python - Malformed DNS packet scapy -


i have small python script acts proxy. seems working fine script except dns requests. when dns request received script preform request , forward response original user made dns request. when 1 originating dns request gets response it's considered malformed. know there dns issues older versions of scapy, updated scapy 2.3.1 still have problems.

#!/usr/bin/env python  tornado.websocket import websockethandler tornado.httpserver import httpserver tornado.web import application tornado.ioloop import ioloop  collections import defaultdict scapy.all import * import threading  # warning: not thread-safe. # dictionary mapping (outbound.dst, outbound.dport) -> count of ip packets awaiting reply outbound_packets = defaultdict(int) outbound_udp = defaultdict(int) connection = none  class packetsniffer(threading.thread):     def __init__(self):         threading.thread.__init__(self)       def run(self):         global connection         while (true):             pkt = sniff(iface="eth0", count=1)              if pkt[0].haslayer(ip):               pkt = pkt[0][ip]                if outbound_packets[(pkt.src, pkt.sport)] > 0:                   outbound_packets[(pkt.src, pkt.sport)] -= 1                     if pkt[0].haslayer(udp):                     # modify destination address address of tun on host.                     pkt.dst = "10.0.0.1"                      try:                       del pkt[udp].chksum                       del pkt[ip].chksum                       pkt.show2() # force recompute checksum                     except indexerror:                       print "error deleting"                      if connection:                         connection.write_message(str(pkt).encode('base64'))                     elif pkt[0].haslayer(tcp):                     print "tcp packet"                     # modify destination address address of tun on host.                             pkt.dst = "10.0.0.1"                     try:                       del pkt[tcp].chksum                       del pkt[ip].chksum                       pkt.show2() # force recompute checksum                     except indexerror:                       print "error deleting"                      if connection:                         connection.write_message(str(pkt).encode('base64'))

i'm no dns expert can tell response has answer rrs: 2 looking @ actual dns answers see 1 entry. safe assume answer rrs value should match number of actual answers? if case, idea how/why answers being removed dns entry?

enter image description here

scapy issue 913 , issue 5105 discuss problem , led me pull request 18 , pull request 91 fixed problem.

when applied these scapy 2.2.0 (not 2.3.1) line numbers didn't entirely match obvious things went. found , entered 18 first, 91 may enough fix problem.


-

Comments

Post a Comment

Popular posts from this blog

OpenCV OpenCL: Convert Mat to Bitmap in JNI Layer for Android -

there several posts converting mat bitmap using utils.mattobitmap() function. i'm assuming function can called in java layer after importing utils class. i want transfer data memory address pointed uint32_t* bmpcontent; in code below. jniexport void jnicall java_com_nod_nodcv_nodcvactivity_runfilter( jnienv *env, jclass clazz, jobject outbmp, jbytearray indata, jint width, jint height, jint choice, jint filter) { int outsz = width*height; int insz = outsz + outsz/2; androidbitmapinfo bmpinfo; if (androidbitmap_getinfo(env, outbmp, &bmpinfo) < 0) { throwjavaexception(env,"gaussianblur","error retrieving bitmap meta data"); return; } if (bmpinfo.format != android_bitmap_format_rgba_8888) { throwjavaexception(env,"gaussianblur","expecting rgba_8888 format"); return; } uint32_t* bmpcontent; if (androidbitmap_lockpixels(env, outbmp,(void**)&bmpcontent)...
Read more

android - org.xmlpull.v1.XmlPullParserException: expected: START_TAG {http://schemas.xmlsoap.org/soap/envelope/}Envelope -

i trying hit soap api in application login purpose , getting above mentioned error , can 1 tell me going wrong , first time soap apis. here code hit soap :- vector<object> args = new vector<object>(); hashtable<string, object> hashtable = new hashtable<string, object>(); hashtable.put("email", "mss.siddhart28@gmail.com"); hashtable.put("password", "siddharth"); args.add(hashtable); soapserializationenvelope envelope = new soapserializationenvelope( soapenvelope.ver11); envelope.dotnet = true; envelope.xsd = soapserializationenvelope.xsd; envelope.enc = soapserializationenvelope.enc; (new marshalhashtable()).register(envelope); httptransportse androidhttptransport = new httptransportse( "http://tempuri.org/", 15000); androidhttptransport.debug = true; string result = ""; try { soapobject request = new soapobject("http:...
Read more

python - How to remove the Xframe Options header in django? -

i have made page has iframe . inside iframe want show multiple different links article facebook, or news, or youtube video or other possible url. but, due xframe header, unable so. referred following link: https://docs.djangoproject.com/en/1.8/ref/clickjacking/ , django xframeoptionsmiddleware (x-frame-options) - allow iframe client ip but didn't help. my settings.py file's middleware_classes is: middleware_classes = ( 'django.contrib.sessions.middleware.sessionmiddleware', 'django.middleware.common.commonmiddleware', 'django.middleware.csrf.csrfviewmiddleware', 'django.contrib.auth.middleware.authenticationmiddleware', 'django.contrib.auth.middleware.sessionauthenticationmiddleware', 'django.contrib.messages.middleware.messagemiddleware', 'django.middleware.clickjacking.xframeoptionsmiddleware', ) from http://django-secure.readthedocs.org/en/latest/middleware.html , found using ...
Read more