def main():
udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
udps.bind((BIND_TO, 53))
while 1:
data, addr = udps.recvfrom(1024)
p = DNS(data)
rp = DNS(id=p.id, qr=1, qdcount=p.qdcount)
rp.qd = p[DNSQR]
if p.opcode == 0:
rp.ancount = 1
rp.rcode = 0
answer_ip = resolve_or_fake(p.qd[0].qname)
rp.an = DNSRR(rrname=p.qd[0].qname,
ttl=60,
rdlen=4,
rdata=answer_ip)
print " - Responding to {0} with {1}.".format(
p.qd[0].qname, answer_ip)
else:
# servfail
rp.ancount = 0
rp.rcode = 2
print " ! Query opcode {0}, answering servfail.".format(p.opcode)
udps.sendto(rp.build(), addr)
def main():
mode = sys.argv[1] if len(sys.argv) > 1 else "none"
if not mode in ["fakenx", "fake"]:
print >>sys.stderr, 'Please supply argv[1] in ["fakenx", "fake"]'
return 1
udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
udps.bind((BIND_TO,53))
while 1:
data, addr = udps.recvfrom(1024)
p = DNS(data)
rp = DNS(id=p.id, qr=1, qdcount=p.qdcount)
rp.qd = p[DNSQR]
if p.opcode == 0:
rp.ancount = 1
rp.rcode = 0
answer_ip = ANSWER_WITH
if mode == "fakenx": answer_ip = resolve_or_fake(p.qd[0].qname)
rp.an = DNSRR(rrname=p.qd[0].qname, ttl=60, rdlen=4, rdata=answer_ip)
print " - Responding to {0} with {1}.".format(p.qd[0].qname, answer_ip)
else:
rp.ancount = 0
rp.rcode = 2
print " ! Query opcode {0}, answering servfail.".format(p.opcode)
udps.sendto(rp.build(), addr)
def main():
mode = sys.argv[1] if len(sys.argv) > 1 else "none"
if not mode in ["fakenx", "fake"]:
print >> sys.stderr, 'Please supply argv[1] in ["fakenx", "fake"]'
return 1
udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
udps.bind((BIND_TO, 53))
while 1:
data, addr = udps.recvfrom(1024)
p = DNS(data)
rp = DNS(id=p.id, qr=1, qdcount=p.qdcount)
rp.qd = p[DNSQR]
if p.opcode == 0:
rp.ancount = 1
rp.rcode = 0
answer_ip = ANSWER_WITH
if mode == "fakenx": answer_ip = resolve_or_fake(p.qd[0].qname)
rp.an = DNSRR(rrname=p.qd[0].qname,
ttl=60,
rdlen=4,
rdata=answer_ip)
print " - Responding to {0} with {1}.".format(
p.qd[0].qname, answer_ip)
else:
rp.ancount = 0
rp.rcode = 2
print " ! Query opcode {0}, answering servfail.".format(p.opcode)
udps.sendto(rp.build(), addr)
def main():
udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
udps.bind((BIND_TO,53))
while 1:
data, addr = udps.recvfrom(1024)
p = DNS(data)
rp = DNS(id=p.id, qr=1, qdcount=p.qdcount)
rp.qd = p[DNSQR]
if p.opcode == 0:
rp.ancount = 1
rp.rcode = 0
answer_ip = resolve_or_fake(p.qd[0].qname)
rp.an = DNSRR(rrname=p.qd[0].qname, ttl=60, rdlen=4, rdata=answer_ip)
print " - Responding to {0} with {1}.".format(p.qd[0].qname, answer_ip)
else:
# servfail
rp.ancount = 0
rp.rcode = 2
print " ! Query opcode {0}, answering servfail.".format(p.opcode)
udps.sendto(rp.build(), addr)
def dns_serv(args):
from scapy.all import DNS, DNSRR, DNSQR
import time
udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
udps.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
udps.bind((args.bind, 53))
cache = {}
lru = []
last_cleanup = time.time()
while 1:
data, addr = udps.recvfrom(1024)
p = DNS(data)
rp = DNS(id=p.id, qr=1, qdcount=p.qdcount, ancount=1, rcode=0)
rp.qd = p[DNSQR]
# IN A
if p.opcode == 0 and p[DNSQR].qtype == 1 and p[DNSQR].qclass == 1:
if not p.qd[0].qname in cache:
if p.qd[0].qname == "dns.msftncsi.com.":
answer_ip = "131.107.255.255"
else:
answer_ip = randip()
rp.an = DNSRR(rrname=p.qd[0].qname, ttl=60, rdlen=4, rdata=answer_ip)
else:
lru.remove(p.qd[0].qname)
rp.an = DNSRR(rrname=p.qd[0].qname, ttl=60, rdlen=4, rdata=cache[p.qd[0].qname])
log.debug("Responding to {0}/{2},{3} with {1}/{4},{5}.".format(p.qd[0].qname, answer_ip, p[DNSQR].qtype, p[DNSQR].qclass, rp.an.type, rp.an.rclass))
cache[p.qd[0].qname] = answer_ip
lru.append(p.qd[0].qname)
# IN PTR, just send NXDOMAIN
elif p.opcode == 0 and p[DNSQR].qtype == 12 and p[DNSQR].qclass == 1:
rp.ancount = 0
rp.rcode = 3
log.info("PTR query to {0}/{1},{2} answering nxdomain".format(p.qd[0].qname, p[DNSQR].qtype, p[DNSQR].qclass))
else:
rp.ancount = 0
rp.rcode = 2
log.warn("Unhandled query opcode {0} for {1}/{2},{3} - answering servfail.".format(p.opcode, p.qd[0].qname, p[DNSQR].qtype, p[DNSQR].qclass))
udps.sendto(rp.build(), addr)
if last_cleanup < time.time() - 60:
last_cleanup = time.time()
if len(cache) > CACHESIZE:
to_remove, lru = lru[:CACHESIZE*0.1], lru[CACHESIZE*0.1:]
for i in to_remove:
del cache[i]
def dns_serv(args):
from scapy.all import DNS, DNSRR, DNSQR
import time
udps = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
udps.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
udps.bind((args.bind, 53))
cache = {}
lru = []
last_cleanup = time.time()
while 1:
data, addr = udps.recvfrom(1024)
p = DNS(data)
rp = DNS(id=p.id, qr=1, qdcount=p.qdcount, ancount=1, rcode=0)
rp.qd = p[DNSQR]
# IN A
if p.opcode == 0 and p[DNSQR].qtype == 1 and p[DNSQR].qclass == 1:
if not p.qd[0].qname in cache:
if p.qd[0].qname == "dns.msftncsi.com.":
answer_ip = "131.107.255.255"
else:
answer_ip = randip()
rp.an = DNSRR(rrname=p.qd[0].qname,
ttl=60,
rdlen=4,
rdata=answer_ip)
else:
lru.remove(p.qd[0].qname)
rp.an = DNSRR(rrname=p.qd[0].qname,
ttl=60,
rdlen=4,
rdata=cache[p.qd[0].qname])
log.debug("Responding to {0}/{2},{3} with {1}/{4},{5}.".format(
p.qd[0].qname, answer_ip, p[DNSQR].qtype, p[DNSQR].qclass,
rp.an.type, rp.an.rclass))
cache[p.qd[0].qname] = answer_ip
lru.append(p.qd[0].qname)
# IN PTR, just send NXDOMAIN
elif p.opcode == 0 and p[DNSQR].qtype == 12 and p[DNSQR].qclass == 1:
rp.ancount = 0
rp.rcode = 3
log.info("PTR query to {0}/{1},{2} answering nxdomain".format(
p.qd[0].qname, p[DNSQR].qtype, p[DNSQR].qclass))
else:
rp.ancount = 0
rp.rcode = 2
log.warn(
"Unhandled query opcode {0} for {1}/{2},{3} - answering servfail."
.format(p.opcode, p.qd[0].qname, p[DNSQR].qtype,
p[DNSQR].qclass))
udps.sendto(rp.build(), addr)
if last_cleanup < time.time() - 60:
last_cleanup = time.time()
if len(cache) > CACHESIZE:
to_remove, lru = lru[:CACHESIZE * 0.1], lru[CACHESIZE * 0.1:]
for i in to_remove:
del cache[i]