Beispiel #1
0
def main():
    udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
    udps.bind((BIND_TO, 53))

    while 1:
        data, addr = udps.recvfrom(1024)

        p = DNS(data)

        rp = DNS(id=p.id, qr=1, qdcount=p.qdcount)
        rp.qd = p[DNSQR]

        if p.opcode == 0:
            rp.ancount = 1
            rp.rcode = 0
            answer_ip = resolve_or_fake(p.qd[0].qname)
            rp.an = DNSRR(rrname=p.qd[0].qname,
                          ttl=60,
                          rdlen=4,
                          rdata=answer_ip)
            print " - Responding to {0} with {1}.".format(
                p.qd[0].qname, answer_ip)
        else:
            # servfail
            rp.ancount = 0
            rp.rcode = 2
            print " ! Query opcode {0}, answering servfail.".format(p.opcode)

        udps.sendto(rp.build(), addr)
Beispiel #2
0
def main():
    mode = sys.argv[1] if len(sys.argv) > 1 else "none"
    if not mode in ["fakenx", "fake"]:
        print >>sys.stderr, 'Please supply argv[1] in ["fakenx", "fake"]'
        return 1

    udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
    udps.bind((BIND_TO,53))
    
    while 1:
        data, addr = udps.recvfrom(1024)

        p = DNS(data)

        rp = DNS(id=p.id, qr=1, qdcount=p.qdcount)
        rp.qd = p[DNSQR]

        if p.opcode == 0:
            rp.ancount = 1
            rp.rcode = 0
            answer_ip = ANSWER_WITH
            if mode == "fakenx": answer_ip = resolve_or_fake(p.qd[0].qname)
            rp.an = DNSRR(rrname=p.qd[0].qname, ttl=60, rdlen=4, rdata=answer_ip)
            print " - Responding to {0} with {1}.".format(p.qd[0].qname, answer_ip)
        else:
            rp.ancount = 0
            rp.rcode = 2
            print " ! Query opcode {0}, answering servfail.".format(p.opcode)

        udps.sendto(rp.build(), addr)
Beispiel #3
0
def main():
    mode = sys.argv[1] if len(sys.argv) > 1 else "none"
    if not mode in ["fakenx", "fake"]:
        print >> sys.stderr, 'Please supply argv[1] in ["fakenx", "fake"]'
        return 1

    udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
    udps.bind((BIND_TO, 53))

    while 1:
        data, addr = udps.recvfrom(1024)

        p = DNS(data)

        rp = DNS(id=p.id, qr=1, qdcount=p.qdcount)
        rp.qd = p[DNSQR]

        if p.opcode == 0:
            rp.ancount = 1
            rp.rcode = 0
            answer_ip = ANSWER_WITH
            if mode == "fakenx": answer_ip = resolve_or_fake(p.qd[0].qname)
            rp.an = DNSRR(rrname=p.qd[0].qname,
                          ttl=60,
                          rdlen=4,
                          rdata=answer_ip)
            print " - Responding to {0} with {1}.".format(
                p.qd[0].qname, answer_ip)
        else:
            rp.ancount = 0
            rp.rcode = 2
            print " ! Query opcode {0}, answering servfail.".format(p.opcode)

        udps.sendto(rp.build(), addr)
Beispiel #4
0
def main():
    udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
    udps.bind((BIND_TO,53))
    
    while 1:
        data, addr = udps.recvfrom(1024)

        p = DNS(data)

        rp = DNS(id=p.id, qr=1, qdcount=p.qdcount)
        rp.qd = p[DNSQR]

        if p.opcode == 0:
            rp.ancount = 1
            rp.rcode = 0
            answer_ip = resolve_or_fake(p.qd[0].qname)
            rp.an = DNSRR(rrname=p.qd[0].qname, ttl=60, rdlen=4, rdata=answer_ip)
            print " - Responding to {0} with {1}.".format(p.qd[0].qname, answer_ip)
        else:
            # servfail
            rp.ancount = 0
            rp.rcode = 2
            print " ! Query opcode {0}, answering servfail.".format(p.opcode)

        udps.sendto(rp.build(), addr)
Beispiel #5
0
def dns_serv(args):
    from scapy.all import DNS, DNSRR, DNSQR
    import time

    udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
    udps.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
    udps.bind((args.bind, 53))

    cache = {}
    lru = []
    last_cleanup = time.time()
    
    while 1:
        data, addr = udps.recvfrom(1024)

        p = DNS(data)
        rp = DNS(id=p.id, qr=1, qdcount=p.qdcount, ancount=1, rcode=0)
        rp.qd = p[DNSQR]

        # IN A
        if p.opcode == 0 and p[DNSQR].qtype == 1 and p[DNSQR].qclass == 1:
            if not p.qd[0].qname in cache:
                if p.qd[0].qname == "dns.msftncsi.com.":
                    answer_ip = "131.107.255.255"
                else:
                    answer_ip = randip()
                rp.an = DNSRR(rrname=p.qd[0].qname, ttl=60, rdlen=4, rdata=answer_ip)
            else:
                lru.remove(p.qd[0].qname)
                rp.an = DNSRR(rrname=p.qd[0].qname, ttl=60, rdlen=4, rdata=cache[p.qd[0].qname])

            log.debug("Responding to {0}/{2},{3} with {1}/{4},{5}.".format(p.qd[0].qname, answer_ip, p[DNSQR].qtype, p[DNSQR].qclass, rp.an.type, rp.an.rclass))
            cache[p.qd[0].qname] = answer_ip
            lru.append(p.qd[0].qname)

        # IN PTR, just send NXDOMAIN
        elif p.opcode == 0 and p[DNSQR].qtype == 12 and p[DNSQR].qclass == 1:
            rp.ancount = 0
            rp.rcode = 3
            log.info("PTR query to {0}/{1},{2} answering nxdomain".format(p.qd[0].qname, p[DNSQR].qtype, p[DNSQR].qclass))
        else:
            rp.ancount = 0
            rp.rcode = 2
            log.warn("Unhandled query opcode {0} for {1}/{2},{3} - answering servfail.".format(p.opcode, p.qd[0].qname, p[DNSQR].qtype, p[DNSQR].qclass))

        udps.sendto(rp.build(), addr)

        if last_cleanup < time.time() - 60:
            last_cleanup = time.time()
            if len(cache) > CACHESIZE:
                to_remove, lru = lru[:CACHESIZE*0.1], lru[CACHESIZE*0.1:]
                for i in to_remove:
                    del cache[i]
Beispiel #6
0
def dns_serv(args):
    from scapy.all import DNS, DNSRR, DNSQR
    import time

    udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
    udps.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
    udps.bind((args.bind, 53))

    cache = {}
    lru = []
    last_cleanup = time.time()

    while 1:
        data, addr = udps.recvfrom(1024)

        p = DNS(data)
        rp = DNS(id=p.id, qr=1, qdcount=p.qdcount, ancount=1, rcode=0)
        rp.qd = p[DNSQR]

        # IN A
        if p.opcode == 0 and p[DNSQR].qtype == 1 and p[DNSQR].qclass == 1:
            if not p.qd[0].qname in cache:
                if p.qd[0].qname == "dns.msftncsi.com.":
                    answer_ip = "131.107.255.255"
                else:
                    answer_ip = randip()
                rp.an = DNSRR(rrname=p.qd[0].qname,
                              ttl=60,
                              rdlen=4,
                              rdata=answer_ip)
            else:
                lru.remove(p.qd[0].qname)
                rp.an = DNSRR(rrname=p.qd[0].qname,
                              ttl=60,
                              rdlen=4,
                              rdata=cache[p.qd[0].qname])

            log.debug("Responding to {0}/{2},{3} with {1}/{4},{5}.".format(
                p.qd[0].qname, answer_ip, p[DNSQR].qtype, p[DNSQR].qclass,
                rp.an.type, rp.an.rclass))
            cache[p.qd[0].qname] = answer_ip
            lru.append(p.qd[0].qname)

        # IN PTR, just send NXDOMAIN
        elif p.opcode == 0 and p[DNSQR].qtype == 12 and p[DNSQR].qclass == 1:
            rp.ancount = 0
            rp.rcode = 3
            log.info("PTR query to {0}/{1},{2} answering nxdomain".format(
                p.qd[0].qname, p[DNSQR].qtype, p[DNSQR].qclass))
        else:
            rp.ancount = 0
            rp.rcode = 2
            log.warn(
                "Unhandled query opcode {0} for {1}/{2},{3} - answering servfail."
                .format(p.opcode, p.qd[0].qname, p[DNSQR].qtype,
                        p[DNSQR].qclass))

        udps.sendto(rp.build(), addr)

        if last_cleanup < time.time() - 60:
            last_cleanup = time.time()
            if len(cache) > CACHESIZE:
                to_remove, lru = lru[:CACHESIZE * 0.1], lru[CACHESIZE * 0.1:]
                for i in to_remove:
                    del cache[i]