NetfilterQueue on ParrotOS

I wanted to get deeper into InfoSec - I've always dabbled and played around... I started using Kali when Backtrack 2 came out, learned how to crack some WEP passwords, you know, the script kiddie stuff.

I fell out of it when I started working as a web developer out of college. Had to decide if I wanted to continue on and get my degree or take a job I was offered, so I spent the entire summer going deep into ColdFusion - thank you Raymond Camden, would never have gotten there without your books to help me. I had to keep up with the flow, my time was now spent reading CF blogs, then to PHP, RoR, JS, Node, and on and on and on.

And here we are now, doing Full Stack work and enjoying it, but missing the fun and excitement of trying to break into a system, or learning those things that I never thought I'd be able to do. So I've decided to move back in that direction.. I knew how to use the tools, but after being a developer for over a decade, I think I can get a better grasp of these things now. I'm going to start from the bottom, use the skills I have (coding) to get a deeper understanding of what's going on and actually have a go at this InfoSec thing.

I've started purchasing some books and courses aimed at building a toolkit using Python. I've played around in Python many times in the past, but this will be a lot more fun to see some real-world uses and build my own toolkit so I can get a deeper understanding and also build the skills to solve a problem if I've got nothing but a terminal and a Python installation. Sounds like fun to me!

I've rambled on enough, and this will likely be the only post like that. In every book I've been reading lately, the suggestion is to start a blog for a few reasons:

• Post solutions to problems you've faced so others can learn from you
• Keep a record for yourself of how you solved common problems
• Learn to write reports for future pentests or Bug Bounties

I'm sure I'll find plenty of more reasons for this but that's what I'll be doing here. This one just happened to be the first, so I thought I'd give a little background at least.

Anyway, I was working on building a DNS Spoofer in a course from Zaid Sabih where I needed to install the NetfilterQueue module on my system and I was having a little trouble with it.

The course said to install it with pip as we normally do with third-party modules, but I was getting an error:

netfilterqueue.c:439:10: fatal error: libnetfilter_queue/linux_nfnetlink_queue.h:
No such file or directory #include "libnetfilter_queue/linux_nfnetlink_queue.h"

So, I'm using python 2.7 and also python 3.7 and there are occasions where a module will be called something different for various versions, so I tried both versions of pip: sudo pip install netfilterqueue and sudo pip3 install netfilterqueue but got the same error.

Searching around a bit lead me to try installing the libnfnetlink-dev package from the apt repo: sudo apt-get install libnfnetlink-dev but I still got the same result.

I also found a reference to python-nfqueue but that didn't seem to have a package in the repo.

Finally, I was finally able to find two other missing packages that needed to be installed to get the NetfilterQueue module installed through pip:
sudo apt-get install libnetfilter-queue-dev libnetfilter-queue1

After installing these two apt packages, NetfilterQueue installed without issue and I was able to move on:
sudo pip install netfilterqueue

Note that this method also works on Kali

Hopefully this helps someone solve this issue if they come across it - or myself, next time I run into this issue and forget what I did last time.

Note: I'm running python as sudo because many of the scripts I'm writing require root access to modify things such as network interfaces, iptables, packet forwarding, etc - I believe there are different Python installs on Parrot for regular and sudo privileges, if I'm wrong, someone let me know.