lost and found ( for me ? )

fake DNS responses with dnschef

Here is how to fake DNS responses with dnschef.

about dnschef

# git clone https://github.com/iphelix/dnschef.git

# ls
CHANGELOG  dnschef.ini  dnschef.py  LICENSE  README  TODO

I installed the following python modules to run the script.
# pip install dnslib
# pip install IPy

edit /etc/resolv.conf
# grep -v ^# /etc/resolv.conf

run the script as proxy mode
# ./dnschef.py

[*] DNSChef started on interface:
[*] Using the following nameservers:
[*] No parameters were specified. Running in full proxy mode

This is running as proxy mode.
If this script receives DNS queries destined to port 53, this forwards those queries to
~# dig @127.1 www.google.com +short

run the script as fake mode.
# ./dnschef.py --fakeip -q
[*] DNSChef started on interface:
[*] Using the following nameservers:
[*] Cooking all A replies to point to

# dig @127.1 www.google.com +short

dnschef can fake a wide variety of RR types, such as A, AAAA, NS, CNAME etc.
There is a sample configuration “dnschef.ini” in the directory.
# less -X dnschef.ini
[A]     # Queries for IPv4 address records

[AAAA]  # Queries for IPv6 address records

# ./dnschef.py --file=dnschef.ini

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.