diff --git a/src/packet/DNS.py b/src/packet/DNS.py index 6e9d750cb4a44c6f4f61506b874462d0ff976dda..e147b99fac01593095eabdaba3c32efa6b457f3e 100644 --- a/src/packet/DNS.py +++ b/src/packet/DNS.py @@ -52,6 +52,15 @@ class DNS(Packet): layer_idx += 1 question_record = question_records.getlayer(layer_idx) + + def get_field(self) -> str: + """ + Randomly pick a DNS field to be modified. + + :return: Field name. + """ + return random.choice(self.fields) + def tweak(self) -> dict: """ @@ -63,7 +72,8 @@ class DNS(Packet): :return: Dictionary containing tweak information. """ # Get field which will be modified - field = random.choice(self.fields) + field = self.get_field() + # Get auxiliary fields qdcount = self.layer.getfieldval("qdcount") question_records = self.layer.getfieldval("qd") if qdcount > 0 else None diff --git a/src/packet/Packet.py b/src/packet/Packet.py index d739cff576eda2160db4aab77e09b9f3442015a6..2f37f8216a47b633c2636fa157618345a71e94f5 100644 --- a/src/packet/Packet.py +++ b/src/packet/Packet.py @@ -116,9 +116,14 @@ class Packet: try: protocol = layer.name.replace(" ", "_") if protocol == "IP" and packet.getfieldval("version") == 4: + # IPv4 packet protocol = "IPv4" elif protocol == "IP" and packet.getfieldval("version") == 6: + # IPv6 packet protocol = "IPv6" + elif protocol == "DNS" and packet.getfieldval("sport") == 5353 and packet.getfieldval("sport") == 5353: + # mDNS packet + protocol = "mDNS" else: protocol = Packet.protocols.get(protocol, protocol) module = importlib.import_module(f"packet.{protocol}") diff --git a/src/packet/mDNS.py b/src/packet/mDNS.py new file mode 100644 index 0000000000000000000000000000000000000000..1c566b47f20e82f77d62f214bbd117335445ad5a --- /dev/null +++ b/src/packet/mDNS.py @@ -0,0 +1,44 @@ +import random +import scapy.all as scapy +from scapy.layers import dns +from packet.DNS import DNS + +class mDNS(DNS): + + # Class variables + name = "mDNS" + + # Modifiable fields + fields = { + "query": [ + "qr", + "qtype", + "qname" + ], + "response": [ + "qr" + ] + } + + + def __init__(self, packet: scapy.Packet, id: int = 0, last_layer_index: int = -1) -> None: + """ + mDNS packet constructor. + + :param packet: Scapy packet to be edited. + :param id: Packet integer identifier. + :param last_layer_index: [Optional] Index of the last layer of the packet. + If not specified, it will be calculated. + """ + super().__init__(packet, id, last_layer_index) + qr = self.layer.getfieldval("qr") + self.qr_str = "query" if qr == 0 else "response" + + + def get_field(self) -> str: + """ + Randomly pick a DNS field to be modified. + + :return: Field name. + """ + return random.choice(self.fields[self.qr_str]) diff --git a/traces/mdns-responses.pcap b/traces/mdns-responses.pcap new file mode 100644 index 0000000000000000000000000000000000000000..54f42b62f93bd1c8894ed02cc89801a329ab4e02 Binary files /dev/null and b/traces/mdns-responses.pcap differ