Add DNS sniffer

This commit is contained in:
Manuel Vergara 2024-01-28 23:41:08 +01:00
parent 371cd18bf0
commit 4847e32f04
2 changed files with 82 additions and 0 deletions

View File

@ -0,0 +1,81 @@
# /usr/bin/env python3
"""
DNS sniffer
"""
import argparse
import signal
import scapy.all as scapy
def def_handler(sig, frame):
print("\n\n[!] Saliendo del programa...\n")
exit(1)
signal.signal(signal.SIGINT, def_handler)
def get_arguments():
"""
Obtiene los argumentos de la línea de comandos
"""
parser = argparse.ArgumentParser(description="DNS sniffer")
parser.add_argument(
"-i", "--interface",
required=True, dest="interface",
help="Interfaz de red a utilizar"
)
args = parser.parse_args()
return args
def process_sniffed_packet(packet):
"""
Procesa el paquete sniffado
"""
if packet.haslayer(scapy.DNSQR):
domain = packet[scapy.DNSQR].qname.decode()
exclude_keywords = ["bing", "google", "static", "cloud", "yahoo"]
if domain not in domains_seen and not any(keyword in domain for keyword in exclude_keywords):
domains_seen.add(domain)
print(f"[+] Dominio: {domain}")
def sniff(interface):
"""
"""
print("\n[+] Interceptando paquetes de la máquina victima: \n")
scapy.sniff(
iface=interface, filter="udp and port 53",
store=False, prn=process_sniffed_packet
)
def main():
"""
Función principal
"""
arguments = get_arguments()
sniff(arguments.interface)
if __name__ == "__main__":
global domains_seen
domains_seen = set()
main()

View File

@ -28,3 +28,4 @@ Quizá encuentres aquí cosas que no están en el vídeo, o viceversa, son apunt
| 12. [Escaner de puertos](./12_escaner_puertos/) |
| 13. [Cambiador de MAC](./13_cambiar_mac_address/) |
| 14. [Escaner de red](./14_escaneres_red/) |
| 15. [Hacking](./15_hacking/) |