Open sophron opened 6 years ago
From the following post looks like we can still forge DNS entry by dnsmasq
?
https://blog.heckel.xyz/2013/07/18/how-to-dns-spoofing-with-a-simple-dns-server-using-dnsmasq/
Yes, definitely we can. The problem with dnsmasq though is that we are currently parsing output from a command line tool. Our parser may fail in a new dnsmasq release or behave differently across different versions of dnsmasq in different distributions.
Having all the DNS functionality included as a Python module, will give us more freedom and we can also stop worrying about one more external dependency.
We are currently redirecting all DNS queries to our local DNS server that resolves everything to localhost. We need to give the user the flexibility to respond differently to different DNS queries.
For example, as user may want to provide Internet to the victim devices and forward the DNS queries accordingly for all pages except from
targetinfrastructure.com
where he wants to redirect to localhost in order to present a phishing page. The victim should get normal Internet access and should be able to resolve all domain names except from this specific one.This issue may be resolved by changing
dnsmasq
to a Python DNS library.