I remember a big guy said that , Eighty percent of hacking tools are used Python realization .
This hacker attack first uses "airpwn" The tool creates the target HTTP, Then yes DNS Attack . The idea of this attack is very simple ：
If in an open WLAN There are two people on it ：Bob and Eve.E Want to let B Visit the malicious web page she created , So she can download it to Bob Install malware on your computer , Or maybe show a deceptive site to try to steal Bob Authentication information for .
We already know how this attack works , So use it Python Let's automate this attack .
set up Alfa AWUS06H wireless network adapter
root@bt:~# airmon-ng start wlan0
Now that we've started monitoring mode , And run in mon0 Interface , So let's start writing Python Code !
Write attack code
We will take advantage of it scapy The crawler module implements this kind of hacker attack . We start by listening to the destination port 53 Any UDP package , And then send this package to us, which will be written later as send_response Function of ：
Now create a function that parses the information in the request and injects the response . Parse the package and create the response by moving up layer by layer as follows ：
After the minor details are ignored ,scapy The framework makes this quite easy , The code is as follows ：
All flags are set , Create and add DNS answer ：
final , We inject this spoofing response ：
From host computer 192.168.2.138 Of HTML response ：
Screenshot of my phone under attack ：