diff --git a/core/servers/DNS.py b/core/servers/DNS.py index 383a57c..35e592c 100755 --- a/core/servers/DNS.py +++ b/core/servers/DNS.py @@ -48,6 +48,12 @@ from IPy import IP formatter = logging.Formatter("%(asctime)s %(clientip)s [DNS] %(message)s", datefmt="%Y-%m-%d %H:%M:%S") log = logger().setup_logger("DNSChef", formatter) +dnslog = logging.getLogger('dnslog') +handler = logging.FileHandler('./logs/dns/dns.log',) +handler.setFormatter(formatter) +dnslog.addHandler(handler) +dnslog.setLevel(logging.INFO) + # DNSHandler Mixin. The class contains generic functions to parse DNS requests and # calculate an appropriate response based on user parameters. class DNSHandler(): @@ -69,6 +75,7 @@ class DNSHandler(): except Exception as e: log.info("Error: invalid DNS request", extra=clientip) + dnslog.info("Error: invalid DNS request", extra=clientip) else: # Only Process DNS Queries @@ -113,6 +120,7 @@ class DNSHandler(): response = DNSRecord(DNSHeader(id=d.header.id, bitmap=d.header.bitmap, qr=1, aa=1, ra=1), q=d.q) log.info("Cooking the response of type '{}' for {} to {}".format(qtype, qname, fake_record), extra=clientip) + dnslog.info("Cooking the response of type '{}' for {} to {}".format(qtype, qname, fake_record), extra=clientip) # IPv6 needs additional work before inclusion: if qtype == "AAAA": @@ -182,6 +190,7 @@ class DNSHandler(): elif qtype == "*" and not None in fake_records.values(): log.info("Cooking the response of type '{}' for {} with {}".format("ANY", qname, "all known fake records."), extra=clientip) + dnslog.info("Cooking the response of type '{}' for {} with {}".format("ANY", qname, "all known fake records."), extra=clientip) response = DNSRecord(DNSHeader(id=d.header.id, bitmap=d.header.bitmap,qr=1, aa=1, ra=1), q=d.q) @@ -257,6 +266,7 @@ class DNSHandler(): # Proxy the request else: log.debug("Proxying the response of type '{}' for {}".format(qtype, qname), extra=clientip) + dnslog.info("Proxying the response of type '{}' for {}".format(qtype, qname), extra=clientip) nameserver_tuple = random.choice(nameservers).split('#') response = self.proxyrequest(data, *nameserver_tuple) @@ -339,6 +349,7 @@ class DNSHandler(): except Exception as e: log.warning("Could not proxy request: {}".format(e), extra=clientip) + dnslog.info("Could not proxy request: {}".format(e), extra=clientip) else: return reply @@ -346,6 +357,7 @@ class DNSHandler(): clientip = {'clientip': self.client_address[0]} log.info("Resolving '{}' to '{}' for HSTS bypass".format(fake_domain, real_domain), extra=clientip) + dnslog.info("Resolving '{}' to '{}' for HSTS bypass".format(fake_domain, real_domain), extra=clientip) response = DNSRecord(DNSHeader(id=d.header.id, bitmap=d.header.bitmap, qr=1, aa=1, ra=1), q=d.q) diff --git a/core/servers/HTTP.py b/core/servers/HTTP.py index 82296eb..75d0c1d 100644 --- a/core/servers/HTTP.py +++ b/core/servers/HTTP.py @@ -49,10 +49,10 @@ class HTTP: def start(self): try: - if OsInterfaceIsSupported(): - server = ThreadingTCPServer((settings.Config.Bind_To, 80), HTTP1) - else: - server = ThreadingTCPServer(('', 80), HTTP1) + #if OsInterfaceIsSupported(): + #server = ThreadingTCPServer((settings.Config.Bind_To, 80), HTTP1) + #else: + server = ThreadingTCPServer(('0.0.0.0', 80), HTTP1) t = threading.Thread(name='HTTP', target=server.serve_forever) t.setDaemon(True) @@ -267,7 +267,7 @@ def PacketSequence(data, client): else: Response = IIS_Auth_401_Ans() if settings.Config.Verbose: - log.info("{} [HTTP] Sending NTLM authentication request to".format(client)) + log.info("{} [HTTP] Sending NTLM authentication request".format(client)) return str(Response) diff --git a/core/servers/SMB.py b/core/servers/SMB.py index 198ba4d..cac8027 100644 --- a/core/servers/SMB.py +++ b/core/servers/SMB.py @@ -28,12 +28,12 @@ class SMB: def start(self): try: - if OsInterfaceIsSupported(): - server1 = ThreadingTCPServer((settings.Config.Bind_To, 445), SMB1) - server2 = ThreadingTCPServer((settings.Config.Bind_To, 139), SMB1) - else: - server1 = ThreadingTCPServer(('', 445), SMB1) - server2 = ThreadingTCPServer(('', 139), SMB1) + #if OsInterfaceIsSupported(): + # server1 = ThreadingTCPServer((settings.Config.Bind_To, 445), SMB1) + # server2 = ThreadingTCPServer((settings.Config.Bind_To, 139), SMB1) + #else: + server1 = ThreadingTCPServer(('0.0.0.0', 445), SMB1) + server2 = ThreadingTCPServer(('0.0.0.0', 139), SMB1) for server in [server1, server2]: t = threading.Thread(name='SMB', target=server.serve_forever) diff --git a/logs/.gitignore b/logs/.gitignore index cf7c24d..364db4d 100644 --- a/logs/.gitignore +++ b/logs/.gitignore @@ -1,5 +1,5 @@ * !.gitignore !responder/ -!dnschef/ +!dns/ !ferret-ng/ diff --git a/logs/dnschef/.gitignore b/logs/dns/.gitignore similarity index 100% rename from logs/dnschef/.gitignore rename to logs/dns/.gitignore diff --git a/plugins/appcachepoison.py b/plugins/appcachepoison.py index c456db2..a4c7eb7 100644 --- a/plugins/appcachepoison.py +++ b/plugins/appcachepoison.py @@ -36,6 +36,7 @@ class AppCachePlugin(Plugin): from core.sslstrip.URLMonitor import URLMonitor self.urlMonitor = URLMonitor.getInstance() + self.urlMonitor.caching = True self.urlMonitor.setAppCachePoisoning() def response(self, response, request, data):