def run(self, params={}): timeout = params.get(Input.TIMEOUT) output = checkdmarc.check_domains([params.get(Input.DOMAIN)], timeout=timeout, skip_tls=True) try: clean_output = helper.clean(json.loads(json.dumps(output))) except Exception as e: raise PluginException(cause="Unexpected response from server", assistance=e) return {Output.REPORT: clean_output}
def test_has_email_security_records(domain): result = checkdmarc.check_domains([domain]) assert result["spf"]["valid"], f"{domain} has missing/invalid SPF record" assert result["dmarc"][ "valid"], f"{domain} has missing/invalid DMARC record" # https://cyber.dhs.gov/bod/18-01/#where-should-dmarc-reports-be-sent reporting_addrs = [ val["address"] for val in result["dmarc"]["tags"]["rua"]["value"] ] assert any(addr == "*****@*****.**" for addr in reporting_addrs)
def dmarc_check(self, domainname, approved_nameservers, approved_mx_hostnames): domainlist = [] domainlist.append(domainname) rsp = checkdmarc.check_domains( domainlist, approved_nameservers=approved_nameservers, approved_mx_hostnames=approved_mx_hostnames) ns = rsp["ns"] if ns["warnings"]: ns_warnings = ns["warnings"] for warning in ns_warnings: self.add_remark_warning(warning, "DNS CHECKS") mx = rsp["mx"] hosts = mx["hosts"] for host in hosts: if host["tls"] == False: tls_compliance = [{ 'host_name': host["hostname"], 'tls_status': 'non_compliant', 'error': None }] self.add_remark_warning("TLS is not compliant", "TLS COMPLIANCE") if mx["warnings"]: mx_warnings = mx["warnings"] for warning in mx_warnings: self.add_remark_warning(warning, "DNS CHECK") dmarc = rsp["dmarc"] if "error" in dmarc: error = dmarc["error"] dmarc_compliance = [{ 'domain': domainname, 'dmarc_status': 'non_compliant', 'error': error }] self.add_remark_warning("Dmarc is not compliant:" + dmarc["error"], "DNS CHECKS") else: dmarc_compliance = [{ 'domain': domainname, 'dmarc_status': 'compliant', 'error': None }] self.add_remark_ok( "DMARC DNS record has been published (Compliant)", "DNS CHECKS")
def scan_domain(domain): scan_results = { 'A': get_record(domain, 'A'), 'AAAA': get_record(domain, 'AAAA'), 'TXT': get_record(domain, 'TXT'), 'DMARC': check_domains([domain]) } domain_data = {'domain': domain, 'scan_results': scan_results} # following print statement should be replaced by push to elastic print(json.dumps(domain_data)) current_app.logger.debug(domain_data) return 'OK'
def check(): form = CheckDmarcForm() domains = [] results = [] if form.validate_on_submit(): nameservers = dns.resolver.Resolver().nameservers domains.append(form.domain.data) form.domain.data = None results = checkdmarc.check_domains( domains, nameservers=nameservers, include_dmarc_tag_descriptions=True, ) return render_template('check.html', form=form, results=results)
def full_check(domain, skip_tls=True, timeout=None): nameservers = os.getenv('NAMESERVERS', None) if nameservers: nameservers = nameservers.split(",") res = checkdmarc.check_domains([domain], skip_tls=skip_tls, nameservers=nameservers) output = OrderedDict() output['_about'] = "For questions: mailto:[email protected]. Data produced "\ "using https://domainaware.github.io/checkdmarc/index.html" output['_version'] = f"checkdmarc {checkdmarc.__version__} (from pip)" output['_nameservers'] = nameservers # We do this to make sure "about" is put first in the merged ordered dict output.update(res) return output
def testKnownGood(self): """Domains with known SPF and DMARC records""" results = checkdmarc.check_domains(known_good_domains) for domain in results: spf_error = None dmarc_error = None if "error" in domain["spf"]: spf_error = domain["spf"]["error"] if "error" in domain["dmarc"]: dmarc_error = domain["dmarc"]["error"] self.assertEqual(domain["spf"]["valid"], True, "Known good domain {0} failed SPF check:" "\n\n{0}".format(domain["domain"], spf_error)) self.assertEqual(domain["dmarc"]["valid"], True, "Known good domain {0} failed DMARC check:" "\n\n{1}".format(domain["domain"], dmarc_error))
def get_domains(domain): print("==== Domains ====") dmarc = {} try: dmarc = checkdmarc.check_domains(domain, timeout=10.0, nameservers=["8.8.8.8", "1.1.1.1"]) if len(dmarc) > 0: print(dmarc) else: print("None found") except Exception as e: print('Error with ' + domain) print(e) print("\n")
def testKnownGood(self): """Domains with known good STARTTLS support, SPF and DMARC records""" results = checkdmarc.check_domains(known_good_domains) for result in results: spf_error = None dmarc_error = None for mx in result["mx"]["hosts"]: self.assertEqual( mx["starttls"], True, "MX host of known good domain {0} failed STARTTLS check:" "\n\n{0}".format(result["domain"], mx["hostname"]) ) if "error" in result["spf"]: spf_error = result["spf"]["error"] if "error" in result["dmarc"]: dmarc_error = result["dmarc"]["error"] self.assertEqual(result["spf"]["valid"], True, "Known good domain {0} failed SPF check:" "\n\n{0}".format(result["domain"], spf_error)) self.assertEqual(result["dmarc"]["valid"], True, "Known good domain {0} failed DMARC check:" "\n\n{1}".format(result["domain"], dmarc_error))
def get_info(self, data): try: result = checkdmarc.check_domains(data.split()) except Exception as e: self.error(e) return {"DomainMailSPFDMARC": dict(result)}
async def check_domain(domain: str, response: Response): response.headers["Access-Control-Allow-Origin"] = "*" return checkdmarc.check_domains([domain], include_dmarc_tag_descriptions=True)
def get_info(self, data): try: result = checkdmarc.check_domains(data.split()) except ValueError: print("Explotioooooooo") return {"DomainMailSPFDMARC": dict(result)}
#!/usr/bin/python3 import checkdmarc, argparse, json, shutil, os Parser = argparse.ArgumentParser(description='To check DNS.') Parser.add_argument('-d', '--domain') Args = Parser.parse_args() if Args.domain: print('[+] Retrieving details for domain: ' + Args.domain + '.') domains = [Args.domain] results = checkdmarc.check_domains(domains) print(results['base_domain']) output_dict = json.dumps(results, indent=4, sort_keys=True) json_dict = json.loads(output_dict) print(output_dict) NS_Hosts = json_dict['ns']['hostnames'] MX_Hosts = json_dict['mx']['hosts'] DMARC_Record = json_dict['dmarc']['record']a DMARC_Location = json_dict['dmarc']['location'] DMARC_Valid = json_dict['dmarc']['valid'] DNSSEC_Enabled = json_dict['dnssec'] SPF_Record = json_dict['spf']['record'] SPF_Valid = json_dict['spf']['valid'] print('-' * shutil.get_terminal_size().columns) print("NS Information:") print('-' * shutil.get_terminal_size().columns) if NS_Hosts: