Learning Scapy Pt. 1

I recently started learning Scapy and this is the start of my adventure using it. All the code is up on GitHub. This will be the first of several parts I write.

My first program was to create a simple DNS program. I started with the example given in the Scapy Documentation.

ans = sr1(IP(dst="8.8.8.8")/UDP(sport=RandShort(), dport=53)/DNS(rd=1,qd=DNSQR(qname="secdev.org",qtype="A")))
print(ans.an.rdata)

I was not a fan of the verbose output of the command, and learned that appending verbose=0 to the end quieted the output. My code than read:

ans = sr1(IP(dst="8.8.8.8")/UDP(sport=RandShort(), dport=53)/DNS(rd=1,qd=DNSQR(qname="secdev.org",qtype="A")), verbose=0)
print(ans.an.rdata)

I then asked what if I wanted to change the domain name I wanted to look up? What about getting an IPv6 address or an IPv4 address? So I put the code I've written into a function called get_IPwith the function variables hostname and record. I also changed the query code so that the qname=hostname and qtype=record. I then created a function for argparse so I can easily get arguments from the command line. I set one argument for the hostname, then two optional flags for IPv4 and IPv6. Both are allowd to get both addresses for a hostname. I could then call the get_IP function and have it return the IPv4 or IPv6 address, depending on the IPv4 or IPv6 flag.

Once that was working, I realized I should specify a way to set the DNS server address -- what if someone wanted to use a local DNS server for any reason? So, I again modified the get_IP and argparse options to allow a user to set a DNS server. I also added the fact that if a DNS server was not specified, it would default to Google's 8.8.8.8 server.

Other than that, I did a refactor (I originally had poorly written code everywhere), and added a check to make sure the user ran the command as root. Any feedback either here in the comments, by email. Any contributions are welcome to the GitHub repository.


Daemoneye

Comments

Comments powered by Disqus