geneva.plugins.dns¶
Client
Run by the evaluator, tries to make a GET request to a given server
-
class
plugins.dns.client.
DNSClient
(args)¶ Bases:
plugins.plugin_client.ClientPlugin
Defines the DNS client.
-
__init__
(args)¶ Initializes the DNS client.
-
dns_test
(to_lookup, dns_server, output_dir, environment_id, logger, timeout=3, use_tcp=False)¶ Makes a DNS query to a given censored domain.
-
static
get_args
(command)¶ Defines required args for this plugin
-
run
(args, logger, engine=None)¶ Try to make a forbidden DNS query.
-
name
= 'dns'¶
-
Code influenced from: - https://github.com/emileaben/scapy-dns-ninja/blob/master/dns-ninja-server.py - https://thepacketgeek.com/scapy-p-09-scapy-and-dns/
-
class
plugins.dns.server.
DNSServer
(args, logger=None)¶ Bases:
plugins.plugin_server.ServerPlugin
Purpose: Handle incoming DNS queries and respond with resource records defined in a zone configuration file (if exists for that domain) or respond with the answer given by a DNS resolver
Features: - Loads zone configuration files (–zones-dir) - Forwards DNS requests to a DNS resolver for domains that it does not know the answer to (–dns-resolver) - DNS forwarding can be disabled with (–no-forwarding) - Can act as the authority server for all DNS responses
Zones: - Support for A, MX, NS, TXT and CNAME - Other records may be automatically supported through the default action (no special case) - Only the first string per TXT record will be retrieved to avoid duplicated quotes
Logging: - Logs are created for each run and saved in the directory specified (–log-dir) - Logs can be disabled with (–no-log)
Python Test: tests/test_dns_server.py
-
__init__
(args, logger=None)¶ Initializes the DNS Server.
-
build_dns_response
(packet)¶ Build the DNS response packet using one of the following methods: 1) Load the resource record(s) from a manually configured DNS zone file (if exists) OTHERWISE, if enabled: 2) Send a DNS query to a DNS resolver and copy the DNS resource records
-
build_response_packet
(listener_packet, raw_socket=True)¶ Build the DNS response packet - If raw_socket is enabled include the Network and Transport Layer
-
forward_dns_query
(packet: scapy.layers.inet.IP)¶ Forwards the DNS query to a real DNS resolver and returns the DNS response
-
get_args
()¶ Sets up argparse and collects arguments.
-
get_dns_query_info
(packet: scapy.layers.inet.IP)¶ Extract information from the DNS query
-
get_resource_records
(domain_name, question_name, question_type)¶ Gets the appropriate resource record loaded earlier from the zone file
-
load_zones
()¶ Loads the DNS Zones in the zones directory specified (zones_dir)
-
process_packet_netfilter
(listener_packet)¶ Callback function for each packet received by netfilter
-
run
(args, logger)¶ Starts the DNS Service
-
stop
()¶ Stops this server.
-
name
= 'dns'¶
-
netfilter_queue
= 'netfilterqueue'¶
-
socket_TCP
= 'socket_TCP'¶
-
socket_UDP
= 'socket_UDP'¶
-
-
plugins.dns.server.
main
(args)¶ Run the DNS server
DNS Plugin driver
Overrides the default evaluator plugin handling so we can check for legit IPs for UDP tests.
-
class
plugins.dns.plugin.
DNSPluginRunner
(args)¶ Bases:
plugins.plugin.Plugin
Defines the DNS plugin runner.
-
__init__
(args)¶ Marks this plugin as enabled
-
check_legit_ip
(ip, logger, domain='facebook')¶ Helper method to check if the given IP address is serving web content.
-
static
get_args
(command)¶ Defines required global args for this plugin
-
start
(args, evaluator, environment, ind, logger)¶ Runs the plugins
-
name
= 'dns'¶
-