mjhjmtu

I'm usin dnschef in my Linux machine, but it gave me this error.

How to fix this issue?

     

Plus, I can use dnschef (which will use localhost network card lo by default) and it doesn't have such issue.

Take a look at this tutorial. It shows you the various ways you can use dnschef.

DNSChef is capable of storing activity log in an external file using the --logfile log1.txt command line parameter. Below is a snippet of a sample DNSChef session:

So something like this:

$ dnschef -i wlan0 --logfile /tmp/dnschef.log

The full usage

root@kali:~# dnschef -h
Usage: dnschef.py [options]:
 _ _ __
 | | version 0.1 | | / _|
 __| |_ __ ___ ___| |__ ___| |_
 / _` | '_ / __|/ __| '_ / _ _|
 | (_| | | | __ (__| | | | __/ |
 __,_|_| |_|___/___|_| |_|___|_|
 iphelix@thesprawl.org


DNSChef is a highly configurable DNS Proxy for Penetration Testers and Malware
Analysts. It is capable of fine configuration of which DNS replies to modify
or to simply proxy with real responses. In order to take advantage of the tool
you must either manually configure or poison DNS server entry to point to
DNSChef. The tool requires root privileges to run.

Options:
 -h, --help show this help message and exit
 --fakeip=192.168.1.100
 IP address to use for matching DNS queries. If you use
 this parameter without specifying domain names, then
 all queries will be spoofed. Consider using --file
 argument if you need to define more than one IP
 address.
 --fakedomains=thesprawl.org,google.com
 A comma separated list of domain names which will be
 resolved to a FAKE value specified in the --ip
 parameter. All other domain names will be resolved to
 their true values.
 --truedomains=thesprawl.org,google.com
 A comma separated list of domain names which will be
 resolved to their TRUE values. All other domain names
 will be resolved to a fake value specified in the --ip
 parameter.
 --nameservers=4.2.2.1,4.2.2.2
 A comma separated list of alternative DNS servers to
 use with proxied requests. A randomly selected server
 from the list will be used for proxy requests. By
 default, the tool uses Google's public DNS server
 8.8.8.8.
 --file=FILE Specify a file containing a list of DOMAIN=IP pairs
 (one pair per line) used for DNS responses. For
 example: google.com=1.1.1.1 will force all queries to
 'google.com' to be resolved to '1.1.1.1'. You can be
 even more specific by combining --file with other
 arguments. However, data obtained from the file will
 take precedence over others.
 --interface=0.0.0.0 Define an interface to use for the DNS listener. For
 example, use 127.0.0.1 to listen for only requests
 coming from a loopback device.
 --tcp Use TCP DNS proxy instead of the default UDP.
 -q, --quiet Don't show headers.

Issue #10 - cannot open logfile

Your issue looks like it's actually a false positive though. The real error is this:

IOError code 13 (permission denied) is thrown on an attempt to bind to the default port 53 which requires the root permissions

I found that here in the upstream repo for dnschef - https://github.com/iphelix/dnschef/issues/10.

In the comments people are stating that this issue is still not resolved, and even when running dnschef as root, it's still reporting the error.

Bottom line

Sounds like a bug in dnschef.

References

• https://tools.kali.org/sniffingspoofing/dnschef


• https://github.com/iphelix/dnschef