【scapy】进行DNS协议测试

原创
2014/03/31 15:39
阅读数 704

http://www.cnblogs.com/xiaowuyi/p/3333276.html

一、进行dns访问

参数参考rfc http://www.ietf.org/rfc/rfc1035.txt

>>> default_dstIp="10.235.160.73"
>>> default_dstPort=5333
>>> default_srcProt=10000
>>> default_url="img01.xxxxcdn.com.danuoyi.com"
>>> ans=sr1(IP(dst=default_dstIp)/UDP(dport=default_dstPort)/DNS(qd=DNSQR(qname=default_url, qtype=1)), verbose=0)
>>> result = ans[DNS].show()
###[ DNS ]###
  id        = 0
  qr        = 0L
  opcode    = QUERY
  aa        = 0L
  tc        = 0L
  rd        = 0L
  ra        = 0L
  z         = 0L
  rcode     = ok
  qdcount   = 1
  ancount   = 0
  nscount   = 0
  arcount   = 0
  \qd        \
   |###[ DNS Question Record ]###
   |  qname     = 'img01.taobaocdn.com.danuoyi.tbcache.com.'
   |  qtype     = A
   |  qclass    = IN
  an        = None
  ns        = None
  ar        = None
>>> ans[DNS].command()
"DNS(aa=0L, qr=0L, an=None, nscount=0, qdcount=1, ns=None, tc=0L, rd=0L, arcount=0, ar=None, opcode=0L, ra=0L, z=0L, rcode=0L, id=0, ancount=0, qd=DNSQR(qclass=1, qtype=1, qname='img01.taobaocdn.com.danuoyi.tbcache.com.'))"

二、对相应结果的解析:

对于command返回的元素,本打算逐个元素解析,但因为格式是raw的,对ns对象解析的时候出现乱码;

一开始可能会解析出乱码的执行函数

 def exec_test(func):
    #print "Start %s case..."%func
    #print "Start to query DNS.....\n---Pharos address:%s\n---Client address:%s"%(dst,qname)
    resp = eval(func)
#     try:
#         an = eval(resp).an
#         qd = eval(resp).qd
#         rtjson = ""
#         anjson = ""
#         qdjson = ""
#         dnsjson = ""
#         if an<>None:
#             for key in vars(an)['fields']:
#                 anjson = ",".join([anjson,"%s:%s"%(key,getattr(an, str(key)))])
#
#         if qd<>None:
#             for key in vars(qd)['fields']:
#                 qdjson = ",".join([qdjson,"%s:%s"%(key,getattr(qd, str(key)))])
#
#         dns = eval(resp)
#         for key in vars(dns)['fields']:
#             if key not in ('an','qd'):
#                 dnsjson = ",".join([dnsjson,"%s:%s"%(key,getattr(dns, str(key)))])
#
#         rtjson ='{"DNSRR":{%s},"DNSQR":{%s}%s}'%(anjson.lstrip(","),qdjson.lstrip(","), dnsjson)
#         print rtjson
#
#     except:
#         print sys.exc_info()


后改称通过索引得到key对应的value

def getvaluebyName(org, name):
    index=org.index(name)
    index2=org.index(',', index)
    result = org[(index+len(name)+1):index2]
    if result[0] == "\'":
        result=result[1:len(result)-1]

    return result

result = ans[DNS].command() 
rdata = getvaluebyName(result, "rdata")



展开阅读全文
打赏
0
0 收藏
分享
加载中
更多评论
打赏
0 评论
0 收藏
0
分享
返回顶部
顶部