Created
April 26, 2018 21:18
-
-
Save Riebart/ab5fc540d4763ef9d2ae40f4f55916bc to your computer and use it in GitHub Desktop.
Read in a file, and respond to any query received with the contents of that file in the CNAME target.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from __future__ import print_function | |
| from scapy.all import * | |
| domain_name = "nhlscore.riebart.ca" | |
| dns_server_ip = '172.31.15.145' | |
| bpf_filter = 'dst port 53 and ip dst {0}'.format(dns_server_ip) | |
| def dns_respond(pkt, rcode=0): | |
| if (DNS in pkt and pkt[DNS].opcode == 0 and pkt[DNS].ancount == 0): | |
| print('Responding to query for "%s" from "%s"' % (pkt[DNSQR].qname, pkt[IP].src)) | |
| with open("source.in", "r") as fp: | |
| resp_val = fp.read().strip() | |
| an = (None, DNSRR(rrname=pkt[DNSQR].qname, type=pkt[DNSQR].qtype, rdata=resp_val + ".actual." + domain_name, ttl=60))[rcode == 0] | |
| resp_pkt = IP(dst=pkt[IP].src, src=pkt[IP].dst)/\ | |
| UDP(dport=pkt[UDP].sport, sport=pkt[UDP].dport)/\ | |
| DNS(id=pkt[DNS].id, qr=1, rd=1, ra=1, rcode=rcode, qd=pkt[DNS].qd, an=an, ns=None) | |
| send(resp_pkt, verbose=1) | |
| sniff(filter=bpf_filter, prn=dns_respond) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment