strace for "dig" command

I'm not sure if it the same situation, but is not a usage of 'strace' easier?
You can see syscalls and you can search for sendmsg and recvmsg to see what data are sent through socket.

For example:
strace -e trace=sendmsg,recvmsg -f -s 1024 dig +short
This will show you a full DNS request and answer. Reverse engineering was never easy before :)


Popular posts from this blog

Byobu : Japanese term for decorative