Skip to content

Instantly share code, notes, and snippets.

View fqrouter's full-sized avatar

Qin Fen fqrouter

892 followers · 0 following
View GitHub Profile
@fqrouter
fqrouter / libxt_wcs2.c
Created May 4, 2012 01:58
西厢2-iptables版转发模块库
/*
* Shared library add-on to iptables to add wcs2 target support.
*
* Copyright (C) 2010 Mike Chen
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*
*/
@fqrouter
fqrouter / dns_hijacking_obversation.py
Last active September 4, 2019 10:22
让DNS查询经由python代码之手
from netfilterqueue import NetfilterQueue
import subprocess
import signal
def observe_dns_hijacking(nfqueue_element):
print('packet past through me')
nfqueue_element.accept()
nfqueue = NetfilterQueue()
nfqueue.bind(0, observe_dns_hijacking)
def clean_up(*args):
subprocess.call('iptables -D OUTPUT -p udp --dst 8.8.8.8 -j QUEUE', shell=True)
@fqrouter
fqrouter / dns_hijacking_obversation.py
Created January 13, 2013 14:15
打印DNS对话的内容
from netfilterqueue import NetfilterQueue
import subprocess
import signal
import dpkt
import traceback
import socket
def observe_dns_hijacking(nfqueue_element):
try:
ip_packet = dpkt.ip.IP(nfqueue_element.get_payload())
@fqrouter
fqrouter / dns_hijacking_locator.py
Last active June 18, 2024 08:08
结果的前三行已隐去
from netfilterqueue import NetfilterQueue
import subprocess
import signal
import dpkt
import traceback
import socket
import sys
DNS_IP = '8.8.8.8'
@fqrouter
fqrouter / dns_hijacking_resistor.py
Created January 14, 2013 14:34
dig @8.8.8.8 twitter.com
import sys
import subprocess
# source http://zh.wikipedia.org/wiki/%E5%9F%9F%E5%90%8D%E6%9C%8D%E5%8A%A1%E5%99%A8%E7%BC%93%E5%AD%98%E6%B1%A1%E6%9F%93
WRONG_ANSWERS = {
'4.36.66.178',
'8.7.198.45',
'37.61.54.158',
'46.82.174.68',
'59.24.3.173',
@fqrouter
fqrouter / impersonator.py
Last active December 11, 2015 02:29
DNS 单向代理
import socket
import dpkt.ip
def main_loop(server_socket, raw_socket):
while True:
packet_bytes, from_ip = server_socket.recvfrom(4096)
packet = dpkt.ip.IP(packet_bytes)
dst = socket.inet_ntoa(packet.dst)
print('%s:%s => %s:%s' % (socket.inet_ntoa(packet.src), packet.data.sport, dst, packet.data.dport))
raw_socket.sendto(packet_bytes, (dst, 0))
@fqrouter
fqrouter / overlapped_ip_fragmentation.py
Created January 16, 2013 15:50
the code to send ip fragment was copied from scapy, verified by tcpdump it indeed send two packet instead of one. However, GFW still can decode the content despite we are using overlapped ip fragmentation. But, 8.8.8.8 dropped the fragmented ip packet, for security reason.
from netfilterqueue import NetfilterQueue
import traceback
import subprocess
import signal
import dpkt
import socket
raw_socket = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.htons(3))
raw_socket.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 2**30)
@fqrouter
fqrouter / wrong_ip_checksum.py
Created January 17, 2013 13:17
it does not work
from netfilterqueue import NetfilterQueue
import traceback
import subprocess
import signal
import dpkt
import socket
import time
raw_socket = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.htons(3))
raw_socket.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 2**30)
@fqrouter
fqrouter / ip_fragment_ttl_injection.py
Created January 17, 2013 13:35
it is important to send 1 then 2x then 1x and 2. other combinations can not work as effective as this way.
from netfilterqueue import NetfilterQueue
import traceback
import subprocess
import signal
import dpkt
import socket
import time
raw_socket = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.htons(3))
raw_socket.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 2**30)
@fqrouter
fqrouter / ip_options_is_not_an_option.py
Last active December 11, 2015 05:58
it is not working, is internet support ip options at all? http://www.eecs.berkeley.edu/Pubs/TechRpts/2005/EECS-2005-24.pdf
from netfilterqueue import NetfilterQueue
import traceback
import subprocess
import signal
import dpkt
import socket
raw_socket = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.htons(3))
raw_socket.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 2**30)