secdev / scapy

Scapy: the Python-based interactive packet manipulation program & library.
https://scapy.net
GNU General Public License v2.0
10.72k stars 2.02k forks source link

DNS request to 127.0.0.1 hang on windows #3266

Closed t-bzhan closed 3 years ago

t-bzhan commented 3 years ago

Brief description

Use scapy to send DNS request to locally hosted DNS service hang on windows.

Environment

How to reproduce

  1. Set up a locally hosted DNS service listening at 53
  2. Use below python code snippet to send a DNS request to the DNS service

    response = sr1(
                IP(dst='127.0.0.1')/
                UDP(sport=RandShort(), dport=53)/
                DNS(rd=1, qd=DNSQR(qname='www.contoso.com.your.zone')),
                verbose=1)
    
    print(response[DNS].summary())

Actual result

The code made no progress and the request did not reach the service.

Expected result

The request should reach the service.

Related resources

That looks like related to this. I tried to add conf.L3socket=L3RawSocket, but it is still with no good with below error message:

File "D:\JupyterNotebook\jupyter\lib\site-packages\scapy-2.4.5rc1.dev51-py3.7.egg\scapy\sendrecv.py", line 649, in sr1 nofilter=nofilter, iface=iface) File "D:\JupyterNotebook\jupyter\lib\site-packages\scapy-2.4.5rc1.dev51-py3.7.egg\scapy\supersocket.py", line 296, in init self.outs = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_RAW) # noqa: E501 File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.7_3.7.2544.0_x64qbz5n2kfra8p0\lib\socket.py", line 151, in init__ _socket.socket.init(self, family, type, proto, fileno) OSError: [WinError 10013] An attempt was made to access a socket in a way forbidden by its access permissions

gpotter2 commented 3 years ago

Try specifying the interface in sr1()

t-bzhan commented 3 years ago

Thanks @gpotter2 , I specified the iface parameter to MS NDIS 6.0 LoopBack Driver, however it is still with no good. Below is my ifaces output:

ifaces Source Index Name MAC IPv4
libpcap -1 MS NDIS 6.0 LoopBack Driver 00:00:00:00:00:00
libpcap 11 WAN Miniport (IPv6) libpcap 13 WAN Miniport (Network Monitor) libpcap 16 Intel(R) I210 Gigabit Network Connection HewlettP:13:3a:e2 169.254.71.188 libpcap 17 WAN Miniport (IP) libpcap 8 Intel(R) Ethernet Connection (2) I219-LM HewlettP:13:3a:e1 10.172.14.167

guedou commented 3 years ago

The loopback interface is a bit specific. Currently, Scapy can send to this interface at layer 2 and layer 3 but is not able to sniff the answers.

In your example, the DNS request is sent and, on my setup, the kernel sends back an ICMP Port Unreachable error messages, as expected.

Sniffing the loopback interface works fine and Scapy retrieves all the exchanged packets.

guedou commented 3 years ago

This is related to your firewall a setup. After disabling Windows Defender Firewall, Scapy works as expected:

>>> sr1(IP() / UDP() / DNS())
Begin emission:
Finished sending 1 packets.
.*
Received 2 packets, got 1 answers, remaining 0 packets
<IP  version=4 ihl=5 tos=0x0 len=89 id=60851 flags= frag=0 ttl=128 proto=icmp chksum=0x0 src=127.0.0.1 dst=127.0.0.1 |<ICMP  type=dest-unreach code=port-unreachable chksum=0x77e7 reserved=0 length=0 nexthopmtu=0 unused='' |<IPerror  version=4 ihl=5 tos=0x0 len=61 id=1 flags= frag=0 ttl=64 proto=udp chksum=0x0 src=127.0.0.1 dst=127.0.0.1 |<UDPerror  sport=domain dport=domain len=41 chksum=0xb6d3 |<DNS  id=0 qr=0 opcode=QUERY aa=0 tc=0 rd=1 ra=0 z=0 ad=0 cd=0 rcode=ok qdcount=1 ancount=0 nscount=0 arcount=0 qd=<DNSQR  qname='www.example.com.' qtype=A qclass=IN |> an=None ns=None ar=None |>>>>>