Random domains from Chrome
suqitian opened this issue · comments
- These domains are often accompanied with "isatap.*" or "wapd.*".
- Source code at intranet_redirect_detector.cc.
So the Length of SLD is 7-15.
// Start three fetchers on random hostnames.
for (size_t i = 0; i < 3; ++i) {
std::string url_string("http://");
// We generate a random hostname with between 7 and 15 characters.
const int num_chars = base::RandInt(7, 15);
for (int j = 0; j < num_chars; ++j)
url_string += ('a' + base::RandInt(0, 'z' - 'a'));
GURL random_url(url_string + '/');
std::unique_ptr<net::URLFetcher> fetcher = net::URLFetcher::Create(
random_url, net::URLFetcher::HEAD, this, traffic_annotation);
// We don't want these fetches to affect existing state in the profile.
fetcher->SetLoadFlags(net::LOAD_DISABLE_CACHE |
net::LOAD_DO_NOT_SAVE_COOKIES |
net::LOAD_DO_NOT_SEND_COOKIES |
net::LOAD_DO_NOT_SEND_AUTH_DATA);
fetcher->SetRequestContext(g_browser_process->system_request_context());
fetcher->Start();
net::URLFetcher* fetcher_ptr = fetcher.get();
fetchers_[fetcher_ptr] = std::move(fetcher);
}
- Maybe generate three domains per hour.
Copy "chrome://net-internals/#dns" into Chrome address bar, I saw something like this.
| Hostname | Family | Addresses | Expires |
|---|---|---|---|
| gypqzwgfzykdv | IPV4 | error: -105 (ERR_NAME_NOT_RESOLVED) | 2017-05-03 15:09:50.104 |
| ocypnqxhtcuy | IPV4 | error: -105 (ERR_NAME_NOT_RESOLVED) | 2017-05-03 15:09:50.106 |
| ojiunnm | IPV4 | error: -105 (ERR_NAME_NOT_RESOLVED) | 2017-05-03 15:09:50.107 |
| eupziohh | IPV4 | error: -105 (ERR_NAME_NOT_RESOLVED) | 2017-05-03 16:09:51.233 |
| kbhwwbxhyxsvbb | IPV4 | error: -105 (ERR_NAME_NOT_RESOLVED) | 2017-05-03 16:09:51.233 |
| vgfsnohsnqeyeg | IPV4 | error: -105 (ERR_NAME_NOT_RESOLVED) | 2017-05-03 16:09:51.234 |