I'm trying to write a http(s) proxy for golang executable, this is what I did:
localhost.Expected: I expected all requests are redirected to localhost:80(443) and these requests will fail.
Result: When the .dll is injected, it doesn't take effect at once, requests still works fine. I've add MessageBox in those 'getaddrinfo ...' functions, they are not called.
But after about three minutes the .dll seems to work, all requests fail, and MessageBox popup.
Question: I guess golang or the Windows OS caches the dns, and refreshes the cache every couple of minutes? Is it possible for manually refreshing the cache? So I can make the .dll take effect instantly.
No Go (and most languages standard library) doesn't cache DNS responses and just rely on the OS. IIRC Windows and macOS will cache DNS by default but Linux distros usually don't.
If you could hook into GetAddrInfoW call, you would bypass Windows' cache (you could check that Go is calling the syscall in lookupIP method in src/net/lookup_windows.go) but I don't think you could hook into using DLLs because Go has its own implementation of syscall.
Other than that you could flush Windows DNS cache by running ipconfig /flushdns command.