deserter is the first of its kind targeted DNS cache poisoner

Related tags

Networking and Internet dns cybersecurity dns-server cyber-security red-team dns-cache-poisoning cache-attack dns-poisoning
Overview

deserter

What is deserter?

deserter is the first of its kind targeted DNS cache poisoner. It is capable of DNS cache poisoning without bruteforcing the target ID and source port - instead, it sniffs out DNS probes and uses the information inside to craft poisoned responses and send them back to the target.

In order for it to work, the attacker needs to be on the same network as the victim. Sometimes, arp spoofing may also be required - usually on physical connections through Ethernet.

Installation

You need to clone this repo with its submodule:

git clone --recurse-submodules https://github.com/b4ckslash0/deserter
┌──(backslash0@kali)-[~/dev/test]-[]
└─$ git clone --recurse-submodules https://github.com/b4ckslash0/deserter
Cloning into 'deserter'...
remote: Enumerating objects: 125, done.
remote: Counting objects: 100% (125/125), done.
remote: Compressing objects: 100% (89/89), done.
remote: Total 125 (delta 36), reused 107 (delta 21), pack-reused 0
Receiving objects: 100% (125/125), 30.41 KiB | 1.05 MiB/s, done.
Resolving deltas: 100% (36/36), done.
Submodule 'external/PcapPlusPlus' (https://github.com/seladb/PcapPlusPlus) registered for path 'external/PcapPlusPlus'
Cloning into '/home/backslash0/dev/test/deserter/external/PcapPlusPlus'...
remote: Enumerating objects: 15076, done.        
remote: Counting objects: 100% (619/619), done.        
remote: Compressing objects: 100% (472/472), done.        
remote: Total 15076 (delta 269), reused 282 (delta 135), pack-reused 14457        
Receiving objects: 100% (15076/15076), 83.19 MiB | 2.06 MiB/s, done.
Resolving deltas: 100% (10354/10354), done.
Submodule path 'external/PcapPlusPlus': checked out '5f43c3d0545bebcc71cc3fa149c200a081784008'

The tool depends on PcapPlusPlus, for packet capturing and crafting, and argparse, for command-line argument parsing.

Now, change your directory to the cloned repository and then into the scripts directory. Change the permission for execution on the install.sh file and run it:

cd deserter/scripts
chmod +x install.sh
./install.sh

The tool will build and compile into the deserter/build directory. After installation you can use

./deserter --help

for more information.

Note, the tool requires sudo permissions to be run.

TODOs:

  • add Windows support
  • colours and banner
  • support for poisoning multiple queries in a single request/response
  • option to keep listening for new packets after a successful poisoning

This tool is not intended for use against machines without their owner's written permission. I do not bear any responsibility for your own actions.

You might also like...
The InitWare Suite of Middleware allows you to manage services and system resources as logical entities called units. Its main component is a service management (
The InitWare Suite of Middleware allows you to manage services and system resources as logical entities called units. Its main component is a service management ("init") system.

InitWare isn't ready to use yet!! Unless you are doing so for fun, to experiment, or to contribute, you most likely do not want to try to install Init

null 164 Dec 21, 2022
First Growtopia Private Server made with ENet

GrowtopiaServer First Growtopia Private Server made with ENet. This project has been compiled with Visual Studio 2015 (Visual Studio 2013 or older won

Lyte 10 Oct 21, 2021
Provide translation, currency conversion, and voting services. First using telnet you create a connection to a TCP socket, then the server connects to 3 UDP sockets hosted on other servers to do tasks.

to run micro servers g++ translator.cpp -o translator ./translator port 1 g++ voting.cpp -o voting ./voting port 2 g++ currency_converter.cpp -o c

Jacob Artuso 1 Oct 29, 2021
deserter is a targeted DNS cache poisoner.
deserter is a targeted DNS cache poisoner.

deserter is a targeted DNS cache poisoner. It is capable of DNS cache poisoning without bruteforcing the target ID and source port - instead, it sniffs out DNS probes and uses the information inside to craft poisoned responses and send them back to the target.

null 92 Dec 22, 2022
Dohd is a minimalist DNS-over-HTTPS daemon that redirects all DoH queries to a local DNS server running on localhost:53 (UDP)

dohd Dohd (pron. doh-dee) is a minimalist DNS-over-HTTPS daemon that redirects all DoH queries to a local DNS server running on localhost:53 (UDP). Fe

Dyne.org 16 Dec 1, 2022
A low-latency LRU approximation cache in C++ using CLOCK second-chance algorithm. Multi level cache too. Up to 2.5 billion lookups per second.
A low-latency LRU approximation cache in C++ using CLOCK second-chance algorithm. Multi level cache too. Up to 2.5 billion lookups per second.

LruClockCache Low-latency LRU approximation cache in C++ using CLOCK second-chance algorithm. (see wiki for details) using MyKeyType = std::string; us

Hüseyin Tuğrul BÜYÜKIŞIK 35 Dec 19, 2022
✔️The smallest header-only GUI library(4 KLOC) for all platforms
✔️The smallest header-only GUI library(4 KLOC) for all platforms

Welcome to GUI-lite The smallest header-only GUI library (4 KLOC) for all platforms. 中文 Lightweight ✂️ Small: 4,000+ lines of C++ code, zero dependenc

null 6.6k Jan 8, 2023
With xshellex you can paste any kind of c-shellcode strings in x64dbg, ollydbg & immunity debugger
With xshellex you can paste any kind of c-shellcode strings in x64dbg, ollydbg & immunity debugger

With xshellex you can paste any kind of c-shellcode strings in x64dbg, ollydbg & immunity debugger. Also you can convert the "binary-copied-clipboard" to c-shellcode string.

David Reguera Garcia aka Dreg 30 Oct 7, 2022
dos-like is a programming library/framework, kind of like a tiny game engin
dos-like is a programming library/framework, kind of like a tiny game engin

dos-like is a programming library/framework, kind of like a tiny game engine, for writing games and programs with a similar feel to MS-DOS productions from the early 90s. But rather than writing code that would run on a real DOS machine, dos-like is about making programs which runs on modern platforms like Windows, Mac and Linux, but which attempts to recreate the look, feel, and sound of old DOS programs.

Mattias Gustavsson 818 Jan 7, 2023
Create a calculator of any kind in any language, create a pr.

calculators Create a calculator of any kind in any language, create a pr. Create a calculator of any type using the programming language of your choic

Akshay Gautam 2 Oct 21, 2022
This is a repository entirely dedicated to all kind of questions ranging from basic DSA to CP. It aims to provide a solution to different questions. 📚

🎉 CP-DSA-Questions 🎉 This is a repository entirely dedicated to all kind of questions ranging from basic DSA to CP. It aims to provide a solution to

Kanak 72 Dec 28, 2022
A C math library targeted at games

Kazmath Kazmath is a simple 3D maths library written in C. It was initially coded for use in my book, Beginning OpenGL Game Programming - Second editi

Luke Benstead 506 Dec 31, 2022
A C math library targeted at games

Kazmath Kazmath is a simple 3D maths library written in C. It was initially coded for use in my book, Beginning OpenGL Game Programming - Second editi

Luke Benstead 506 Dec 31, 2022
Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as
Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as "adversary simulation software designed to execute targeted attacks and emulate the post-exploitation actions of advanced threat actors".

COBALT STRIKE 4.4 Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as "adversary simulation software designed to exe

Trewis [work] Scotch 104 Aug 21, 2022
Box64 - Linux Userspace x86_64 Emulator with a twist, targeted at ARM64 Linux devices
Box64 - Linux Userspace x86_64 Emulator with a twist, targeted at ARM64 Linux devices

Box64 - Linux Userspace x86_64 Emulator with a twist, targeted at ARM64 Linux devices

ptitSeb 1.5k Dec 31, 2022
TAFuzzer: Effective and Efficient Targeted Fuzzing framework for Smart Contract Vulnerability Detection (CCS2022a Under Review).

TAFuzzer An effective and efficient targeted fuzzing framework for smart contract vulnerability detection. Requirements TAFuzzer is supported on Linux

null 2 Feb 7, 2022
A C library for asynchronous DNS requests

c-ares This is c-ares, an asynchronous resolver library. It is intended for applications which need to perform DNS queries without blocking, or need t

c-ares 1.5k Jan 3, 2023
Mongoose Embedded Web Server Library - a multi-protocol embedded networking library with TCP/UDP, HTTP, WebSocket, MQTT built-in protocols, async DNS resolver, and non-blocking API.
Mongoose Embedded Web Server Library - a multi-protocol embedded networking library with TCP/UDP, HTTP, WebSocket, MQTT built-in protocols, async DNS resolver, and non-blocking API.

Mongoose - Embedded Web Server / Embedded Networking Library Mongoose is a networking library for C/C++. It implements event-driven non-blocking APIs

Cesanta Software 9k Jan 1, 2023
DNS and Target HTTP History Local Storage and Search

dooked DNS and Target HTTP History Local Storage and Search Installation Download Boost Library from the official website Extract the library into any

Michael Skelton 60 Oct 31, 2022
Comments
  • Segmentation fault, attack seems succesful,

    Segmentation fault, attack seems succesful, 

    mz@kitty:~/work/deserter$ sudo ./build/deserter -t 192.168.1.57 -b 127.0.0.1 -i wlp3s0
    ____                      __           
   / __ \___  ________  _____/ /____  _____
  / / / / _ \/ ___/ _ \/ ___/ __/ _ \/ ___/
 / /_/ /  __(__  )  __/ /  / /_/  __/ /    
/_____/\___/____/\___/_/   \__/\___/_/     
                                           
Waiting for DNS packets to come...
Poisoning successful.
[ERROR: /home/mz/work/deserter/external/PcapPlusPlus/Packet++/src/DnsResource.cpp: setData:352] DNS record is of type AAAA but given data isn't of type IPv6DnsResourceData
[ERROR: /home/mz/work/deserter/external/PcapPlusPlus/Packet++/src/DnsLayer.cpp: addResource:495] Couldn't set new resource data
Segmentation fault

    OS: Debian GNU/Linux 11 (bullseye) x86_64 CPU: Intel i5-8350U (8) @ 400MHz

    note: target is my local IP

    bug 
    opened by 10maurycy10 4
  • Segmentation Fault on debain 11

    Segmentation Fault on debain 11

    Reproduction:

    1. install all required tools
        sudo apt install cmake
    1. follow build instructions
        cd scripts/
    chmod +x install.sh
    ./install.sh
    1. run
        sudo ./deserter -t 169.1.1.35 -b 93.184.216.34 -i wlp3s0
    1. observe segfault
    bug 
    opened by 10maurycy10 4
  • Make command error

    Make command error

    when i run install bash file ( install.sh ) he show me this error "make: *** No targets specified and no makefile found. Stop." can any one help me? and thanks

    opened by FliShaDZ 1
Releases(v2.0)
Owner
null
GitHub
Dohd is a minimalist DNS-over-HTTPS daemon that redirects all DoH queries to a local DNS server running on localhost:53 (UDP)

dohd Dohd (pron. doh-dee) is a minimalist DNS-over-HTTPS daemon that redirects all DoH queries to a local DNS server running on localhost:53 (UDP). Fe

Dyne.org 16 Dec 1, 2022
A C library for asynchronous DNS requests

c-ares This is c-ares, an asynchronous resolver library. It is intended for applications which need to perform DNS queries without blocking, or need t

c-ares 1.5k Jan 3, 2023
Mongoose Embedded Web Server Library - a multi-protocol embedded networking library with TCP/UDP, HTTP, WebSocket, MQTT built-in protocols, async DNS resolver, and non-blocking API.

Mongoose - Embedded Web Server / Embedded Networking Library Mongoose is a networking library for C/C++. It implements event-driven non-blocking APIs

Cesanta Software 9k Jan 1, 2023
DNS and Target HTTP History Local Storage and Search

dooked DNS and Target HTTP History Local Storage and Search Installation Download Boost Library from the official website Extract the library into any

Michael Skelton 60 Oct 31, 2022
A local DNS server to obtain the fastest website IP for the best Internet experience

A local DNS server to obtain the fastest website IP for the best Internet experience

Nick Peng 5.7k Jan 4, 2023
a lightweight and performant multicast DNS (mDNS) reflector with modern design, supports zone based reflection and IPv6

mDNS Reflector mDNS Reflector (mdns-reflector) is a lightweight and performant multicast DNS (mDNS) reflector with a modern design. It reflects mDNS q

Yuxiang Zhu 90 Dec 10, 2022
Winpcap-based network packet capture tool, support TLS (part), UDP, ICMP, TCP, ARP, DNS and other protocol analysis, interface reference wireshark.

Winpcap-based network packet capture tool, support TLS (part), UDP, ICMP, TCP, ARP, DNS and other protocol analysis, interface reference wireshark.

null 54 Dec 26, 2022
Brutally effective DNS amplification ddos attack tool. Can cripple a target machine from a single host. Use with extreme caution.

Brutally effective DNS amplification ddos attack tool. Can cripple a target machine from a single host. Use with extreme caution.

thescientist 2 Jan 1, 2023
DNS amplification DDOS attack tool.

DNS amplification DDOS attack tool.

the-scientist 28 Dec 29, 2022
A project designed for the esp8266 D1 Mini or the esp8266 D1 Mini PRO to provide a wifi http server and dns server.

PS4 Server 9.00 This is a project designed for the esp8266 D1 Mini or the esp8266 D1 Mini PRO to provide a wifi http server and dns server. this is fo

null 14 Nov 28, 2022