Kaynağa Gözat

use DNS server from background traffic

aidmar.wainakh 7 yıl önce
ebeveyn
işleme
b8a4be2d3a
1 değiştirilmiş dosya ile 4 ekleme ve 1 silme
  1. 4 1
      code/Attack/SalityBotnet.py

+ 4 - 1
code/Attack/SalityBotnet.py

@@ -92,7 +92,10 @@ class SalityBotnet(BaseAttack.BaseAttack):
         mac_source = self.get_param_value(Param.MAC_SOURCE)
         ip_source = self.get_param_value(Param.IP_SOURCE)
 
-        ip_dns_server = self.statistics.get_random_ip_address()
+        # Pick a DNS server from the background traffic
+        ip_dns_server = self.statistics.process_db_query("SELECT ipAddress FROM ip_protocols WHERE protocolName='DNS' ORDER BY protocolCount DESC LIMIT 1;")
+        if not ip_dns_server or ip_source == ip_dns_server:
+            ip_dns_server = self.statistics.get_random_ip_address()
         mac_dns_server = self.statistics.get_mac_address(ip_dns_server)
 
         # Bot original config in the template PCAP