAGS}")
+endif()
+
+if(ENABLE_LOG_TRACE)
+    add_definitions("-DDEBUG")
+endif()
+
+
+set(CMAKE_C_FLAGS "${GCCWARNINGS} ${CMAKE_C_FLAGS}")
+
+
+include(FindPkgConfig)
+pkg_check_modules(JSON json-c)
+if(JSON_FOUND)
+    include_directories(${JSON_INCLUDE_DIRS})
+else()
+    message(FATAL_ERROR "Did not find libjson")
+endif()
+string(REPLACE ";" " " JSON_CFLAGS "${JSON_CFLAGS}")
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${JSON_CFLAGS}")
+
+if(WITH_PFRING)
+    add_definitions("-DPFRING")
+    set(PFRING_LIBRARIES pfring rt numa)
+endif()
+
+# Standard FLAGS
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=gnu99")
+if(NOT APPLE)
+    set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -pthread")
+endif()
+
+# Set up OS-specific include directories
+if(APPLE)
+    if(EXISTS /opt/local/include)
+        include_directories(/opt/local/include)
+    endif()
+    if(EXISTS /opt/local/lib)
+        link_directories(/opt/local/lib)
+    endif()
+    if(EXISTS /usr/local/include)
+        include_directories(/usr/local/include)
+    endif()
+    if(EXISTS /usr/local/lib)
+        link_directories(/usr/local/lib)
+    endif()
+endif()
+
+if(BSD)
+    include_directories(/usr/local/include)
+    link_directories(/usr/local/lib)
+endif()
+
+if(NetBSD)
+    include_directories(/usr/pkg/include)
+    link_directories(/usr/pkg/lib)
+endif()
+
+add_subdirectory(lib)
+add_subdirectory(src)
+
+# Install conf files
+if(RESPECT_INSTALL_PREFIX_CONFIG)
+    set(CONFIG_DESTINATION "etc/zmap")
+else()
+    set(CONFIG_DESTINATION "/etc/zmap")
+endif()
+
+FILE(GLOB CONF_FILES "${PROJECT_SOURCE_DIR}/conf/*")
+
+message(STATUS "Default ZMap configuration file location is /etc/zmap")
+foreach(EACH_CONF ${CONF_FILES})
+    get_filename_component(CONF_BASENAME ${EACH_CONF} NAME)
+    message(STATUS "Checking if ${CONF_BASENAME} exists there...")
+    if(NOT EXISTS "/etc/zmap/${CONF_BASENAME}")
+        install(FILES ${EACH_CONF} DESTINATION ${CONFIG_DESTINATION})
+    elseif(FORCE_CONF_INSTALL)
+        message(WARNING "FORCE_CONF_INSTALL will overwrite any existing configuration files")
+        install(FILES ${EACH_CONF} DESTINATION ${CONFIG_DESTINATION})
+    else()
+        message(WARNING "Existing configuration file detected at /etc/zmap/${CONF_BASENAME}, ${CONF_BASENAME} from sources will NOT be installed. Please check and install manually!")
+    endif()
+endforeach()
+
+# Allow Debian Packaging
+include(InstallRequiredSystemLibraries)
+
+set(CPACK_SET_DESTDIR "on")
+set(CPACK_PACKAGING_INSTALL_PREFIX "/tmp")
+set(CPACK_GENERATOR "DEB")
+
+set(CPACK_DEBIAN_PACKAGE_VERSION ${ZMAP_VERSION})
+set(CPACK_DEBIAN_PACKAGE_PRIORITY "optional")
+set(CPACK_DEBIAN_PACKAGE_SECTION "network")
+set(CPACK_DEBIAN_ARCHITECTURE ${CMAKE_SYSTEM_PROCESSOR})
+set(CPACK_DEBIAN_PACKAGE_DEPENDS "libc6 (>= 2.1.3), libgmp10, libpcap0.8, libjson-c-dev")
+
+set(CPACK_PACKAGE_DESCRIPTION "Internet-scale network scanner")
+set(CPACK_PACKAGE_DESCRIPTION_SUMMARY "ZMap is an open source network scanner that enables researchers to easily perform Internet-wide network studies. With a single machine and a well provisioned network uplink, ZMap is capable of performing a complete scan of the IPv4 address space in under five minutes, approaching the theoretical limit of gigabit Ethernet. ZMap can be used to study protocol adoption over time, monitor service availability, and help us better understand large systems distributed across the Internet.")
+set(CPACK_PACKAGE_CONTACT "Zakir Durumeric <zakird@gmail.com>")
+set(CPACK_PACKAGE_FILE_NAME "${CMAKE_PROJECT_NAME}_${VERSION}_${CPACK_DEBIAN_ARCHITECTURE}")
+
+set(CPACK_COMPONENTS_ALL Libraries ApplicationData)
+
+include(CPack)

rdns_scan/zmap4rdns/INSTALL.md

@@ -0,0 +1,92 @@
+# Installing and Building ZMap
+
+## Installing via Package Manager
+
+ZMap operates on GNU/Linux, macOS, and BSD. The latest stable version (v2.1.1)
+can be installed using most OS package managers:
+
+| OS                                        |                         |
+| ----------------------------------------- | ----------------------- |
+| Fedora 19+ or EPEL 6+                     | `sudo yum install zmap` |
+| Debian 8+ or Ubuntu 14.04+                | `sudo apt install zmap` |
+| Gentoo                                    | `sudo emerge zmap`      |
+| macOS (using [Homebrew](https://brew.sh)) | `brew install zmap`     |
+| Arch Linux                                | `sudo pacman -S zmap`   |
+
+## Building from Source
+
+### Installing ZMap Dependencies
+
+ZMap has the following dependencies:
+
+  - [CMake](http://www.cmake.org/) - Cross-platform, open-source build system
+  - [GMP](http://gmplib.org/) - Free library for arbitrary precision arithmetic
+  - [gengetopt](http://www.gnu.org/software/gengetopt/gengetopt.html) - Command line option parsing for C programs
+  - [libpcap](http://www.tcpdump.org/) - Famous user-level packet capture library
+  - [flex](http://flex.sourceforge.net/) and [byacc](http://invisible-island.net/byacc/) - Output filter lexer and parser generator
+  - [json-c](https://github.com/json-c/json-c/) - JSON implementation in C
+  - [libunistring](https://www.gnu.org/software/libunistring/) - Unicode string library for C
+  - [libdnet](https://github.com/dugsong/libdnet) - (macOS Only) Gateway and route detection
+
+Install the required dependencies with the following commands.
+
+* On Debian-based systems (including Ubuntu):
+   ```sh
+   sudo apt-get install build-essential cmake libgmp3-dev gengetopt libpcap-dev flex byacc libjson-c-dev pkg-config libunistring-dev libmysqlclient-dev
+   ```
+
+* On RHEL- and Fedora-based systems (including CentOS):
+   ```sh
+   sudo yum install cmake gmp-devel gengetopt libpcap-devel flex byacc json-c-devel libunistring-devel
+   ```
+
+* On macOS systems (using [Homebrew](http://brew.sh/)):
+  ```sh
+  brew install pkg-config cmake gmp gengetopt json-c byacc libdnet libunistring
+  ```
+
+* To launch a shell inside a Docker container with the build dependencies
+  mounted at `/src`:
+  ```sh
+  docker run -it -v $(pwd):/src zmap/builder
+  ```
+
+### Building and Installing ZMap
+
+Once these prerequisites are installed, ZMap can be compiled by running:
+  ```sh
+  cmake .
+  make -j4
+  ```
+
+and then installed via `sudo make install`.
+
+### Development Notes
+
+- Enabling development turns on debug symbols, and turns off optimizations.
+Release builds should be built with `-DENABLE_DEVELOPMENT=OFF`.
+
+- Enabling `log_trace` can have a major performance impact and should not be used
+except during early development. Release builds should be built with `-DENABLE_LOG_TRACE=OFF`.
+
+- Building packages for some systems like Fedora and RHEL requires a user-definable
+directory (buildroot) to put files. The way to respect this prefix is to run cmake
+with `-DRESPECT_INSTALL_PREFIX_CONFIG=ON`.
+
+- Manpages (and their HTML representations) are generated from the `.ronn` source
+files in the repository, using the [ronn](https://github.com/rtomayko/ronn) tool.
+This does not happen automatically as part of the build process; to regenerate the
+man pages you'll need to run `make manpages`. This target assumes that `ronn` is
+in your PATH.
+
+- Building with some versions of CMake may fail with `unable to find parser.h`.
+If this happens, try updating CMake. If it still fails, don't clone ZMap into a
+path that contains the string `.com`, and try again.
+
+- ZMap may be installed to an alternative directory, with the `CMAKE_INSTALL_PREFIX`
+option. For example, to install it in `$HOME/opt` run
+    ```sh
+    cmake -DCMAKE_INSTALL_PREFIX=$HOME/opt .
+    make -j4
+    make install
+    ```

rdns_scan/zmap4rdns/checkFormat.sh

@@ -0,0 +1,20 @@
+#!/bin/bash
+
+CLANG_FORMAT=clang-format-6.0
+
+files_to_lint=$(find ./src ./lib -type f -name '*.c' -or -name '*.h')
+
+fail=0
+for f in ${files_to_lint}; do
+  d="$(diff -u "$f" <($CLANG_FORMAT -style=file "$f") || true)"
+  if ! [ -z "$d" ]; then
+    printf "The file %s is not compliant with the coding style:\n%s\n" "$f" "$d"
+    fail=1
+  fi
+done
+
+if [ "$fail" -eq "1" ]; then
+  if [ ! -z $ZMAP_ENFORCE_FORMAT ]; then
+    exit 1
+  fi
+fi

rdns_scan/zmap4rdns/conf/blocklist.conf

@@ -0,0 +1,25 @@
+# From IANA IPv4 Special-Purpose Address Registry
+# http://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml
+# Updated 2013-05-22
+
+0.0.0.0/8           # RFC1122: "This host on this network"
+10.0.0.0/8          # RFC1918: Private-Use
+100.64.0.0/10       # RFC6598: Shared Address Space
+127.0.0.0/8         # RFC1122: Loopback
+169.254.0.0/16      # RFC3927: Link Local
+172.16.0.0/12       # RFC1918: Private-Use
+192.0.0.0/24        # RFC6890: IETF Protocol Assignments
+192.0.2.0/24        # RFC5737: Documentation (TEST-NET-1)
+192.88.99.0/24      # RFC3068: 6to4 Relay Anycast
+192.168.0.0/16      # RFC1918: Private-Use
+198.18.0.0/15       # RFC2544: Benchmarking
+198.51.100.0/24     # RFC5737: Documentation (TEST-NET-2)
+203.0.113.0/24      # RFC5737: Documentation (TEST-NET-3)
+240.0.0.0/4         # RFC1112: Reserved
+255.255.255.255/32  # RFC0919: Limited Broadcast
+
+# From IANA Multicast Address Space Registry
+# http://www.iana.org/assignments/multicast-addresses/multicast-addresses.xhtml
+# Updated 2013-06-25
+
+224.0.0.0/4         # RFC5771: Multicast/Reserved

rdns_scan/zmap4rdns/conf/zmap.conf

@@ -0,0 +1,22 @@
+### Probe Module to use
+#probe-module tcp_synscan
+
+
+### Destination port to scan
+#target-port 443
+
+### Scan rate in packets/sec
+#rate 10000
+
+### Scan rate in bandwidth (bits/sec); overrides `rate`
+#bandwidth 1M	# 1mbps
+
+
+### Blocklist file to use. We encourage you to exclude
+### RFC1918, IANA reserved, and multicast networks,
+### in addition to those who have opted out of your
+### network scans.
+blocklist-file "/etc/zmap/blocklist.conf"
+
+### Optionally print a summary at the end
+#summary

rdns_scan/zmap4rdns/containers/build-push-builder.sh

@@ -0,0 +1,4 @@
+#!/usr/bin/env bash
+ZMAP_CONTAINER_TAG=${ZMAP_CONTAINER_TAG:-'latest'}
+docker build -f builder.dockerfile -t zmap/builder:$ZMAP_CONTAINER_TAG .
+docker push zmap/builder:$ZMAP_CONTAINER_TAG

rdns_scan/zmap4rdns/containers/builder.dockerfile

@@ -0,0 +1,16 @@
+FROM ubuntu:20.04
+
+ENV DEBIAN_FRONTEND=noninteractive
+RUN apt-get update -y --quiet
+RUN apt-get install -y -qq \
+    build-essential \
+    byacc \
+    cmake \
+    flex \
+    gengetopt \
+    libgmp3-dev \
+    libjson-c-dev \
+    libpcap-dev \
+    libunistring-dev \
+    pkg-config \
+    python3

rdns_scan/zmap4rdns/examples/forge-socket/README

@@ -0,0 +1,4 @@
+Forge Socket
+============
+
+Forge Socket is now maintained at https://github.com/ewust/forge_socket.

rdns_scan/zmap4rdns/examples/probe-modules/module_tcp_cisco_backdoor.c

@@ -0,0 +1,203 @@
+/*
+ * ZMap Copyright 2013 Regents of the University of Michigan
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy
+ * of the License at http://www.apache.org/licenses/LICENSE-2.0
+ */
+
+// probe module for performing TCP SYN scans
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <stdint.h>
+#include <unistd.h>
+#include <string.h>
+#include <assert.h>
+
+#include "../../lib/includes.h"
+#include "../fieldset.h"
+#include "probe_modules.h"
+#include "packet.h"
+
+probe_module_t module_tcp_synscan;
+static uint32_t num_ports;
+
+static int synscan_global_initialize(struct state_conf *state)
+{
+	num_ports = state->source_port_last - state->source_port_first + 1;
+	return EXIT_SUCCESS;
+}
+
+static int synscan_init_perthread(void *buf, macaddr_t *src, macaddr_t *gw,
+				  port_h_t dst_port,
+				  __attribute__((unused)) void **arg_ptr)
+{
+	memset(buf, 0, MAX_PACKET_SIZE);
+	struct ether_header *eth_header = (struct ether_header *)buf;
+	make_eth_header(eth_header, src, gw);
+	struct ip *ip_header = (struct ip *)(&eth_header[1]);
+	uint16_t len = htons(sizeof(struct ip) + sizeof(struct tcphdr));
+	make_ip_header(ip_header, IPPROTO_TCP, len);
+	struct tcphdr *tcp_header = (struct tcphdr *)(&ip_header[1]);
+	make_tcp_header(tcp_header, dst_port, TH_SYN);
+	return EXIT_SUCCESS;
+}
+
+// instead of settings sequence number to be random for validation
+// let's instead set to something static so that we can easily
+// set acknowledgement number. I don't know how integer overflow
+// is going to act in this.
+// uint32_t tcp_seq = validation[0];
+// From Mandiant
+// 1. To initiate the process, a uniquely crafted TCP SYN packet is sent
+//	to port 80 of the “implanted” router. It is important to note that
+//	the difference between the sequence and acknowledgment numbers must
+//	be set to 0xC123D. Also the ACK number doesn’t need to be zero.
+
+#define BACKDOOR_SEQ 0x3D120C00
+//#define BACKDOOR_SEQ 0x000C123D // wrong byte order
+#define BACKDOOR_ACK 0x0
+#define EXPECTED_RESPONSE_SEQ 0
+//#define EXPECTED_RESPONSE_ACK 0x000C123E // wrong byte order
+#define EXPECTED_RESPONSE_ACK 0x3E120C00
+
+static int synscan_make_packet(void *buf, UNUSED size_t *buf_len,
+			       ipaddr_n_t src_ip, ipaddr_n_t dst_ip, uint8_t ttl,
+			       uint32_t *validation, int probe_num,
+			       UNUSED void *arg)
+{
+	struct ether_header *eth_header = (struct ether_header *)buf;
+	struct ip *ip_header = (struct ip *)(&eth_header[1]);
+	struct tcphdr *tcp_header = (struct tcphdr *)(&ip_header[1]);
+
+	ip_header->ip_src.s_addr = src_ip;
+	ip_header->ip_dst.s_addr = dst_ip;
+	ip_header->ip_ttl = ttl;
+
+	tcp_header->th_sport =
+	    htons(get_src_port(num_ports, probe_num, validation));
+	tcp_header->th_seq = BACKDOOR_SEQ;
+	tcp_header->th_ack = BACKDOOR_ACK;
+	tcp_header->th_sum = 0;
+	tcp_header->th_sum =
+	    tcp_checksum(sizeof(struct tcphdr), ip_header->ip_src.s_addr,
+			 ip_header->ip_dst.s_addr, tcp_header);
+
+	ip_header->ip_sum = 0;
+	ip_header->ip_sum = zmap_ip_checksum((unsigned short *)ip_header);
+
+	return EXIT_SUCCESS;
+}
+
+static void synscan_print_packet(FILE *fp, void *packet)
+{
+	struct ether_header *ethh = (struct ether_header *)packet;
+	struct ip *iph = (struct ip *)&ethh[1];
+	struct tcphdr *tcph = (struct tcphdr *)&iph[1];
+	fprintf(fp,
+		"tcp { source: %u | dest: %u | seq: %u | checksum: %#04X }\n",
+		ntohs(tcph->th_sport), ntohs(tcph->th_dport),
+		ntohl(tcph->th_seq), ntohs(tcph->th_sum));
+	fprintf_ip_header(fp, iph);
+	fprintf_eth_header(fp, ethh);
+	fprintf(fp, "------------------------------------------------------\n");
+}
+
+static int synscan_validate_packet(const struct ip *ip_hdr, uint32_t len,
+				   __attribute__((unused)) uint32_t *src_ip,
+				   uint32_t *validation)
+{
+	if (ip_hdr->ip_p != IPPROTO_TCP) {
+		return 0;
+	}
+	if ((4 * ip_hdr->ip_hl + sizeof(struct tcphdr)) > len) {
+		// buffer not large enough to contain expected tcp header
+		return 0;
+	}
+	struct tcphdr *tcp =
+	    (struct tcphdr *)((char *)ip_hdr + 4 * ip_hdr->ip_hl);
+	uint16_t sport = tcp->th_sport;
+	uint16_t dport = tcp->th_dport;
+	// validate source port
+	if (ntohs(sport) != zconf.target_port) {
+		return 0;
+	}
+	// validate destination port
+	if (!check_dst_port(ntohs(dport), num_ports, validation)) {
+		return 0;
+	}
+	// DO NOT validate ack number as this is currently statically set
+	// validate tcp acknowledgement number
+	// if (htonl(tcp->th_ack) != htonl(validation[0])+1) {
+	//	return 0;
+	//}
+	return 1;
+}
+
+static void synscan_process_packet(const u_char *packet, uint32_t len,
+				   fieldset_t *fs,
+				   __attribute__((unused)) uint32_t *validation,
+				   __attribute__((unused)) struct timespec ts)
+{
+	struct ip *ip_hdr = (struct ip *)&packet[sizeof(struct ether_header)];
+	struct tcphdr *tcp =
+	    (struct tcphdr *)((char *)ip_hdr + 4 * ip_hdr->ip_hl);
+
+	fs_add_uint64(fs, "sport", (uint64_t)ntohs(tcp->th_sport));
+	fs_add_uint64(fs, "dport", (uint64_t)ntohs(tcp->th_dport));
+	fs_add_uint64(fs, "seqnum", (uint64_t)ntohl(tcp->th_seq));
+	fs_add_uint64(fs, "acknum", (uint64_t)ntohl(tcp->th_ack));
+	fs_add_uint64(fs, "window", (uint64_t)ntohs(tcp->th_win));
+	fs_add_uint64(fs, "urgentptr", (uint64_t)ntohs(tcp->th_urp));
+	fs_add_uint64(fs, "flags", (uint64_t)ntohs(tcp->th_flags));
+	fs_add_binary(fs, "raw", len, (void *)packet, 0);
+
+	if (tcp->th_flags & TH_RST) { // RST packet
+		fs_add_string(fs, "classification", (char *)"rst", 0);
+		fs_add_bool(fs, "success", 0);
+	} else if (tcp->th_seq == EXPECTED_RESPONSE_SEQ && tcp->th_urp) {
+		fs_add_string(fs, "classification", (char *)"backdoor", 0);
+		fs_add_bool(fs, "success", 1);
+	} else { // SYNACK packet
+		fs_add_string(fs, "classification", (char *)"synack", 0);
+		fs_add_bool(fs, "success", 1);
+	}
+}
+
+static fielddef_t fields[] = {
+    {.name = "sport", .type = "int", .desc = "TCP source port"},
+    {.name = "dport", .type = "int", .desc = "TCP destination port"},
+    {.name = "seqnum", .type = "int", .desc = "TCP sequence number"},
+    {.name = "acknum", .type = "int", .desc = "TCP acknowledgement number"},
+    {.name = "window", .type = "int", .desc = "TCP window"},
+    {.name = "urgentptr", .type = "int", .desc = "Urgent POinter"},
+    {.name = "flags", .type = "int", .desc = "tcp flags"},
+    {.name = "raw", .type = "binary", .desc = "raw packet"},
+    {.name = "classification",
+     .type = "string",
+     .desc = "packet classification"},
+    {.name = "success",
+     .type = "bool",
+     .desc = "is response considered success"}};
+
+probe_module_t module_tcp_cisco_backdoor = {
+    .name = "tcp_cisco_backdoor",
+    .packet_length = 54,
+    .pcap_filter = "tcp && tcp[13] & 4 != 0 || tcp[13] == 18",
+    .pcap_snaplen = 256,
+    .port_args = 1,
+    .global_initialize = &synscan_global_initialize,
+    .thread_initialize = &synscan_init_perthread,
+    .make_packet = &synscan_make_packet,
+    .print_packet = &synscan_print_packet,
+    .process_packet = &synscan_process_packet,
+    .validate_packet = &synscan_validate_packet,
+    .close = NULL,
+    .helptext = "Probe module that sends a TCP SYN packet to a specific "
+		"port. Possible classifications are: synack and rst. A "
+		"SYN-ACK packet is considered a success and a reset packet "
+		"is considered a failed response.",
+    .output_type = OUTPUT_TYPE_STATIC,
+    .fields = fields,
+    .numfields = 10};

rdns_scan/zmap4rdns/examples/udp-probes/README

@@ -0,0 +1,51 @@
+
+UDP Data Probes
+======
+
+This directory contains a set of data files that can be used with the UDP probe module.
+
+
+USING:
+-----
+
+$ zmap -M udp -p 137 --probe-args=file:examples/udp-probes/netbios_137.pkt
+
+
+PROBES:
+-----
+
+citrix_1604.pkt         This probe triggers a response from Citrix application discovery services on UDP port 1604
+db2disco_523.pkt        This probe triggers a response from IBM DB2 discovery services on UDP port 523
+digi1_2362.pkt          This probe triggers a response from Digi ADDP discovery services on UDP port 2362 (default magic)
+digi2_2362.pkt          This probe triggers a response from Digi ADDP discovery services on UDP port 2362 (devkit magic)
+digi3_2362.pkt          This probe triggers a response from Digi ADDP discovery services on UDP port 2362 (oem magic)
+dns_53.pkt              This probe queries for the DNS vendor and version using the BIND version TXT record over UDP port 53
+dns_53_queryAwww.google.it.pkt     This probe queries for the domain www.google.it A record over UDP port 53
+dns_53_queryAwww.google.com.pkt    This probe queries for the domain www.google.com A record over UDP port 53
+ipmi_623.pkt            This probe triggers a Get Channel Authentication reply from IPMI endpoints on UDP port 623
+mdns_5353.pkt           This probe triggers a response from mDNS/Avahi/Bonjour discovery services on UDP port 5353
+memcache_11211.pkt      This probe triggers a response from memcached on UDP port 11211 (stats items).
+mssql_1434.pkt          This probe triggers a response from Microsoft SQL Server discovery services on UDP port 1434
+natpmp_5351.pkt         This probe triggers a response from NATPMP-enabled devices on UDP port 5351
+netbios_137.pkt         This probe triggers a status reply from NetBIOS services on UDP port 137
+ntp_123.pkt             This probe triggers a response from NTP services on UDP port 123
+ntp_123_monlist.pkt     This probe triggers a response for command "monlist" from NTP services on UDP port 123
+pca_nq_5632.pkt         This probe triggers a response from PC Anywhere services on UDP port 5632 (network query)
+pca_st_5632.pkt         This probe triggers a response from PC Anywhere services on UDP port 5632 (status)
+portmap_111.pkt         This probe triggers a response from SunRPC portmapper services on UDP port 111
+ripv1_520.pkt       	This probe triggers a response from the RIPv1 enabled routers/devices on UDP port 520
+sentinel_5093.pkt       This probe triggers a response from the Sentinel license manager service on UDP port 5093
+snmp1_161.pkt           This probe queries for the system description field of SNMP v1 services using community string public over UDP port 161
+snmp2_161.pkt           This probe queries for the system description field of SNMP v2 services using community string public over UDP port 161
+snmp3_161.pkt           This probe triggers a response from SNMP v3 services on UDP port 161
+upnp_1900.pkt           This probe triggers a response from UPnP SSDP services on UDP port 1900
+wdbrpc_17185.pkt        This probe triggers a response from VxWorks WDBRPC services on UDP port 17185
+wsd_3702.pkt            This probe triggers a response from WSD/DPWS services on UDP port 3702
+coap_5683.pkt           This probe triggers a response from COAP services on UDP port 5683
+
+NOTES:
+-----
+
+Most of these probes return useful data in the response. Parsing this data requires capturing the raw output
+and decoding this using a protocol-specific dissector. In most cases, Wireshark is capable of decoding these
+replies.

rdns_scan/zmap4rdns/examples/udp-probes/chargen_19.pkt

@@ -0,0 +1 @@
+

rdns_scan/zmap4rdns/examples/udp-probes/coap_5683.pkt

@@ -0,0 +1 @@
+@
}p<>.well-knowncore

rdns_scan/zmap4rdns/examples/udp-probes/mssql_1434.pkt

@@ -0,0 +1 @@
+

rdns_scan/zmap4rdns/examples/udp-probes/pca_nq_5632.pkt

@@ -0,0 +1 @@
+NQ

rdns_scan/zmap4rdns/examples/udp-probes/pca_st_5632.pkt

@@ -0,0 +1 @@
+ST

rdns_scan/zmap4rdns/examples/udp-probes/qotd_17.pkt

@@ -0,0 +1 @@
+

rdns_scan/zmap4rdns/examples/udp-probes/sip_5060.pkt

@@ -0,0 +1 @@
+OPTIONS

rdns_scan/zmap4rdns/examples/udp-probes/sip_options.tpl

@@ -0,0 +1,12 @@
+OPTIONS sip:${RAND_ALPHA=8}@${DADDR} SIP/2.0
+Via: SIP/2.0/UDP ${SADDR}:${SPORT};branch=${RAND_ALPHA=6}.${RAND_DIGIT=10};rport;alias
+From: sip:${RAND_ALPHA=8}@${SADDR}:${SPORT};tag=${RAND_DIGIT=8}
+To: sip:${RAND_ALPHA=8}@${DADDR}
+Call-ID: ${RAND_DIGIT=10}@${SADDR}
+CSeq: 1 OPTIONS
+Contact: sip:${RAND_ALPHA=8}@${SADDR}:${SPORT}
+Content-Length: 0
+Max-Forwards: 20
+User-Agent: ${RAND_ALPHA=8}
+Accept: text/plain
+

rdns_scan/zmap4rdns/examples/udp-probes/ssdp_1900.pkt

@@ -0,0 +1,5 @@
+M-SEARCH * HTTP/1.1
+HOST:239.255.255.250:1900
+ST:ssdp:all
+MAN:"ssdp:discover"
+