nopasaran 0.2.94__tar.gz → 0.2.96__tar.gz

{nopasaran-0.2.94 → nopasaran-0.2.96}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: nopasaran
-Version: 0.2.94
+Version: 0.2.96
 Summary: NoPASARAN is an advanced network tool designed to detect, fingerprint, and locate network middleboxes in a unified framework.
 Home-page: https://github.com/BenIlies/NoPASARAN
 Author: Ilies Benhabbour

{nopasaran-0.2.94 → nopasaran-0.2.96}/nopasaran/primitives/action_primitives/action_primitives.py

@@ -25,6 +25,9 @@ from nopasaran.primitives.action_primitives.client_echo_primitives import Client
 from nopasaran.primitives.action_primitives.probing_primitives import PortProbingPrimitives
 from nopasaran.primitives.action_primitives.replay_primitives import ReplayPrimitives
 from nopasaran.primitives.action_primitives.http_simple_client_primitives import HTTPSimpleClientPrimitives
+from nopasaran.primitives.action_primitives.tcp_dns_request_primitives import TCPDNSRequestPrimitives
+from nopasaran.primitives.action_primitives.tcp_dns_response_primitives import TCPDNSResponsePrimitives
+
 
 class ActionPrimitives(Primitives):
     """
@@ -56,5 +59,7 @@ class ActionPrimitives(Primitives):
         ClientEchoPrimitives,
         PortProbingPrimitives,
         ReplayPrimitives,
-        HTTPSimpleClientPrimitives
+        HTTPSimpleClientPrimitives,
+        TCPDNSResponsePrimitives,
+        TCPDNSRequestPrimitives
         ]

{nopasaran-0.2.94 → nopasaran-0.2.96}/nopasaran/primitives/action_primitives/dns_primitives.py

@@ -386,7 +386,7 @@ class DNSPrimitives:
         """
         dns_query = state_machine.get_variable_value(inputs[0])
         new_query_type = state_machine.get_variable_value(inputs[1])
-        dns_query.qtype = new_query_type
+        dns_query.qtype = int(new_query_type)
         state_machine.set_variable_value(outputs[0], dns_query)
 
     @staticmethod

nopasaran-0.2.96/nopasaran/primitives/action_primitives/tcp_dns_request_primitives.py

@@ -0,0 +1,29 @@
+from nopasaran.decorators import parsing_decorator
+from nopasaran.definitions.events import EventNames
+import nopasaran.utils as utils
+
+class TCPDNSRequestPrimitives:
+    @staticmethod
+    @parsing_decorator(input_args=4, output_args=1)
+    def make_tcp_dns_query(inputs, outputs, state_machine):
+        """
+        Make a DNS query over TCP with user-defined domain and query type.
+        inputs: [domain, query_type, server_ip, server_port]
+        outputs: [dns_response_dict]
+        """
+        domain = state_machine.get_variable_value(inputs[0])
+        query_type = state_machine.get_variable_value(inputs[1])
+        server_ip = state_machine.get_variable_value(inputs[2])
+        server_port = int(state_machine.get_variable_value(inputs[3]))
+
+        # Call utility function with provided parameters
+        result = utils.send_tcp_dns_query(server_ip, server_port, domain, query_type)
+
+        # Store result and trigger events accordingly
+        if not result or result.get("response") is None:
+            state_machine.set_variable_value(outputs[0], {"received": None})
+            state_machine.trigger_event(EventNames.REQUEST_ERROR.name)
+        else:
+            state_machine.set_variable_value(outputs[0], {"received": result})
+            state_machine.trigger_event(EventNames.RESPONSE_RECEIVED.name)
+

nopasaran-0.2.96/nopasaran/primitives/action_primitives/tcp_dns_response_primitives.py

@@ -0,0 +1,40 @@
+from nopasaran.decorators import parsing_decorator
+from nopasaran.tools.tcp_dns_socket_server import TCPDNSSocketServer
+
+class TCPDNSResponsePrimitives:
+
+    @staticmethod
+    @parsing_decorator(input_args=0, output_args=1)
+    def create_tcp_dns_server(inputs, outputs, state_machine):
+        server = TCPDNSSocketServer()
+        state_machine.set_variable_value(outputs[0], server)
+
+    @staticmethod
+    @parsing_decorator(input_args=2, output_args=0)
+    def start_tcp_dns_server(inputs, outputs, state_machine):
+        server = state_machine.get_variable_value(inputs[0])
+        port = int(state_machine.get_variable_value(inputs[1]))
+        server.start(port)
+
+    @staticmethod
+    @parsing_decorator(input_args=4, output_args=1)
+    def wait_and_respond_tcp_dns_query(inputs, outputs, state_machine):
+        """
+        Wait for a DNS query and respond based on provided spec.
+        Inputs: [server_instance, port, timeout, response_spec]
+        Outputs: [result_dict]
+        Example response_spec:
+        {"type": "CNAME", "value": "safe.com", "qname": "blocked.com."}
+        """
+        server = state_machine.get_variable_value(inputs[0])
+        timeout = int(state_machine.get_variable_value(inputs[2]))
+        response_spec = state_machine.get_variable_value(inputs[3])  # can be None
+
+        result, _ = server.wait_for_query(timeout, response_spec)
+        state_machine.set_variable_value(outputs[0], result)
+
+    @staticmethod
+    @parsing_decorator(input_args=1, output_args=0)
+    def close_tcp_dns_server(inputs, outputs, state_machine):
+        server = state_machine.get_variable_value(inputs[0])
+        server.close()

nopasaran-0.2.96/nopasaran/tools/tcp_dns_socket_server.py

@@ -0,0 +1,170 @@
+import socket
+import struct
+import select
+import time
+from dnslib import DNSRecord, RR, QTYPE, A, CNAME, MX, TXT, NS, SOA, PTR, AAAA, SRV, DS, RRSIG, NSEC, DNSKEY
+from nopasaran.definitions.events import EventNames
+
+class TCPDNSSocketServer:
+    def __init__(self):
+        self.sock = None
+
+    def start(self, port):
+        self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+        self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
+        self.sock.bind(('', port))
+        self.sock.listen(5)
+        return EventNames.SERVER_STARTED.name, f"TCP DNS server started on port {port}"
+
+    def wait_for_query(self, timeout, response_spec=None):
+        timeout = float(timeout)
+        start_time = time.time()
+        self.sock.setblocking(False)
+
+        print(f"[Server] Waiting for connections on port {self.sock.getsockname()[1]} with timeout {timeout} seconds")
+
+        while True:
+            remaining_time = timeout - (time.time() - start_time)
+            print(f"[Server] Remaining time: {remaining_time:.2f} seconds")
+            if remaining_time <= 0:
+                print("[Server] Timeout reached with no connection.")
+                return {"received": None}, EventNames.TIMEOUT.name
+
+            ready, _, _ = select.select([self.sock], [], [], remaining_time)
+            if ready:
+                print("[Server] Socket is ready, accepting...")
+                client_sock, client_addr = self.sock.accept()
+                print(f"[Server] Accepted connection from {client_addr}")
+
+                try:
+                    # Set client socket read timeout
+                    client_sock.settimeout(5)
+                    length_data = client_sock.recv(2)
+                    print(f"[Server] Received length_data: {length_data}")
+
+                    if len(length_data) < 2:
+                        print("[Server] Incomplete length_data")
+                        return {"received": None}, EventNames.ERROR.name
+
+                    expected_length = struct.unpack("!H", length_data)[0]
+                    print(f"[Server] Expecting {expected_length} bytes of query data")
+
+                    request_data = b""
+                    receive_start_time = time.time()
+                    receive_timeout = 5  # seconds
+
+                    while len(request_data) < expected_length:
+                        # Check elapsed time to prevent infinite waiting
+                        if time.time() - receive_start_time > receive_timeout:
+                            print("[Server] Timeout while receiving DNS query data")
+                            return {"received": None}, EventNames.TIMEOUT.name
+
+                        try:
+                            chunk = client_sock.recv(expected_length - len(request_data))
+                            if not chunk:
+                                print("[Server] Connection closed before full query received")
+                                return {"received": None}, EventNames.ERROR.name
+                            request_data += chunk
+                            print(f"[Server] Received {len(request_data)}/{expected_length} bytes")
+                        except socket.timeout:
+                            print("[Server] Socket recv() timed out")
+                            return {"received": None}, EventNames.TIMEOUT.name
+
+                    if not request_data:
+                        print("[Server] No request data received")
+                        return {"received": None}, EventNames.ERROR.name
+
+                    print("[Server] Parsing DNS query...")
+                    parsed_query = DNSRecord.parse(request_data)
+                    print(f"[Server] Parsed query: {parsed_query.toZone()}")
+
+                    print("[Server] Building DNS response...")
+                    response = self.build_response(parsed_query, response_spec)
+
+                    print("[Server] Sending DNS response...")
+                    self.send_dns_response(client_sock, response)
+                    print("[Server] DNS response sent successfully.")
+
+                    return {
+                        "received": parsed_query.toZone(),
+                        "client_address": client_addr
+                    }, EventNames.REQUEST_RECEIVED.name
+
+                finally:
+                    print("[Server] Closing client socket")
+                    client_sock.close()
+
+
+
+    def build_response(self, query_record, response_spec=None):
+        qname = str(query_record.q.qname)
+        qtype = query_record.q.qtype
+        response_qname = response_spec.get("qname") if response_spec and response_spec.get("qname") else qname
+        response_type = response_spec.get("type").upper() if response_spec and response_spec.get("type") else QTYPE[qtype].name
+        response_value = response_spec.get("value") if response_spec else None
+
+        response = query_record.reply()
+
+        handlers = {
+            "A": lambda: A(response_value or "127.0.0.1"),
+            "CNAME": lambda: CNAME(response_value or response_qname),
+            "MX": lambda: MX(response_value or f"mail.{response_qname}", preference=10),
+            "TXT": lambda: TXT(response_value or f"dummy record for {response_qname}"),
+            "NS": lambda: NS(response_value or f"ns1.{response_qname}"),
+            "SOA": lambda: SOA(response_value or f"ns1.{response_qname}", f"admin.{response_qname}", (2024051801, 3600, 3600, 3600, 3600)),
+            "PTR": lambda: PTR(response_value or f"ptr.{response_qname}"),
+            "AAAA": lambda: AAAA(response_value or "::1"),
+            "SRV": lambda: self._parse_srv(response_value or f"service.{response_qname},80,0,0"),
+            "DS": lambda: DS(12345, 1, 1, bytes(response_value or f"abcdef{response_qname}", 'utf-8')),
+            "RRSIG": lambda: RRSIG(1, 1, 0, 3600, 0, 0, 0, response_value or f"signer.{response_qname}", b"signature"),
+            "NSEC": lambda: NSEC(response_value or f"next.{response_qname}", []),
+            "DNSKEY": lambda: DNSKEY(256, 3, 8, bytes(response_value or f"publickey{response_qname}", 'utf-8')),
+            "ANY": lambda: A(response_value or "127.0.0.1")
+        }
+
+        handler = handlers.get(response_type)
+        if not handler:
+            print(f"[Server Error] No handler found for response_type: {response_type}")
+            return query_record.reply()
+
+        reverse_qtype = {QTYPE[k]: k for k in QTYPE if isinstance(k, int)}
+        rtype = reverse_qtype.get(response_type)
+        if rtype is None:
+            print(f"[Server Error] Unsupported response_type: {response_type}")
+            return query_record.reply()
+
+        try:
+            print(f"[Server] Calling handler for type {response_type}")
+            rdata = handler()
+            print(f"[Server] Handler produced rdata: {rdata}")
+        except Exception as e:
+            print(f"[Server Error] Handler for {response_type} failed: {e}")
+            return query_record.reply()
+
+        response.add_answer(RR(rname=response_qname, rtype=rtype, rclass=1, ttl=60, rdata=rdata))
+        return response
+
+
+
+    def _parse_srv(self, value):
+        try:
+            target, port, priority, weight = value.split(",")
+            return SRV(int(priority), int(weight), int(port), target)
+        except Exception:
+            return SRV(0, 0, 80, "service.example.com")
+
+    def send_dns_response(self, client_sock, dns_record):
+        response_bytes = dns_record.pack()
+        length_prefix = struct.pack("!H", len(response_bytes))
+        try:
+            client_sock.sendall(length_prefix + response_bytes)
+            return EventNames.RESPONSE_SENT.name
+        except Exception as e:
+            print(f"Failed to send DNS response: {e}")
+            return EventNames.ERROR.name
+
+    def close(self):
+        if self.sock:
+            self.sock.close()
+            self.sock = None
+        return EventNames.CONNECTION_CLOSED.name

{nopasaran-0.2.94 → nopasaran-0.2.96}/nopasaran/utils.py

@@ -4,6 +4,9 @@ import random
 import socket
 import select
 import ssl
+import struct
+from dnslib import DNSRecord, QTYPE
+
 
 
 from scapy.all import IP, TCP, UDP, ICMP, Raw
@@ -391,3 +394,76 @@ def group_ports(ports):
     return result 
 
 
+
+
+def send_tcp_dns_query(server_ip, server_port, domain, query_type="A"):
+    dnsatypes = {
+        1: "A", 2: "NS", 5: "CNAME", 6: "SOA", 12: "PTR", 15: "MX",
+        16: "TXT", 28: "AAAA", 33: "SRV",  43: "DS",
+        46: "RRSIG", 47: "NSEC", 48: "DNSKEY", 255: "ANY"
+    }
+
+    result = {"query": None, "response": None, "error": None}
+    supported_types = ', '.join([f"{v}({k})" for k, v in dnsatypes.items()])
+    lookup_by_name = {v.upper(): k for k, v in dnsatypes.items()}
+    query_type_str = str(query_type).strip().upper()
+
+    print(f"[Debug] Received query_type: {query_type_str}")
+
+    # Validate query type
+    if query_type_str.isdigit():
+        qtype = int(query_type_str)
+        if qtype not in dnsatypes:
+            result["error"] = f"Unsupported numeric query type: {query_type}.\nSupported types are: {supported_types}"
+            print("[Error]", result["error"])
+            return result
+    else:
+        qtype = lookup_by_name.get(query_type_str)
+        if qtype is None:
+            result["error"] = f"Unsupported string query type: {query_type}.\nSupported types are: {supported_types}"
+            print("[Error]", result["error"])
+            return result
+
+    try:
+        print(f"[Debug] Building DNS query for domain {domain} with type {query_type_str} ({qtype})")
+        dns_query = DNSRecord.question(domain, qtype=query_type_str)
+        dns_query.header.id = random.randint(0, 65535)
+        query_packet = dns_query.pack()
+        result["query"] = dns_query.toZone()
+
+        print("[Debug] Opening socket")
+        with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as sock:
+            sock.bind(('', 0))
+            sock.settimeout(2)
+
+            print(f"[Debug] Connecting to {server_ip}:{server_port}")
+            sock.connect((server_ip, server_port))
+
+            length_prefix = struct.pack("!H", len(query_packet))
+            print("[Debug] Sending DNS query")
+            sock.sendall(length_prefix + query_packet)
+
+            print("[Debug] Waiting for response")
+            length_data = sock.recv(2)
+            if len(length_data) < 2:
+                result["error"] = "Incomplete length prefix"
+                print("[Error]", result["error"])
+                return result
+
+            expected_length = struct.unpack("!H", length_data)[0]
+            response_data = b""
+            while len(response_data) < expected_length:
+                chunk = sock.recv(expected_length - len(response_data))
+                if not chunk:
+                    break
+                response_data += chunk
+
+            print("[Debug] Received response data")
+            parsed_response = DNSRecord.parse(response_data)
+            result["response"] = parsed_response.to_dict()
+            return result
+
+    except Exception as e:
+        result["error"] = f"Exception occurred: {str(e)}"
+        print("[Error]", result["error"])
+        return result

{nopasaran-0.2.94 → nopasaran-0.2.96}/nopasaran.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: nopasaran
-Version: 0.2.94
+Version: 0.2.96
 Summary: NoPASARAN is an advanced network tool designed to detect, fingerprint, and locate network middleboxes in a unified framework.
 Home-page: https://github.com/BenIlies/NoPASARAN
 Author: Ilies Benhabbour

{nopasaran-0.2.94 → nopasaran-0.2.96}/nopasaran.egg-info/SOURCES.txt

@@ -60,6 +60,8 @@ nopasaran/primitives/action_primitives/probing_primitives.py
 nopasaran/primitives/action_primitives/replay_primitives.py
 nopasaran/primitives/action_primitives/server_echo_primitives.py
 nopasaran/primitives/action_primitives/signaling_primitive.py
+nopasaran/primitives/action_primitives/tcp_dns_request_primitives.py
+nopasaran/primitives/action_primitives/tcp_dns_response_primitives.py
 nopasaran/primitives/action_primitives/tcp_primitives.py
 nopasaran/primitives/action_primitives/timing_primitives.py
 nopasaran/primitives/action_primitives/tls_primitives.py
@@ -81,4 +83,5 @@ nopasaran/tools/http_2_socket_base.py
 nopasaran/tools/http_2_socket_client.py
 nopasaran/tools/http_2_socket_server.py
 nopasaran/tools/https_1_socket_server.py
+nopasaran/tools/tcp_dns_socket_server.py
 tests/__init__.py

{nopasaran-0.2.94 → nopasaran-0.2.96}/nopasaran.egg-info/requires.txt

@@ -6,3 +6,4 @@ scapy
 h2
 overload
 dnspython
+dnslib

{nopasaran-0.2.94 → nopasaran-0.2.96}/setup.py

@@ -13,7 +13,7 @@ with open(requirements_file, "r") as f:
 # Version will automatically be updated when pushed on the main branch
 setup(
     name="nopasaran",
-    version='0.2.94',
+    version='0.2.96',
     author="Ilies Benhabbour",
     author_email="ilies.benhabbour@kaust.edu.sa",
     description="NoPASARAN is an advanced network tool designed to detect, fingerprint, and locate network middleboxes in a unified framework.",