我有一个用于DNS的Python/Scapy嗅探器。我能够嗅探DNS消息并获取IP/UDP源和目标IP地址和端口,但是我在解析DNS部分时遇到了问题。我希望能得到一些帮助或解决方案来解决这个问题。
#!/usr/bin/env python
from scapy.all import *
from datetime import datetime
import time
import datetime
import sys
############# MODIFY THIS PART IF NECESSARY ###############
interface = 'eth0'
filter_bpf = 'udp and port 53'
# ------ SELECT/FILTER MSGS
def select_DNS(pkt):
pkt_time = pkt.sprintf('%sent.time%')
# ------ SELECT/FILTER DNS MSGS
try:
if DNSQR in pkt and pkt.dport == 53:
# queries
print '[**] Detected DNS QR Message at: ' + pkt_time
#
elif DNSRR in pkt and pkt.sport == 53:
# responses
print '[**] Detected DNS RR Message at: ' + pkt_time
#
except:
pass
# ------ START SNIFFER
sniff(iface=interface, filter=filter_bpf, store=0, prn=select_DNS)