本文整理匯總了Python中scapy.all.DNSQR屬性的典型用法代碼示例。如果您正苦於以下問題:Python all.DNSQR屬性的具體用法?Python all.DNSQR怎麽用?Python all.DNSQR使用的例子?那麽, 這裏精選的屬性代碼示例或許可以為您提供幫助。您也可以進一步了解該屬性所在類scapy.all的用法示例。
在下文中一共展示了all.DNSQR屬性的10個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: test_single_dns_resp_packet
# 需要導入模塊: from scapy import all [as 別名]
# 或者: from scapy.all import DNSQR [as 別名]
def test_single_dns_resp_packet():
packets = [
Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12")
/ IP(src="127.0.0.1", dst="192.168.1.1")
/ UDP(sport=80, dport=53)
/ DNS(rd=1, qd=DNSQR(qtype="A", qname="google.com"), an=DNSRR(rdata="123.0.0.1"))
]
events = list(packets_to_datasource_events(packets).events())
assert len(events) == 1
assert events[0]["src_mac"] == "ab:ab:ab:ab:ab:ab"
assert events[0]["dst_mac"] == "12:12:12:12:12:12"
assert events[0]["src_ip"] == "127.0.0.1"
assert events[0]["dst_ip"] == "192.168.1.1"
assert events[0]["sport"] == 80
assert events[0]["dport"] == 53
assert events[0]["qname"] == "google.com."
assert events[0]["qanswer"] == "123.0.0.1"
assert events[0]["qtype"] == "A"
assert events[0]["event_type"] == "DNS" 示例2: test_single_dns_query_packet
# 需要導入模塊: from scapy import all [as 別名]
# 或者: from scapy.all import DNSQR [as 別名]
def test_single_dns_query_packet():
packets = [
Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12")
/ IP(src="127.0.0.1", dst="192.168.1.1")
/ UDP(sport=80, dport=53)
/ DNS(rd=1, qd=DNSQR(qtype="A", qname="google.com"))
]
events = list(packets_to_datasource_events(packets).events())
assert len(events) == 1
assert events[0]["src_mac"] == "ab:ab:ab:ab:ab:ab"
assert events[0]["dst_mac"] == "12:12:12:12:12:12"
assert events[0]["src_ip"] == "127.0.0.1"
assert events[0]["dst_ip"] == "192.168.1.1"
assert events[0]["sport"] == 80
assert events[0]["dport"] == 53
assert events[0]["qname"] == "google.com."
assert events[0]["qtype"] == "A"
assert events[0]["event_type"] == "DNS" 示例3: test_multiple_packets
# 需要導入模塊: from scapy import all [as 別名]
# 或者: from scapy.all import DNSQR [as 別名]
def test_multiple_packets():
packets = [
# HTTP Packet
Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12")
/ IP(src="127.0.0.1", dst="192.168.1.1")
/ TCP(sport=12345, dport=80)
/ HTTP()
/ HTTPRequest(Method="GET", Path="/foo", Host="https://google.com"),
# DNS Packet
Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12")
/ IP(src="127.0.0.1", dst="192.168.1.1")
/ UDP(sport=80, dport=53)
/ DNS(rd=1, qd=DNSQR(qtype="A", qname="google.com"), an=DNSRR(rdata="123.0.0.1")),
# TCP Packet
Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12")
/ IP(src="127.0.0.1", dst="192.168.1.1")
/ TCP(sport=80, dport=5355),
]
events = list(packets_to_datasource_events(packets).events())
assert len(events) == 3
assert [e["event_type"] for e in events] == ["HTTPRequest", "DNS", "TCP"] 示例4: spoof_packet
# 需要導入模塊: from scapy import all [as 別名]
# 或者: from scapy.all import DNSQR [as 別名]
def spoof_packet(packet):
options = get_arguments()
dns_packet = scapy.IP(packet.get_payload())
if dns_packet.haslayer(scapy.DNSRR):
qname = dns_packet[scapy.DNSQR].qname
if options.website in qname:
dns_responce = scapy.DNSRR(rrname=qname, rdata=options.ip)
dns_packet[scapy.DNS].an = dns_responce
dns_packet[scapy.DNS].ancount = 1
del dns_packet[scapy.IP].len
del dns_packet[scapy.IP].chksum
del dns_packet[scapy.UDP].len
del dns_packet[scapy.UDP].chksum
packet.set_payload(str(dns_packet))
packet.accept() 示例5: mdns_send_query
# 需要導入模塊: from scapy import all [as 別名]
# 或者: from scapy.all import DNSQR [as 別名]
def mdns_send_query(test_params, query, send_multicast=True):
"""Send mDNS query to normal and multicast address."""
dns_sd_query = str(DNS(rd=1, qd=DNSQR(qname=query, qtype="PTR")))
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
time.sleep(1)
udp_sr1(test_params, dns_sd_query)
if send_multicast:
multicast_test_params = copy.deepcopy(test_params)
if test_params.ip_version == 4:
multicast_test_params.dst_endpoint.ip_addr = DNS_SD_MULTICAST_IPV4
sock.sendto(
str(dns_sd_query),
(DNS_SD_MULTICAST_IPV4, multicast_test_params.dst_endpoint.port),
)
elif test_params.ip_version == 6:
multicast_test_params.dst_endpoint.ip_addr = DNS_SD_MULTICAST_IPV6
sock.sendto(
str(dns_sd_query),
(DNS_SD_MULTICAST_IPV6, multicast_test_params.dst_endpoint.port),
)
else:
return 示例6: get_kube_dns_ip_mac
# 需要導入模塊: from scapy import all [as 別名]
# 或者: from scapy.all import DNSQR [as 別名]
def get_kube_dns_ip_mac(self):
config = get_config()
kubedns_svc_ip = self.extract_nameserver_ip()
# getting actual pod ip of kube-dns service, by comparing the src mac of a dns response and arp scanning.
dns_info_res = srp1(
Ether() / IP(dst=kubedns_svc_ip) / UDP(dport=53) / DNS(rd=1, qd=DNSQR()),
verbose=0,
timeout=config.network_timeout,
)
kubedns_pod_mac = dns_info_res.src
self_ip = dns_info_res[IP].dst
arp_responses, _ = srp(
Ether(dst="ff:ff:ff:ff:ff:ff") / ARP(op=1, pdst=f"{self_ip}/24"), timeout=config.network_timeout, verbose=0,
)
for _, response in arp_responses:
if response[Ether].src == kubedns_pod_mac:
return response[ARP].psrc, response.src 示例7: scapy_send_dns_requests
# 需要導入模塊: from scapy import all [as 別名]
# 或者: from scapy.all import DNSQR [as 別名]
def scapy_send_dns_requests(number_of_packets):
for _ in range(number_of_packets):
dns_request = Ether(src=ethernet_src, dst=ethernet_dst) /\
IP(src=ip_src, dst=ip_dst) /\
UDP(dport=53, sport=randint(1024, 65535)) /\
DNS(id=randint(1, 1000), rd=1, qd=DNSQR(qname="www." + str(randint(1, 1000)) + ".com"))
sendp(dns_request, verbose=False)
# endregion
# region Main function 示例8: test_from_datasources
# 需要導入模塊: from scapy import all [as 別名]
# 或者: from scapy.all import DNSQR [as 別名]
def test_from_datasources():
packets_1 = [
Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12")
/ IP(src="127.0.0.1", dst="192.168.1.1")
/ TCP(sport=12345, dport=80)
/ HTTP()
/ HTTPRequest(Method="GET", Path="/foo", Host="https://google.com")
]
packets_2 = [
# HTTP Packet
Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12")
/ IP(src="127.0.0.1", dst="192.168.1.1")
/ TCP(sport=12345, dport=80)
/ HTTP()
/ HTTPRequest(Method="GET", Path="/foo", Host="https://google.com"),
# DNS Packet
Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12")
/ IP(src="127.0.0.1", dst="192.168.1.1")
/ UDP(sport=80, dport=53)
/ DNS(rd=1, qd=DNSQR(qtype="A", qname="google.com"), an=DNSRR(rdata="123.0.0.1")),
# TCP Packet
Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12")
/ IP(src="127.0.0.1", dst="192.168.1.1")
/ TCP(sport=80, dport=5355),
]
nx = NetworkX.from_datasources(
[packets_to_datasource_events(packets) for packets in [packets_1, packets_2]]
)
# Make the graph
nx.graph()
assert not nx.is_empty() 示例9: _process_dns
# 需要導入模塊: from scapy import all [as 別名]
# 或者: from scapy.all import DNSQR [as 別名]
def _process_dns(self, pkt):
src_mac = pkt[sc.Ether].src
dst_mac = pkt[sc.Ether].dst
src_ip = pkt[sc.IP].src
dst_ip = pkt[sc.IP].dst
# Find device ID
if pkt[sc.DNS].qr == 0:
# DNS request
if dst_mac == self._host_state.host_mac:
device_mac = src_mac
resolver_ip = dst_ip
else:
return
else:
# DNS response
if src_mac == self._host_state.host_mac:
device_mac = dst_mac
resolver_ip = src_ip
else:
return
device_id = utils.get_device_id(device_mac, self._host_state)
# Parse domain
try:
domain = pkt[sc.DNSQR].qname.decode('utf-8').lower()
except Exception:
return
# Remove trailing dot from domain
if domain[-1] == '.':
domain = domain[0:-1]
# Parse DNS response
ip_set = set()
if sc.DNSRR in pkt and pkt[sc.DNS].an:
for ix in range(pkt[sc.DNS].ancount):
# Extracts A-records
if pkt[sc.DNSRR][ix].type == 1:
# Extracts IPv4 addr in A-record
ip = pkt[sc.DNSRR][ix].rdata
if utils.is_ipv4_addr(ip):
ip_set.add(ip)
with self._host_state.lock:
dns_key = (device_id, domain, resolver_ip, 0)
current_ip_set = self._host_state \
.pending_dns_dict.setdefault(dns_key, set())
ip_set = ip_set | current_ip_set
self._host_state.pending_dns_dict[dns_key] = ip_set 示例10: process
# 需要導入模塊: from scapy import all [as 別名]
# 或者: from scapy.all import DNSQR [as 別名]
def process(pkt):
global quiet
global databaseConn
if pkt.haslayer(DNSQR) and UDP in pkt and pkt[UDP].sport == 53:
# pkt[IP].dst == IP source of the DNS request
# pkt[IP].src == IP of the DNS server
# pkt[DNS].an.rrname == DNS name
query = pkt[DNS].an.rrname if pkt[DNS].an != None else "?"
if not pkt[IP].dst in queries_liste:
queries_liste[pkt[IP].dst] = {}
if not pkt[IP].src in queries_liste[pkt[IP].dst]:
queries_liste[pkt[IP].dst][pkt[IP].src] = {}
if not query in queries_liste[pkt[IP].dst][pkt[IP].src]:
queries_liste[pkt[IP].dst][pkt[IP].src][query] = 1
else:
queries_liste[pkt[IP].dst][pkt[IP].src][query] += 1
if databaseConn and query != None and None != "?":
databaseCursor.execute("INSERT OR IGNORE INTO domains (domain) VALUES (?);", (query,))
databaseConn.commit()
databaseCursor.execute("SELECT idDomain FROM domains WHERE domain=?;", (query,))
domainId = databaseCursor.fetchone()[0]
databaseCursor.execute("SELECT count, idWhoAsk FROM whoAsk WHERE ipFrom=? AND ipTo=? AND domainId=?;", (pkt[IP].src, pkt[IP].dst, domainId))
whoAsk = databaseCursor.fetchone()
if whoAsk:
databaseCursor.execute("UPDATE whoAsk SET count=? WHERE idWhoAsk=?",(whoAsk[0]+1 if whoAsk[0] else 2, whoAsk[1]))
else:
databaseCursor.execute("INSERT INTO whoAsk (ipFrom, ipTo, domainId, count) VALUES (?,?,?,1);", (pkt[IP].src, pkt[IP].dst, domainId))
databaseConn.commit()
if not quiet:
system('clear')
print("{:15s} | {:15s} | {:15s} | {}".format("IP source", "DNS server", "Count DNS request", "Query"))
for ip in queries_liste:
print("{:15s}".format(ip)) # IP source
for query_server in queries_liste[ip]:
print(" "*18+"{:15s}".format(query_server)) # IP of DNS server
for query in queries_liste[ip][query_server]:
print(" "*36+"{:19s} {}".format(str(queries_liste[ip][query_server][query]),query)) # Count DNS request | DNS