News:

MASM32 SDK Description, downloads and other helpful links
MASM32.com New Forum Link
masmforum WebSite

reverse DNS lookup

Started by pcMike, September 05, 2007, 02:42:49 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

pcMike

September 05, 2007, 02:42:49 AM
I'm trying to find a way to lookup the hostname of a known IP address.

It seems the function I need to use is gethostbyaddress, but I have not been able to find any examples of how its used.
Can anyone give me a clue?

Regards,  Mike

arek

#1
September 05, 2007, 04:35:38 AM
Hi Mike,

There is an example in Platform SDK, unfortunately it's in C

Quote
Code Select
//----------------------
// Declare and initialize variables
hostent* remoteHost;
char* host_name;
unsigned int addr;

//----------------------
// User inputs name of host
printf("Input name of host: ");
host_name = (char*) malloc(sizeof(char*)*16);
fgets(host_name, 16, stdin);

// If the user input is an alpha name for the host, use gethostbyname()
// If not, get host by addr (assume IPv4)
if (isalpha(host_name[0])) {   /* host address is a name */
  host_name[strlen(host_name)-1] = '\0'; /* NULL TERMINATED */
  remoteHost = gethostbyname(host_name);
}
else  {
  addr = inet_addr(host_name);
  remoteHost = gethostbyaddr((char *) &addr, 4, AF_INET);
}

if (WSAGetLastError() != 0) {
  if (WSAGetLastError() == 11001)
  printf("Host not found...\nExiting.\n");
}
else
  printf("error#:%ld\n", WSAGetLastError());

// The remoteHost structure can now be used to
// access information about the host

I hope it helps in any way.

Regards,
Arek

Shantanu Gadgil

#2
September 05, 2007, 06:15:48 AM
The reverse DNS doesn't work most of the time if the reverse entry can be got !!!

On a LAN, these entries would reside on the DNS server. If the DNS server is setup to "automatically" create these entries for client machines configured for DHCP, you are OK.

Other wise for the static-IPed machine, you will have to create these reverse-mapping entries.

Q: How to quickly check if the machine is accessible?
A: Try an "nslookup" on the IP, it should give the name of the machine.

HTH,
Shantanu
To ret is human, to jmp divine!

pcMike

#3
September 05, 2007, 06:48:42 AM
Thanks Arek, that helped a bit...

I tried the following code:

Quote.data
IPtxt db "72.14.207.99",0  ; This IP belongs to *.google.com
.code
invoke gethostbyaddr, ADDR IPtxt, 4, AF_INET
.if EAX==NULL
 print "Resolve failed",10,13
.else
  mov ebx, [eax].hostent.h_name
  print "The IP resolves to "
  invoke StdOut,ebx
.endif

The result is it gives the same IP address I provided, rather then giving the hostname.
Can anyone tell me what I am doing wrong?

Here is the hostend structure:

Quotetypedef struct hostent {
  char FAR* h_name;
  char FAR  FAR** h_aliases;
  short h_addrtype;
  short h_length;
  char FAR  FAR** h_addr_list;
} HOSTENT,
*PHOSTENT,
  FAR *LPHOSTENT;

And Microsoft describes h_name as:
QuoteThe official name of the host (PC). If using the DNS or similar resolution system, it is the Fully Qualified Domain Name (FQDN) that caused the server to return a reply. If using a local hosts file, it is the first entry after the IP address.

Shantanu: I'm not sure I understand your reply, but it seems you are talking about me providing a reverse dns on my machine. I am trying to lookup the reverse dns of a remote IP address over the internet.

Regards,  Mike

sinsi

#4
September 05, 2007, 07:34:19 AM
A bit more from the SDK
Quote
Note  The gethostbyaddr function has been deprecated by the introduction of the getnameinfo function. Developers creating Windows Sockets 2 applications are urged to use the getnameinfo function instead of the gethostbyaddr function. See Remarks.
I like the use of "urged"  :bg

Quote
Note   The capability to perform reverse lookups using the gethostbyaddr function is convenient, but such lookups are considered inherently unreliable, and should be used only as a hint.
So it's not guaranteed anyway...
Light travels faster than sound, that's why some people seem bright until you hear them.

pcMike

#5
September 05, 2007, 02:19:20 PM
Hi Sensi,

I was hoping to avoid using getnameinfo, because the I  need to support Windows NT4 and 2000, and SDK says this:

QuoteThe getnameinfo function was added to the Ws2_32.dll on Windows XP and later. If you want to execute an application using this function on earlier versions of Windows (Windows 2000, Windows NT, and Windows Me/98/95), then you need to include the Ws2tcpip.h file and also include the Wspiapi.h file. When the Wspiapi.h include file is added, the getnameinfo function is defined to the WspiapiGetNameInfo inline function in the Wspiapi.h file. At runtime, the WspiapiGetNameInfo function is implemented in such a way that if the Ws2_32.dll or the Wship6.dll (the file containing getnameinfo in the IPv6 Technology Preview for Windows 2000) does not include getnameinfo, then a version of getnameinfo is implemented inline based on code in the Wspiapi.h header file. This inline code will be used on older Windows platforms that do not natively support the getnameinfo function.
I do not have any C background, and I am concerned about needing to convert .h header files (and how to locate them).
However I attempted to try it anyways under XP using the following code:

Quote.data
hostName db 0 dup (1025)
servInfo db 0 dup (32)
sin2      sockaddr_in <>

.code
invoke getnameinfo, ADDR sin2,
                             SIZEOF sin2,
                             ADDR hostName,
                             SIZEOF hostName,
                             ADDR servInfo,
                             SIZEOF servInfo,
                             NI_NAMEREQD
.if eax == NULL
    print "resolve IP failed", 10, 13
.else
    print "the hostname is "
    invoke StdOut,ADDR hostName
.endif

But the result is "undefined symbol : getnameinfo", so I would also need to locate and define this value.
My gut feeling is that I am way over my head trying to get getnameinfo to work with NT4/2000, so I think I would be better off finding a way of making gethostbyaddr to work.

Regards,  Mike

pcMike

#6
September 06, 2007, 02:55:25 PM
SOLVED!  :bg

I was unable to locate an Equate value for "getnameinfo", so I went back to researching the issue with gethostaddr and discovered the solution was very simple:

getnameinfo can not accept an ascii dotted internet address, instead it wants a binary value so I had to use inet_addr first to convert the dotted address before using getnameinfo.

Regards,  Mike



ecube

#7
December 02, 2007, 07:45:04 AM
nevermind this wasn't what I was trying to do

ossama

#8
December 07, 2007, 09:33:44 AM
Quote.data
IPtxt db "72.14.207.99",0 �; This IP belongs to *.google.com
.code
invoke gethostbyaddr, ADDR IPtxt, 4, AF_INET
.if EAX==NULL
�print "Resolve failed",10,13
.else
� mov ebx, [eax].hostent.h_name
� print "The IP resolves to "
� invoke StdOut,ebx
.endif

the ip address must be in network byte order not in host byte order, so you have to convert it first to network byte order.
you have wrote this line in your code
invoke gethostbyaddr, ADDR IPtxt, 4, AF_INET
and this is wrong, because the ip address you passed to gethostbyaddr is in host byte order,so you need to convert it to network byte order like this
invoke inet_addr,addr IPtxt
invoke gethostbyaddr,eax, 4, AF_INET

dsouza123

#9
December 11, 2007, 07:37:39 PM
There is an opcode bswap that will switch the order of bytes in a dword.

.data

IPbin dd 01f000001h  ; 127.0.0.1 is stored low byte first  ie  1,0,0,127 in bytes 0,1,2,3

.code
  mov eax, IPbin
  bswap eax
  mov IPbin, eax  ; stored high byte first  ie 127,0,0,1 in bytes 0,1,2,3
Print
Go Up Pages1
User actions