Created
May 21, 2021 11:13
-
-
Save warsocket/0d32bb0b3f65bc916cb67c1519dea362 to your computer and use it in GitHub Desktop.
KISS dns mitm gist which demonstratoes how to relay dns requests (to cloudflare in this case) unsing only a few lines of code
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import socket | |
| import os | |
| # Beware: this is a navive KISS implementation of a DNS MITM relaying server | |
| # It therefor has no timeouts and other safeguards preventing resource exausstion | |
| # and since it forks you can run out of PIDS's pretty fast is a malicious actor can coerce this server to hang on one of the recv calls. | |
| # | |
| # Another point of notice: this server only works for udp so if a request is to long and a client sends a request via tcp nobody will be listening. | |
| ssock = socket.socket(socket.AF_INET6, socket.SOCK_DGRAM) #Listen on ipv4 and ipv6 | |
| ssock.bind(("", 53)) #bind to dns port on all interfaces | |
| while True: | |
| sdata, saddr = ssock.recvfrom(0xFFFF) #Recv from client calling our dns port | |
| if not os.fork(): #if client calls us fork and have client process handle the relaying | |
| sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) # | |
| sock.sendto(sdata, ("1.1.1.1", 53)) | |
| data, addr = sock.recvfrom(0xFFFF) | |
| ssock.sendto(data, saddr) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment