DNS server now outputs all queries to seperate log file

Fixed a bug where the SSLStrip proxy wouldn't allow caching if the AppCache poison plugin is enabled HTTP and SMB servers now listen on all interfaces
2025-07-05 20:42:20 -07:00 · 2015-09-06 12:47:07 +02:00 · 2015-09-06 12:47:07 +02:00 · 22a43df4f8
commit 22a43df4f8
parent 9add87c5b2
6 changed files with 25 additions and 12 deletions
--- a/core/servers/DNS.py
+++ b/core/servers/DNS.py
@ -48,6 +48,12 @@ from IPy import IP
 formatter = logging.Formatter("%(asctime)s %(clientip)s [DNS] %(message)s", datefmt="%Y-%m-%d %H:%M:%S")
 log = logger().setup_logger("DNSChef", formatter)
 dnslog = logging.getLogger('dnslog')
 handler = logging.FileHandler('./logs/dns/dns.log',)
 handler.setFormatter(formatter)
 dnslog.addHandler(handler)
 dnslog.setLevel(logging.INFO)
 # DNSHandler Mixin. The class contains generic functions to parse DNS requests and
 # calculate an appropriate response based on user parameters.
 class DNSHandler():
@ -69,6 +75,7 @@ class DNSHandler():
        except Exception as e:
            log.info("Error: invalid DNS request", extra=clientip)
            dnslog.info("Error: invalid DNS request", extra=clientip)
        else:        
            # Only Process DNS Queries
@ -113,6 +120,7 @@ class DNSHandler():
                    response = DNSRecord(DNSHeader(id=d.header.id, bitmap=d.header.bitmap, qr=1, aa=1, ra=1), q=d.q)
                    log.info("Cooking the response of type '{}' for {} to {}".format(qtype, qname, fake_record), extra=clientip)
                    dnslog.info("Cooking the response of type '{}' for {} to {}".format(qtype, qname, fake_record), extra=clientip)
                    # IPv6 needs additional work before inclusion:
                    if qtype == "AAAA":
@ -182,6 +190,7 @@ class DNSHandler():
                elif qtype == "*" and not None in fake_records.values():
                    log.info("Cooking the response of type '{}' for {} with {}".format("ANY", qname, "all known fake records."), extra=clientip)
                    dnslog.info("Cooking the response of type '{}' for {} with {}".format("ANY", qname, "all known fake records."), extra=clientip)
                    response = DNSRecord(DNSHeader(id=d.header.id, bitmap=d.header.bitmap,qr=1, aa=1, ra=1), q=d.q)
@ -257,6 +266,7 @@ class DNSHandler():
                # Proxy the request
                else:
                    log.debug("Proxying the response of type '{}' for {}".format(qtype, qname), extra=clientip)
                    dnslog.info("Proxying the response of type '{}' for {}".format(qtype, qname), extra=clientip)
                    nameserver_tuple = random.choice(nameservers).split('#')               
                    response = self.proxyrequest(data, *nameserver_tuple)
@ -339,6 +349,7 @@ class DNSHandler():
        except Exception as e:
            log.warning("Could not proxy request: {}".format(e), extra=clientip)
            dnslog.info("Could not proxy request: {}".format(e), extra=clientip)
        else:
            return reply
@ -346,6 +357,7 @@ class DNSHandler():
        clientip = {'clientip': self.client_address[0]}
        log.info("Resolving '{}' to '{}' for HSTS bypass".format(fake_domain, real_domain), extra=clientip)
        dnslog.info("Resolving '{}' to '{}' for HSTS bypass".format(fake_domain, real_domain), extra=clientip)
        response = DNSRecord(DNSHeader(id=d.header.id, bitmap=d.header.bitmap, qr=1, aa=1, ra=1), q=d.q)
--- a/core/servers/HTTP.py
+++ b/core/servers/HTTP.py
@ -49,10 +49,10 @@ class HTTP:
 	def start(self):
 		try:
-			if OsInterfaceIsSupported():
+			#if OsInterfaceIsSupported():
-				server = ThreadingTCPServer((settings.Config.Bind_To, 80), HTTP1)
+				#server = ThreadingTCPServer((settings.Config.Bind_To, 80), HTTP1)
-			else:
+			#else:
-				server = ThreadingTCPServer(('', 80), HTTP1)
+			server = ThreadingTCPServer(('0.0.0.0', 80), HTTP1)
 			t = threading.Thread(name='HTTP', target=server.serve_forever)
 			t.setDaemon(True)
@ -267,7 +267,7 @@ def PacketSequence(data, client):
 		else:
 			Response = IIS_Auth_401_Ans()
 			if settings.Config.Verbose:
-				log.info("{} [HTTP] Sending NTLM authentication request to".format(client))
+				log.info("{} [HTTP] Sending NTLM authentication request".format(client))
 		return str(Response)
--- a/core/servers/SMB.py
+++ b/core/servers/SMB.py
@ -28,12 +28,12 @@ class SMB:
    def start(self):
        try:
-            if OsInterfaceIsSupported():
+            #if OsInterfaceIsSupported():
-                server1 = ThreadingTCPServer((settings.Config.Bind_To, 445), SMB1)
+            #    server1 = ThreadingTCPServer((settings.Config.Bind_To, 445), SMB1)
-                server2 = ThreadingTCPServer((settings.Config.Bind_To, 139), SMB1)
+            #    server2 = ThreadingTCPServer((settings.Config.Bind_To, 139), SMB1)
-            else:
+            #else:
-                server1 = ThreadingTCPServer(('', 445), SMB1)
+            server1 = ThreadingTCPServer(('0.0.0.0', 445), SMB1)
-                server2 = ThreadingTCPServer(('', 139), SMB1)
+            server2 = ThreadingTCPServer(('0.0.0.0', 139), SMB1)
            for server in [server1, server2]:
                t = threading.Thread(name='SMB', target=server.serve_forever)
--- a/logs/.gitignore
+++ b/logs/.gitignore
@ -1,5 +1,5 @@
 *
 !.gitignore
 !responder/
-!dnschef/
+!dns/
 !ferret-ng/
--- a/logs/dnschef/.gitignore
+++ b/logs/dnschef/.gitignore
--- a/plugins/appcachepoison.py
+++ b/plugins/appcachepoison.py
@ -36,6 +36,7 @@ class AppCachePlugin(Plugin):
        from core.sslstrip.URLMonitor import URLMonitor
        self.urlMonitor = URLMonitor.getInstance()
        self.urlMonitor.caching = True
        self.urlMonitor.setAppCachePoisoning()
    def response(self, response, request, data):