197 lines
7.8 KiB
Python
197 lines
7.8 KiB
Python
# -*- coding: utf-8 -*-
|
||
|
||
import socket
|
||
import dns.message
|
||
import dns.rdatatype
|
||
import dns.rdata
|
||
import dns.rdataclass
|
||
import binascii
|
||
import csv
|
||
import datetime
|
||
|
||
from scapy.all import *
|
||
|
||
#from crypto.PublicKey import Ed448
|
||
#import dns.rdatatype
|
||
|
||
# 定义代理服务器的地址和端口
|
||
proxy_host = '10.0.8.14' # 代理服务器的IP地址
|
||
proxy_port = 53 # 代理服务器的端口
|
||
#proxy_port = 22 # 代理服务器的端口
|
||
|
||
# 定义上游DNS服务器的地址和端口
|
||
upstream_host = '127.0.0.1' # 上游DNS服务器的IP地址
|
||
upstream_port = 9999 # 上游DNS服务器的端口
|
||
|
||
csv_file = "dnssec_log.csv"
|
||
|
||
def proxy_dns_request(request, client_addr, proxy_socket):
|
||
# 创建与上游DNS服务器的套接字连接
|
||
upstream_socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
|
||
|
||
# 发送DNS请求到上游DNS服务器
|
||
upstream_socket.sendto(request, (upstream_host, upstream_port))
|
||
|
||
# 接收上游DNS服务器的响应
|
||
response, _ = upstream_socket.recvfrom(4096)
|
||
|
||
# 修改DNS应答中的字段
|
||
modified_response = modify_dns_response(response,client_addr,len(request))
|
||
#modified_response = response
|
||
|
||
# 将修改后的DNS应答发送给客户端
|
||
#client_socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
|
||
#client_socket.sendto(modified_response, client_addr)
|
||
proxy_socket.sendto(modified_response, client_addr)
|
||
# print("finish",client_addr)
|
||
# 关闭套接字连接
|
||
upstream_socket.close()
|
||
#client_socket.close()
|
||
|
||
def modify_dns_response(response,client_addr,len_request):
|
||
# 在这里添加你的修改逻辑
|
||
# 解析DNS应答消息,并修改需要的字段
|
||
# 可以使用dnspython等DNS库来解析和构造DNS消息
|
||
# print("response ",response)
|
||
dns_response = dns.message.from_wire(response)
|
||
# print("dns_response ",dns_response)
|
||
qweasd = 0
|
||
|
||
packet = DNS(response)
|
||
# 解析DNS流量
|
||
if DNS in packet:
|
||
dns1 = packet[DNS]
|
||
if dns1.qd[0].qtype != 1:
|
||
print("************No Change************")
|
||
return response
|
||
if dns1.ancount > 0:
|
||
print("Answers:")
|
||
for an in dns1.an:
|
||
print(" Name:", an.rrname.decode())
|
||
print(" Type:", an.type)
|
||
#print(" Data:", an.rdata)
|
||
|
||
for rrset in dns_response.answer:
|
||
if rrset.rdtype == dns.rdatatype.RRSIG and qweasd == 0 :
|
||
qweasd = 1
|
||
current_time = datetime.now()
|
||
# with open(csv_file, "a", newline="") as file:
|
||
# writer = csv.writer(file)
|
||
# writer.writerow([client_addr, len_request, current_time])
|
||
# print("dnssec_log.csv:",csv_file)
|
||
# new_rdata = dns.rdata.from_text(rrset.rdclass, rrset.rdtype, rrset.to_text())
|
||
# new_rdata.algorithm = 16 # 设置为 5 或其他你想要的值
|
||
|
||
# 替换原始 RRSIG 记录
|
||
# rrset.clear()
|
||
# rrset.add(new_rdata)
|
||
# for attrr in dir(rrset):
|
||
# print(attrr)
|
||
# print("rdata.algorithm",rrset.algorithm)
|
||
# new_rdata = dns.rdatatype.from_text(rdtype_text.replace(dns.rdatatype.RSASHA1,dns.rdatatype.ED448))
|
||
# rrset.items = new_rdata
|
||
# print(rrset.items)
|
||
# print(rrset[1])
|
||
# print(bin(rrset.items[1]))
|
||
# for qwe in rrset:
|
||
#print(qwe)
|
||
#print(type(qwe)," key: ",qwe," qweqweqweqweqwe ")
|
||
# for attrr in dir(qwe):
|
||
# print(attrr)
|
||
# qwe.algorithm = 16
|
||
# print(qwe.algorithm)
|
||
# 遍历DNS响应中的资源记录
|
||
|
||
modified_response = dns_response.to_wire()
|
||
binary_string = bin(int(binascii.hexlify(modified_response), 16))
|
||
# print("len: ",len(binary_string),"\n",binary_string)
|
||
formatted_string = str(binary_string)
|
||
index = str(binary_string).find("01100101001000001101110000001111")
|
||
new_string = formatted_string[:index+1] + '0' + formatted_string[index+2:]
|
||
new_string = new_string[:index+2] + '1' + new_string[index+3:]
|
||
new_string = new_string[:index+3] + '0' + new_string[index+4:]
|
||
new_string = new_string[:index+4] + '0' + new_string[index+5:]
|
||
new_string = new_string[:index+5] + '1' + new_string[index+6:]
|
||
new_string = new_string[:index+6] + '0' + new_string[index+7:]
|
||
formatted_string = new_string[:index+7] + '1' + new_string[index+8:]
|
||
|
||
# index = str(binary_string).find("0000010100000011")
|
||
index = str(binary_string).find("0000110100000011")
|
||
|
||
# formatted_string = str(binary_string)
|
||
new_string = formatted_string[:index+1] + '1' + formatted_string[index+2:]
|
||
new_string = new_string[:index+2] + '1' + new_string[index+3:]
|
||
new_string = new_string[:index+3] + '1' + new_string[index+4:]
|
||
new_string = new_string[:index+4] + '0' + new_string[index+5:]
|
||
new_string = new_string[:index+5] + '0' + new_string[index+6:]
|
||
new_string = new_string[:index+6] + '0' + new_string[index+7:]
|
||
formatted_string = new_string[:index+7] + '0' + new_string[index+8:]
|
||
# print("len: ",len(formatted_string),"\n",formatted_string)
|
||
# print("index: ",formatted_string[index:])
|
||
binary_string = formatted_string[2:]
|
||
binary_number = int(binary_string, 2)
|
||
formatted_string = binary_number.to_bytes((binary_number.bit_length() + 7) // 8, 'big')
|
||
# print("index: ",formatted_string)
|
||
try:
|
||
dns_response = dns.message.from_wire(formatted_string)
|
||
except:
|
||
modified_response = dns_response.to_wire()
|
||
# print(dns_response)
|
||
modified_response = dns_response.to_wire()
|
||
print("**********************************************************************************************************************")
|
||
return modified_response
|
||
|
||
def start_proxy_server():
|
||
# 创建代理服务器的套接字
|
||
proxy_socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
|
||
|
||
# 将套接字绑定到代理服务器的地址和端口
|
||
proxy_socket.bind((proxy_host, proxy_port))
|
||
|
||
# 循环监听客户端请求并代理流量
|
||
|
||
num = 1
|
||
|
||
print("START: ")
|
||
while True:
|
||
|
||
print("start")
|
||
request, client_addr = proxy_socket.recvfrom(4096)
|
||
print("num: ",num)
|
||
num = num + 1
|
||
try:
|
||
packet = DNS(request)
|
||
# 解析DNS流量
|
||
if DNS in packet:
|
||
dns1 = packet[DNS]
|
||
if dns1.qdcount > 0:
|
||
print("Queries:")
|
||
for qd in dns1.qd:
|
||
print(" Query Name:", qd.qname.decode())
|
||
print(" Query Type:", qd.qtype)
|
||
print(" Query Class:", qd.qclass)
|
||
query_current_time = datetime.now()
|
||
query_current_time = query_current_time.strftime("%H%M%S%f")[:-2]
|
||
# src = request[IP].src
|
||
print(" Query src:", client_addr)
|
||
print(" Query Current Time:", query_current_time)
|
||
tmp = qd.qname.decode()
|
||
if tmp[0] == "D":
|
||
with open("shiyan1_query", "a", newline="") as file:
|
||
writer = csv.writer(file)
|
||
writer.writerow([qd.qname.decode(), qd.qtype, qd.qclass, client_addr, query_current_time])
|
||
print("finish")
|
||
except Exception as e:
|
||
print("error",str(e))
|
||
|
||
|
||
|
||
proxy_dns_request(request, client_addr, proxy_socket)
|
||
|
||
# 关闭套接字连接
|
||
proxy_socket.close()
|
||
|
||
|
||
# 启动代理服务器
|
||
start_proxy_server()
|