lost and found ( for me ? )

python: generate random query name,query type DNS queries from many SrcIP

small tips.

I used scapy to generate DNS queries.

src ip range: 192.168.1.0 – 192.168.100.0
target ip: 192.168.200.10

# cat dns_test01.py  -n
    1  #!/usr/bin/env python
    2  from scapy.all import *
    3  import random
    4  import string
    5
    6  domain_string = string.ascii_lowercase + string.digits
    7  query_type = ['A','SOA','AAAA','NS','MX']
    8
    9  for i in range(1,100):
   10          for j in range(1,100):
   11
   12                  a1 = ''.join(random.choice(domain_string) for x in range(10))
   13                  b1 = ''.join(random.choice(domain_string) for y in range(3))
   14                  target1 = a1 + "." + b1 + ".bar.com"
   15
   16                  a2 = ''.join(random.choice(domain_string) for x in range(10))
   17                  b2 = ''.join(random.choice(domain_string) for y in range(5))
   18                  target2 = a2 + "." + b2 + ".bar.com"
   19
   20                  packet1 = (IP(src="192.168.%d.%d" % (i,j),dst="192.168.200.10")/UDP(sport=RandShort())/DNS(id=RandShort(),rd=0,qd=DNSQR(qname="%s" % target1,qtype="%s" % random.choice(query_type))))
   21                  res1 = sr(packet1,retry=False,timeout=0.000001,inter=0.000001,verbose=False)
   22
   23                  packet2 = (IP(src="192.168.%d.%d" % (i,j),dst="192.168.200.10")/UDP(sport=RandShort())/DNS(id=RandShort(),rd=0,qd=DNSQR(qname="%s" % target2,qtype="%s" % random.choice(query_type))))
   24                  res2 = sr(packet2,retry=False,timeout=0.000001,inter=0.000001,verbose=False)

run the script
# ./dns_test01.py

Capture data collected on the DNS server.
# tshark -r a.pcap | head -10
Running as user "root" and group "root". This could be dangerous.
 1   0.000000 192.168.1.79 -> 192.168.200.10 DNS Standard query MX jz5n4fi5tu.qc3p4.bar.com
 2   0.000138 192.168.200.10 -> 192.168.1.79 DNS Standard query response, No such name
 3   0.019126 192.168.1.80 -> 192.168.200.10 DNS Standard query AAAA ea5wprushb.6hn.bar.com
 4   0.019263 192.168.200.10 -> 192.168.1.80 DNS Standard query response, No such name
 5   0.069056 192.168.1.80 -> 192.168.200.10 DNS Standard query SOA 0hkk3cdueu.dw4i3.bar.com
 6   0.069209 192.168.200.10 -> 192.168.1.80 DNS Standard query response, No such name
 7   0.082334 192.168.1.81 -> 192.168.200.10 DNS Standard query A cq7hvgt921.snd.bar.com
 8   0.082479 192.168.200.10 -> 192.168.1.81 DNS Standard query response, No such name
 9   0.093938 192.168.1.81 -> 192.168.200.10 DNS Standard query MX qfbnv9bx4l.e126b.bar.com
10   0.094052 192.168.200.10 -> 192.168.1.81 DNS Standard query response, No such name

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.