/
README
57 lines (34 loc) · 1.09 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
spood is a spoofing DNS proxy with a vaguely obscene name. All in Erlang.
WHAT IS IT
spood is a DNS proxy that listens for requests on localhost and proxies
the requests by spoofing the packets from the IP addresses of other
clients. spood might be useful if you're using a DNS tunnel like sods:
http://github.com/msantos/sods
REQUIREMENTS
* procket: http://github.com/msantos/procket
* epcap: http://github.com/msantos/epcap
SETUP
1. Build it and run:
make
./start.sh
2. Test it:
$ nslookup
> server 127.0.0.1
Default server: 127.0.0.1
Address: 127.0.0.1#53
> www.google.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
www.google.com canonical name = www.l.google.com.
Name: www.l.google.com
Address: 173.194.33.104
TODO
* add a ping function to spood
* call ICMP ping for {192,168,213,1}, 24
* add each host that responds to a list
* call list strategy
* support multiple name servers
* add ability to turn on/off debug output
* add sanity checks on sniffed DNS packets, like checking domain
* convert packet manufacturing to use epcap_net