def get_name(self, domain): global wildcard, addresses try: if sys.stdout.isatty(): # Don't spam output if redirected sys.stdout.write(domain + " \r") sys.stdout.flush() res = lookup(domain, recordtype) if args.tld and res: nameservers = sorted(list(res)) ns0 = str(nameservers[0])[:-1] # First nameserver print(domain + " - " + col.brown + ns0 + col.end) if args.tld: if res: print(domain + " - " + res) return for rdata in res: address = rdata.address if wildcard: if address == wildcard: return if args.domain_first: print(domain + " - " + col.brown + address + col.end) else: print(address + " - " + col.brown + domain + col.end) if outfile: if args.domain_first: print(domain + " - " + address, file=outfile) else: print(address + " - " + domain, file=outfile) addresses.add(ipaddr(unicode(address))) if domain != target and args.recurse: # Don't scan root domain twice add_target(domain) # Recursively scan subdomains except: pass
def get_web_index(hoststr): try: hostdeny except: hostfilter_init() try: host = str(ipaddr(hoststr)) except: host = hoststr if host in hostdeny: raise Exception("This host has been added to the hostfilter.") ipaddrs = [] try: ipaddrs.append(str(ipaddr(host))) except: try: gunk = resolve(hoststr, 80) except: pass else: for ipset in gunk: ip = ipaddr(ipset[-1][0]) if str(ip) not in ipaddrs: ipaddrs.append(str(ip)) if (len(hostdeny) > len(list(set(hostdeny) - set(ipaddrs)))): raise Exception("This host resolves to at least one blacklisted host.") else: hosts = [] try: gunk = unresolve(hoststr) except: pass else: hosts.append(gunk[0]) for host in gunk[1]: hosts.append(host) if (len(hostdeny) > len(list(set(hostdeny) - set(hosts)))): raise Exception("This host resolves to at least one blacklisted host.") try: index = fetchurl("http://"+hoststr) except Exception as e: return "No page" html = index.read() return html
def remove_host(ipstr): try: hostdeny except: hostfilter_init() ip = ipaddr(ipstr) if ip not in hostdeny: raise Exception("IP address does not exist in configuration.") else: hostdeny.remove(ip) conf_file = open(path.expanduser("~/.jam927_hostdeny"), "wb") pickle.dump(hostdeny, conf_file) conf_file.close()
def get_name(self, domain): global wildcard, addresses try: if sys.stdout.isatty(): # Don't spam output if redirected sys.stdout.write(domain + " \r") sys.stdout.flush() res = lookup(domain, recordtype) if args.tld and res: nameservers = sorted(list(res)) ns0 = str(nameservers[0])[:-1] # First nameserver print(domain + " - " + col.brown + ns0 + col.end) if args.tld: if res: print(domain + " - " + res) return for rdata in res: address = rdata.address if wildcard: if address == wildcard: return if args.domain_first: print(domain + " - " + col.brown + address + col.end) else: print(address + " - " + col.brown + domain + col.end) if outfile: if args.domain_first: print(domain + " - " + address, file=outfile) else: print(address + " - " + domain, file=outfile) try: addresses.add(ipaddr(unicode(address))) except NameError: addresses.add(ipaddr(str(address))) if domain != target and args.recurse: # Don't scan root domain twice add_target(domain) # Recursively scan subdomains except: pass
def get_web_index(ipstr): try: hostdeny except: hostfilter_init() ip = ipaddr(ipstr) if ip in hostdeny: raise Exception("This IP address has been added to the hostfilter.") try: index = fetchurl("http://"+str(ip)) except Exception as e: return "No page" html = index.read() return html
def remove_host(hoststr): try: hostdeny except: hostfilter_init() host = '' try: host = str(ipaddr(hoststr)) except: host = hoststr if host not in hostdeny: raise Exception("This host does not exist in the configuration.") else: hostdeny.remove(host) conf_file = open(path.expanduser("~/.jam927_hostdeny2"), "wb") pickle.dump(hostdeny, conf_file) conf_file.close()
sys.exit(0) except: out.warn("Getting nameservers failed") # resolver.nameservers = targetns # Use target's NS servers for lokups # Missing results using domain's NS - removed for now out.warn("Zone transfer failed\n") if args.zonetransfer: sys.exit(0) get_v6(target) get_txt(target) get_mx(target) wildcard = get_wildcard(target) if wildcard: try: addresses.add(ipaddr(unicode(wildcard))) except NameError: addresses.add(ipaddr(str(wildcard))) out.status("Scanning " + target + " for " + recordtype + " records") add_target(target) for i in range(args.threads): t = scanner(queue) t.setDaemon(True) t.start() try: for i in range(args.threads): t.join(1024) # Timeout needed or threads ignore exceptions except KeyboardInterrupt: out.fatal("Caught KeyboardInterrupt, quitting...") if outfile:
def infer_originator_type(originator): dic_domain_keyword_pattern = { 'mail': [ 'hinet', 'mail', 'mx', 'smtp', 'post', 'correo', 'poczta', 'send', 'lists', 'newsletter', 'zimbra', 'mta', 'pop', 'imap' ], # hinet: a taiwan mail server 'firewall': ['wall', 'fw'], 'antispam': ['ironport', 'spam'], 'cdn': ['cdn', 'mip'], # mip: Mobile Instant Pages 'dns': ['dns', 'resolv', 'name', 'cns', 'ns', 'cache'], 'home': [ 'ap', 'cable', 'cpe', 'customer', 'dsl', 'dynamic', 'pop', 'fiber', 'flets', 'home', 'host', 'ip', 'pool', 'retail', 'user' ], 'majorservice': ['www', 'vps', 'cloud'], 'cernet': ['cernet'], 'ntp': ['ntp', 'time'], 'web': ['www'], 'tunnel': ['tunnel'], 'tor': ['tor'] } dic_as_pattern = { 'majorservice': [15169], #15169 Google 13335 CloudFlare 'cdn': [13335], 'cernet': [133111, 23910, 133512, 133513] # 133111 cernet, 23910 CERNET2, 133512 IANA } dic_ipaddr_pattern = { 'tunnel': ['2001::/32', '2002::/16'], 'majorservice': ['2607:f8b0::/16'], # google network 'lan': ['ffff::/4'] # lan } for item in dic_domain_keyword_pattern['mail']: if item in originator.domain: return OriginatorType.Mail for item in dic_domain_keyword_pattern['cdn']: if item in originator.domain: return OriginatorType.CDN for item in dic_as_pattern['cdn']: if item == originator.as_num: return OriginatorType.CDN for item in dic_domain_keyword_pattern['dns']: if item in originator.domain: return OriginatorType.DNS for item in dic_domain_keyword_pattern['majorservice']: if item in originator.domain: return OriginatorType.MajorService for item in dic_as_pattern['majorservice']: if item == originator.as_num: return OriginatorType.MajorService for item in dic_ipaddr_pattern['majorservice']: if ipaddr(originator.ipaddr).ip in ipaddr(item).network: return OriginatorType.MajorService for item in dic_domain_keyword_pattern['ntp']: if item in originator.domain: return OriginatorType.NTP for item in dic_domain_keyword_pattern['web']: if item in originator.domain: return OriginatorType.Web for item in dic_domain_keyword_pattern['tor']: if item in originator.domain: return OriginatorType.Tor for item in dic_domain_keyword_pattern['tunnel']: if item in originator.domain: return OriginatorType.Tunnel for item in dic_ipaddr_pattern['tunnel']: if ipaddr(originator.ipaddr).ip in ipaddr(item).network: return OriginatorType.Tunnel for item in dic_domain_keyword_pattern['cernet']: if item in originator.domain: return OriginatorType.Cernet for item in dic_as_pattern['cernet']: if item == originator.as_num: return OriginatorType.Cernet if (originator.domain != 'unknown' and originator.domain != ''): print('[unknown type report]', originator.domain) return OriginatorType.Unknown
hostdeny = [] if (path.isfile(path.expanduser("~/.jam927_hostdeny"))): conf_file = open(path.expanduser("~/.jam927_hostdeny"), "rb") hostdeny = pickle.load(conf_file) conf_file.close() else: conf_file = open(path.expanduser("~/.jam927_hostdeny"), "wb") pickle.dump(hostdeny, conf_file) conf_file.close() def add_host(ipstr): try: hostdeny except:this hostfilter_init() ip = ipaddr(ipstr) if ip in hostdeny: raise Exception("IP address already exists in configuration.") else: hostdeny.append(ip) conf_file = open(path.expanduser("~/.jam927_hostdeny"), "wb") pickle.dump(hostdeny, conf_file) conf_file.close() def remove_host(ipstr): try: hostdeny except: hostfilter_init() ip = ipaddr(ipstr) if ip not in hostdeny:
def get_name(self, domain): global wildcard, addresses try: if sys.stdout.isatty(): # Don't spam output if redirected size = int(os.popen('stty size', 'r').read().split( )[1]) - 1 # Get terminal width in order to clean output later sys.stdout.write(domain + " " * (size - len(domain)) + "\r") sys.stdout.flush() else: size = 0 res = lookup(domain, recordtype) if args.tld and res: nameservers = sorted(list(res)) ns0 = str(nameservers[0])[:-1] # First nameserver sys.stdout.write(" " * size + "\r") sys.stdout.flush() print(domain + " - " + col.brown + ns0 + col.end) if args.tld: if res: sys.stdout.write(" " * size + "\r") sys.stdout.flush() print(domain + " - " + res) return for rdata in res: address = rdata.address if wildcard: for wildcard_ip in wildcard: if address == wildcard_ip: return sys.stdout.write(" " * size + "\r") sys.stdout.flush() if args.no_ip: print(col.brown + domain + col.end) break elif args.domain_first: print(domain + " - " + col.brown + address + col.end) else: print(address + " - " + col.brown + domain + col.end) if outfile: if args.domain_first: print(domain + " - " + address, file=outfile) else: print(address + " - " + domain, file=outfile) try: addresses.add(ipaddr(unicode(address))) except NameError: addresses.add(ipaddr(str(address))) if ( domain != target and \ args.recurse and \ domain.count('.') - target.count('.') <= args.maxdepth ): # Check if subdomain is wildcard so can filter false positives in the recursive scan wildcard = get_wildcard(domain) for wildcard_ip in wildcard: try: addresses.add(ipaddr(unicode(wildcard_ip))) except NameError: addresses.add(ipaddr(str(wildcard_ip))) add_target(domain) # Recursively scan subdomains except: pass
def _real_get_domain(ip): ipobj = ipaddr(ip) for cidr, domain in dmap: if ipobj in cidr: return domain return None