def run(self):
mtu = self._tun.mtu
r = [self._tun, self._socket]
w = []
x = []
data_to_tun = b''
data_to_socket = b''
last_blank = time.time()
while True:
# print(1)
r, w, x = select.select(r, w, x)
if self._tun in r:
data_to_socket = self._tun.read(mtu)
if self._socket in r:
data_to_tun, target_addr = self._socket.recvfrom(65532)
dns_response = dns.message.from_wire(data_to_tun)
if dns_response.answer:
txt_record = dns_response.answer[0]
data_to_tun = coder.b64decode(str(txt_record.items[0]))
else:
data_to_tun = b''
if self._tun in w:
self._tun.write(data_to_tun)
data_to_tun = b''
if self._socket in w:
encoded_data_to_socket = coder.b64encode(data_to_socket)
split_labels = [
str(encoded_data_to_socket[i:i + label_len],
encoding='ascii')
for i in range(0, len(encoded_data_to_socket), label_len)
]
split_labels.append(query_root_name)
target_domain = '.'.join(split_labels)
name = dns.name.from_text(target_domain)
query = dns.message.make_query(name, 'TXT')
self._socket.sendto(query.to_wire(),
(remote_dns_addr, remote_dns_port))
data_to_socket = b''
r = []
w = []
if data_to_tun:
w.append(self._tun)
else:
r.append(self._socket)
if not data_to_socket:
r.append(self._tun)
now = time.time()
print(now - last_blank)
if now - last_blank > self.speed or data_to_socket:
print(data_to_socket)
w.append(self._socket)
last_blank = now
def encode_query(tun_data: bytes):
domain = 'group-15.cs305.fun'
data = base64.urlsafe_b64encode(tun_data)
# str1.str2.str3.str4.group-15.cs305.fun
data_seq = [
str(data[i:i + 63], encoding='ascii') for i in range(0, len(data), 63)
]
data_seq.append(domain)
target_domain = '.'.join(data_seq)
name = dns.name.from_text(target_domain)
query = dns.message.make_query(name, 'TXT')
return query.to_wire()
def __encrypt_query(self, query):
message = query.to_wire()
# Technically for TCP there is no requirement for DNSCRYPT_MINIMUM_SIZE
# but it simplified my logic so f**k it
if len(message) < DNSCRYPT_MINIMUM_SIZE:
padding = DNSCRYPT_MINIMUM_SIZE - len(message)
elif not len(message) % DNSCRYPT_MODULO_SIZE:
padding = len(message) % DNSCRYPT_MODULO_SIZE
else:
padding = 0
if padding:
message += b'\x80' + b'\x00' * padding
nonce = nacl.utils.random(DNSCRYPT_NONCE_SIZE)
encrypted = self.__secretbox.encrypt(
message, nonce + b'\x00' * DNSCRYPT_NONCE_SIZE)
# Remove the server nonce
encrypted = encrypted[0:12] + encrypted[24:]
return self.client_magic + self.private.public_key.encode() + encrypted
def run(self):
mtu = self._tun.mtu
r = [self._tun, self._socket]
w = []
x = []
sender_data = b''
tun_data = b''
data_last = time.time()
while True:
r, w, x = select.select(r, w, x)
#print("get this 1")
if self._tun in r:
tun_data = self._tun.read(mtu)
if self._socket in r:
self.sta = time.time()
self.tag = 1
sender_data, target_addr = self._socket.recvfrom(65500)
data_response = dns.message.from_wire(sender_data)
if data_response.answer:
txt_record = data_response.answer[0]
sender_data = b64.b64decode(str(txt_record.items[0]))
else:
sender_data = b''
if self._tun in w:
#print("get this 2")
self._tun.write(sender_data)
sender_data = b''
if self._socket in w or (time.time() - self.sta) > 0.1:
encoded_tun_data = b64.b64encode(tun_data)
name_split = [
str(encoded_tun_data[s:s + label_len], encoding='ascii')
for s in range(0, len(encoded_tun_data), label_len)
]
name_split.append(query_root_name)
target_domain = '.'.join(name_split)
name = dns.name.from_text(target_domain)
query = dns.message.make_query(name, 'TXT')
self._socket.sendto(query.to_wire(), (server_addr, port))
tun_data = b''
#print("get this 3")
r = []
w = []
self.tag = 0
if sender_data:
w.append(self._tun)
else:
r.append(self._socket)
if not tun_data:
r.append(self._tun)
now = time.time()
print(now - data_last)
if now - data_last > self.speed or tun_data:
print(tun_data)
w.append(self._socket)
data_last = now
from scapy.all import *
# resp=sr1(IP(dst="8.8.8.8")/UDP()/DNS(rd=1,qd=DNSQR(qname="www.baidu.com")))
# resp.show()
# hexdump(resp)
# a=sniff(filter="udp and port 53", count=2)
# a.nsummary()
# a[0].show()
query = dns.message.make_query("www.baidu.com", "A")
# query.set_opcode(dns.opcode.IQUERY) # for zipper
# print query.to_text()
wire = query.to_wire()
# view="view1"
# lview=len(view)
# wire += chr(lview) + view
# print binascii.b2a_hex(wire)
# print dns.message.from_wire(wire) # convert to a Message obj
# resp=dns.query.udp(query, "8.8.8.8", None, 53)
conf.L3socket = L3RawSocket
srcip = ["203.119.80.180", "0.0.0.0", "1.1.1.1", "255.250.255.256"]
dnsserver = "localhost"
for ip in srcip:
pa = IP(src=srcip, dst=dnsserver) / UDP(sport=[9264], dport=[
53,