-
Notifications
You must be signed in to change notification settings - Fork 10
/
yapdns.py
42 lines (34 loc) · 1.08 KB
/
yapdns.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
import dpkt
import socket
import struct
from dpkt.udp import UDP
def int2ip(int_ip):
return socket.inet_ntoa(struct.pack("!I", int_ip))
def main():
s = socket.socket(socket.PF_PACKET, socket.SOCK_RAW, socket.SOCK_DGRAM)
s.bind(('eth1', 0x0800))
while True:
data, addr = s.recvfrom(1024)
eth = dpkt.ethernet.Ethernet(data)
ip = eth.data
if isinstance(ip, str):
err_count += 1
continue
if type(ip.data) == UDP:
udp = ip.data
# print repr(udp)
if udp.sport == 53:
try:
dns = dpkt.dns.DNS(udp.data)
if dns.qr == 1:
for rr in dns.an:
if rr.type == 1:
print int2ip(struct.unpack('>I', rr.rdata)[0])
else:
print rr.type
except Exception as e:
raise e
else:
print dns.qd[0].name
if __name__ == '__main__':
main()