Custom DNS records

[sophron]

We are currently redirecting all DNS queries to our local DNS server that resolves everything to localhost. We need to give the user the flexibility to respond differently to different DNS queries.

For example, as user may want to provide Internet to the victim devices and forward the DNS queries accordingly for all pages except from targetinfrastructure.com where he wants to redirect to localhost in order to present a phishing page. The victim should get normal Internet access and should be able to resolve all domain names except from this specific one.

This issue may be resolved by changing dnsmasq to a Python DNS library.

[anakin1028]

From the following post looks like we can still forge DNS entry by dnsmasq? https://blog.heckel.xyz/2013/07/18/how-to-dns-spoofing-with-a-simple-dns-server-using-dnsmasq/

[sophron]

Yes, definitely we can. The problem with dnsmasq though is that we are currently parsing output from a command line tool. Our parser may fail in a new dnsmasq release or behave differently across different versions of dnsmasq in different distributions.

Having all the DNS functionality included as a Python module, will give us more freedom and we can also stop worrying about one more external dependency.