Dns Filter.py

1. #!/usr/bin/env python
2. #Basic Threaded DNS Filter
3. #by K-Metal
4.  
5.  
6. import sys
7. import os
8. import time
9. import socket
10. import threading
11.  
12. # Check args
13. if len(sys.argv) < 4:
14.     print "Usage: <input> <output> <mx size>"
15.     sys.exit()
16.  
17. RUNNING = True
18.  
19. ''' Customize '''
20. THREADS = 20
21. TIMEOUT = 0.05 #secs
22. PORT    = 53
23. BUFFER  = 65500
24.  
25. # [root] dns recursive payload
26. payload = "\x23\x61\x01\x20\x00\x01\x00\x00\x00\x00\x00\x01\x03\x31\x78\x31\x02\x63\x7a\x00\x00\xff\x00\x01\x00\x00\x29\x10\x00\x00\x00\x00\x00\x00\x00"
27. #payload = "\xc4\x75\x01\x00\x00\x01\x00\x00\x00\x00\x00\x01\x00\x00\xff\x00\x01\x00\x00\x29\x23\x28\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
28.  
29.  
30. # split input list into thread chunks
31. def chunklist(l, n):
32.     parts = len(l) / n
33.     for i in xrange(0, len(l), parts):
34.         yield l[i:i+parts]
35.  
36. with open(sys.argv[1],'r') as f:
37.     data = f.read().splitlines()
38.     SIZE = len(data)
39.     CHUNKS = list(chunklist( data, THREADS ))
40.     print len(CHUNKS)
41.  
42. output = open( sys.argv[2], 'w' )
43.  
44. ### Logger thread ###
45. logs = []
46. def log(msg):
47.     global logs
48.     logs.append( msg )
49.  
50. def logger_thread():
51.     global logs, output
52.     while True:
53.         time.sleep(0.1)
54.         if logs != []:
55.             log_data = str(logs.pop(-1))
56.             print log_data
57.             output.write( log_data.split()[0]+'\n' )
58.  
59. # Scan dns list #
60. def scanner(scan_list):
61.     global payload, TIMEOUT, PORT, RUNNING
62.  
63.     sock = socket.socket(socket.AF_INET,socket.SOCK_DGRAM)
64.     sock.settimeout( TIMEOUT )
65.     pkt_size = len(payload) + 28 #udp pkt hdr min size
66.  
67.     for ip in scan_list:
68.         try:
69.             ip = str(socket.gethostbyname(ip))
70.  
71.             if RUNNING:
72.                 sock.sendto( payload, (ip, PORT))
73.             else:
74.                 break
75.  
76.             try:
77.                 recvdata, addr = sock.recvfrom( BUFFER )
78.                 ip_addr = str(addr[0])
79.                 if len(recvdata) > int(sys.argv[3]): #sucess
80.                     amp = len(recvdata) / pkt_size*1.0
81.                     amp = round( amp, 2 )
82.                     log(
83.                         "{} {} [x{}]".format(ip_addr,len(recvdata),amp)
84.                         )
85.             except:
86.                 pass
87.         except:
88.             pass
89.  
90. ## Create threads ###
91. def create_thread(function, *args):
92.     thread = threading.Thread(target=function,args=args)
93.     thread.daemon = True
94.     thread.start()
95.     return thread
96.  
97. if __name__ == '__main__':
98.     # create logging thread
99.     create_thread(logger_thread)
100.  
101.     print "Started Scanning "+str(SIZE)+" targets"
102.  
103.     # create threads
104.     thread_list = []
105.     for t in CHUNKS:
106.         thread = create_thread( scanner, t )
107.         thread_list.append( thread )
108.  
109.     # wait for threads to end
110.     print "ThreadCount: " + str(threading.active_count())
111.     for t in thread_list:
112.         try:
113.             t.join()
114.         except KeyboardInterrupt:
115.             RUNNING = False
116.             break
117.  
118.     output.close()
119.     if 'nt' not in os.name:
120.         # for unix systems
121.         os.system("chmod 0777 "+str(sys.argv[2]))
122.  
123.     sys.exit()