Class to handle DNSPoisonig procedures. More...

Classes
class	CriticalError
	Raised when a critical error occurred. More...

class	InitialQueryFailed
	Exception raised when the initial query fails. More...

class	InvalidAttackType
	Exception raised when the passed attack type is not valid. More...

class	InvalidIPAddress
	Exception raised when invalid IP address is passed. More...

class	Mode
	Used to specified the attack mode. More...

class	NSFetchError
	Exception raised when NS server IP cannot be fetched. More...

class	SuccessfulAttack
	Raised when the attack succeded. More...

Public Member Functions
def	__init__ (self, victim_server_ip, attacked_domain, bad_server_data, attacker_ip, bad_domain, ns_server_ip=None, victim_mac=None, nic_interface=None, sigint_handler=None, log_function=lambda msg:None)
	Constructors. More...

def	stop_attack (self, sig, frame)
	Handler used to stop the attack. More...

def	get_server_data (self)
	Start UDP Server. More...

def	send_initial_query (self)
	Start the process to send the initial query.

def	get_authoritative_server (self, domain, dns_server_ip)
	Get IP of the NS server. More...

def	check_poisoning (self, dns_server_ip=None, spoofed_ip=None)
	Check if the poisonig succeded. More...

def	check_recursion (self, dns_server_ip=None, domain=None)

def	start (self, number_of_tries=50, mode="NORMAL", attack_type="NORMAL")
	Start the attack. More...

Public Attributes
	victim_server_ip

	attacker_ip
	Attacker IP address.

	domain
	Domain to spoof.

	bad_udp_ip
	Light DNS IP.

	bad_udp_port
	Light DNS port.

	bad_domain
	Domain owned by the attacker, used to fetch TXID and source port.

	victim_mac
	Victim MAC address (only for faster flooding)

	nic_interface
	Network Card Interface to use (only for faster flooding)

	sigint_handler
	SIGINT (Ctrl+C) handler to use.

	log
	Logging function to use.

	stop_flag
	Stop running procedures.

	ns_server_ip

	attack_type
	Data Fetching code

Detailed Description

Class to handle DNSPoisonig procedures.

This class provide an interface to perform the Kaminsky DNS poisoning attack.
Apart from providing an interface to the DNSPoisoning module, it has function that allows to fetch the TXID and the port used by the target server.

Constructor & Destructor Documentation

◆ init()

def dns_attack.DNSAttack.__init__	(	self,
		victim_server_ip,
		attacked_domain,
		bad_server_data,
		attacker_ip,
		bad_domain,
		ns_server_ip = `None`,
		victim_mac = `None`,
		nic_interface = `None`,
		sigint_handler = `None`,
		log_function = `lambda msg: None`
	)

Constructors.

Parameters

victim_server_ip
attacked_domain
bad_server_data	(ip, port) The UDP server IP and port
attacker_ip
victim_mac	The victim server MAC address (Only required for faster flooding)
ns_server_ip	The authoritative NS server for the target domain
attack_type	Specify the attack to perform DNSPoisoning.AttackType
nic_interface	Set the network iterface to use on faster flooding
sigint_handler	The functin to call when SIGINT signal is received
log_function	The function to call when message need to be printed

Todo:: Check if port and IP are valid

Member Function Documentation

◆ check_poisoning()

def dns_attack.DNSAttack.check_poisoning	(	self,
		dns_server_ip = `None`,
		spoofed_ip = `None`
	)

Check if the poisonig succeded.

Parameters

dns_server_ip	The server to check
spoofed_ip	The IP address that should be spoofed

Returns: True in case of success, False otherwire

Ask an "A" query to the victim server and check if the returned IP is the one inteded to spoof.
If no arguement is supplied, parameter are taken from the class attributes.

◆ get_authoritative_server()

def dns_attack.DNSAttack.get_authoritative_server	(	self,
		domain,
		dns_server_ip
	)

Get IP of the NS server.

Parameters

(str)	domain The domain used to fetch NS server
(IP)	dns_server_ip The server where request should be sent

Returns: (IP) the NS server IP

Raises DNSAttack.NSFetchError in case of fetching error

◆ get_server_data()

def dns_attack.DNSAttack.get_server_data ( self )

Start UDP Server.

Start an UDP server and return the fetched TXID and the source port

Returns: (int) The fetched TXID; (int) The source port where the query comes from

◆ start()

def dns_attack.DNSAttack.start	(	self,
		number_of_tries = `50`,
		mode = `"NORMAL"`,
		attack_type = `"NORMAL"`
	)

Start the attack.

Parameters

number_of_tries	(int) The number of tentative (Default 50)
mode	(string) The type of attack to be performed, see the above link

See also: DNSAttack::Mode

Raise DNSAttack::SuccessfulAttack in case of successful attack.
Raise DNSAttack::CriticalError in case of error.
Raise DNSAttack::InvalidAttackType in case an invalid attack type is provided.

◆ stop_attack()

def dns_attack.DNSAttack.stop_attack	(	self,
		sig,
		frame
	)

Handler used to stop the attack.

Called to stop the current attack routine

The documentation for this class was generated from the following file:

dns_attack.py

Classes

Public Member Functions

Public Attributes

Data Fetching code

Detailed Description

Constructor & Destructor Documentation

◆ __init__()

Member Function Documentation

◆ check_poisoning()

◆ get_authoritative_server()

◆ get_server_data()

◆ start()

◆ stop_attack()

◆ init()