def getdns(self, domain):
DNS.ParseResolvConf("/etc/resolv.conf")
# nameserver=DNS.defaults['server'][0]
dom = domain
if self.subdo == True:
dom = domain.split(".")
dom.pop(0)
rootdom = ".".join(dom)
else:
rootdom = dom
if self.nameserver == "":
try:
r = DNS.Request(rootdom, qtype='SOA').req()
primary, email, serial, refresh, retry, expire, minimum = r.answers[
0]['data']
test = DNS.Request(rootdom, qtype='NS', server=primary,
aa=1).req()
except Exception as e:
print e
if test.header['status'] != "NOERROR":
print "Error"
sys.exit()
self.nameserver = test.answers[0]['data']
elif self.nameserver == "local":
self.nameserver = nameserver
return self.nameserver
def record_judge(query):
try:
DNS.DiscoverNameServers()
reqobj = DNS.Request()
answerobj_a = reqobj.req(name=query,
qtype=DNS.Type.A,
server="222.194.15.253")
if len(answerobj_a.answers):
return 1
else:
pass
except:
pass
try:
DNS.DiscoverNameServers()
reqobj = DNS.Request()
answerobj_a = reqobj.req(name=query,
qtype=DNS.Type.MX,
server="222.194.15.253")
if len(answerobj_a.answers):
return 1
else:
pass
except:
pass
return 0
def get_ns(domain, verbose, timeout):
""" return NS servers for a given domain """
# hm. this might fail if a server is off the air.
request = DNS.Request(domain, qtype='SOA', timeout=timeout).req()
if request.header['status'] != 'NOERROR':
error_msg("received status of %s when attempting to look up SOA for %s" % \
(request.header['status'], domain))
primary, email, serial, refresh, retry, expire, minimum = \
request.answers[0]['data']
if verbose is True:
print("Primary nameserver for domain %s is: %s" % (domain, primary))
try:
request = DNS.Request(domain, qtype='NS', server=primary, aa=1, timeout=timeout).req()
if request.header['status'] != 'NOERROR':
error_msg("received status of %s when attempting to query %s for %s NS" % \
(request.header['status'], primary, domain))
if request.header['aa'] != 1:
error_msg("primary NS %s of %s doesn't believe that it's authoritative for %s!" % \
domain, primary, domain)
nslist = [x['data'] for x in request.answers]
return nslist
#pylint: disable=broad-except
except Exception as error:
error_msg("Problem getting NS on %s for %s: %s" % (primary, domain, error))
return []
def GetNS(domain):
import DNS
# hm. this might fail if a server is off the air.
r = DNS.Request(domain, qtype='SOA').req()
if r.header['status'] != 'NOERROR':
Error(
"received status of %s when attempting to look up SOA for domain" %
(r.header['status']))
if r.header['status'] == 'NXDOMAIN':
print("SOA request was NXDOMAIN")
primary = ''
else:
if r.answers:
primary, email, serial, refresh, retry, expire, minimum = r.answers[
0]['data']
print("Primary nameserver for domain %s is: %s" %
(domain, primary))
else:
print("No answer to SOA query")
primary = ''
r = DNS.Request(domain, qtype='NS', server=primary, aa=1).req()
if r.header['status'] != 'NOERROR':
Error("received status of %s when attempting to query %s for NSs" %
(r.header['status']))
if r.header['aa'] != 1 and primary is not '':
Error("primary NS %s doesn't believe that it's authoritative!" %
primary)
nslist = [x['data'] for x in r.answers]
print("Full list of nameservers for domain %s is: %s" % (domain, nslist))
return nslist
def clean(self, value):
""" Make sure the e-mail address is sane """
email = super(ValidHostEmailField, self).clean(value)
email_parts = email.split("@")
if len(email_parts) != 2:
raise forms.ValidationError(
'E-mail addresses must be of the form "name@host"')
email_host = email_parts[1].encode('ascii')
try:
import DNS
try:
DNS.DiscoverNameServers()
if len(DNS.Request(
qtype='a').req(email_host).answers) == 0 and len(
DNS.Request(
qtype='mx').req(email_host).answers) == 0:
raise forms.ValidationError(
'"%s" is not a valid e-mail host' % email_host)
except (IOError, DNS.DNSError): # (no resolv.conf, no nameservers)
pass
except ImportError: # no PyDNS
pass
return email
def generic_DNS_resolve(experiment_hostname, experiment_resolver):
if experiment_resolver == None:
req = DNS.Request(name=experiment_hostname) # local resolver
else:
req = DNS.Request(name=experiment_hostname, server=experiment_resolver) #overide
resolved_data = req.req().answers
return resolved_data
def lookup_ip_address(hostname, ipv6):
"""
Try to get IPv4 or IPv6 addresses for the given hostname
"""
DNS.DiscoverNameServers()
try:
if ipv6:
dns_request = DNS.Request(name=hostname, qtype=DNS.Type.AAAA).req()
else:
dns_request = DNS.Request(name=hostname, qtype=DNS.Type.A).req()
except DNS.DNSError as message:
print("DNS Error: %s (%s)" % (message, hostname))
return None
if dns_request.header['status'] != 'NOERROR':
print("DNS Error: status=%s (%s)" %
(dns_request.header['status'], hostname))
return None
for answer in dns_request.answers:
if ('data' not in answer) or (not answer['data']):
continue
if (ipv6 and answer['typename'] != 'AAAA') or (
not ipv6 and answer['typename'] != 'A'):
continue # skip CNAME records
if ipv6:
return inet_ntop(AF_INET6, answer['data'])
else:
return answer['data']
return None
def dnslookup(value, key, qdict):
if value[u"map"][key].has_key(u"ns"):
x = DNS.Request(server="8.8.8.8")
if type(value[u"map"][key][u"ns"]) == types.UnicodeType:
y = x.req(str(value[u"map"][key][u"ns"])).answers[0]["data"]
else:
y = x.req(str(value[u"map"][key][u"ns"][0])).answers[0]["data"]
ns = DNS.Request(server=y)
return ns.req(name=qdict["domain"], qtype=qdict["qtype"]).answers[0]
def test_soa_update_on_rm(self):
"""Test if SOA serial is updated on record remove"""
dns_request = DNS.Request(server='pdns')
response = dns_request.req(name='example.com')
old_serial = get_serial(response.authority[0]['data'])
time.sleep(1)
self.delete(self.record_url)
dns_request = DNS.Request(server='pdns')
response = dns_request.req(name='example.com')
new_serial = get_serial(response.authority[0]['data'])
self.assertGreater(new_serial, old_serial)
def find_ns(fqdn_domain):
"""
获取域名的NS名称
注意:部分是多级NS,所以需要进行两次判断
"""
# print 'find ns: ' + fqdn_domain + '\n'
ns = []
domain_len = len(fqdn_domain.split('.')) # 点的个数用来计算能获取几次"次级域名"
for i in range(0, domain_len):
req_obj = DNS.Request()
try:
answer_obj = req_obj.req(name=fqdn_domain,
qtype=DNS.Type.NS,
server=server,
timeout=timeout)
except DNS.Error, e:
print e
return [] # 空ns
for i in answer_obj.answers:
if i['typename'] == 'NS':
ns.append(i['data'])
if ns:
print ns
return ns
else:
# print fqdn_domain
# print str(i)
# print "第" + str(i+1) + "次获取NS为空"
fqdn_domain = extract_main_domain(fqdn_domain)
domain_tld = tldextract.extract(fqdn_domain)
# print "提取次级域名为: " + fqdn_domain
if fqdn_domain == domain_tld.suffix:
print ns
return ns
def obtain_ns_ttl(self, fqdn_domain, server):
"""
向服务器server发送ns查询请求,获取域名的ns列表和对应的TTL时间
:param fqdn_domain: 查询的域名
:param server: 服务器名称
:return:
ns:权威服务器列表
ns_tll:权威服务器TTL值列表
True/Flase: 是否有异常
"""
ns, ns_ttl = [], []
req_obj = DNS.Request()
try:
answer_obj = req_obj.req(name=fqdn_domain,
qtype=DNS.Type.NS,
server=server,
timeout=timeout)
except DNS.Error, e:
#print '1获取ns异常:', fqdn_domain, e
try:
answer_obj = req_obj.req(name=fqdn_domain,
qtype=DNS.Type.NS,
server=server,
timeout=timeout)
except DNS.Error, e:
#print "2获取ns异常:",fqdn_domain, e
return [], []
def translate_serial_to_name(serial):
"""
CNAME lookup of device serial numbers to a friendly name. Requires
"serial-XXXXX" entries in the configured "domain". The CNAME entries
should point to the name of the device. For example, if your lookup domain
is "czs.example.com" and the serial number of the device,
(as reported by camcontrol inquiry DEVICENAME -S), is "3413ef34", then this
function will check for the CNAME "serial-3413ef34.czs.example.com". If
such a record existed and were named "czs1234.czs.example.com", this method
would return "czs1234"
Returns the friendly device name on sucess or the serial back as passed
on failure.
"""
# Push the serial to lower case
serial = serial.lower()
# Cleanup serial number to only include valid DNS text and report any
# changes in debug.
nserial = re.sub(r'[^a-z0-9\-]', r'-', serial)
# It must also be no more than 63 chars long, minus "serial-".
# (So, 56 chars or less). Truncation is done starting at the front
# to maintiain the most unique portion in a typical serial.
nserial = nserial[len(nserial) - 56:]
if serial != nserial:
logger.info("Using \"%s\" instead of \"%s\" for CNAME lookup" %
(nserial, serial))
serial = nserial
# The name to resolve
sname = "serial-" + serial + '.' + config['lookup']['domain']
# Give it a go
request = DNS.Request(qtype="CNAME", name=sname)
response = request.req()
if response.answers and 'data' in response.answers[0]:
devname = response.answers[0]['data']
# Verify the result and return with the domain stripped off
if devname.endswith('.' + config['lookup']['domain']):
devname = devname[:-len('.' + config['lookup']['domain'])]
logger.info("Successfully resolved %s to device name %s" %
(serial, devname))
return devname
else:
logger.warning("Invalid data in CNAME lookup for %s: %s" %
(serial, devname))
else:
logger.info(
"Alias not found in DNS - Using device serial number %s for iSCSI name. (Add a CNAME for %s to correct this)"
% (serial, sname))
# Fell through, so just return the serial
return serial
def _request(self, dns, hostname):
request = DNS.Request(qtype='A', server=dns.encode(u'utf8'))
response = request.req(hostname.encode(u'utf8'))
if response.header[u'status'] != u'NOERROR':
raise DNSLookupError(response.header[u'rcode'])
return [(data[u'data'], data[u'ttl']) for data in response.answers]
def connect_gw(gw_url):
if re.search(r'^feed', gw_url):
gw_srv = re.sub(r'feed\://', '_feed._tcp.', gw_url)
srv = True
elif re.search(r'^broker', gw_url):
gw_srv = re.sub(r'broker\://', '_broker2._tcp.', gw_url)
srv = True
elif re.search(r'^.*\..*\.zorg|ghcg.sh|com$', gw_url):
gw_host = gw_url
srv = False
else:
return None
if srv:
DNS.ParseResolvConf()
srv_req = DNS.Request(qtype='srv')
srv_resp = srv_req.req(gw_srv)
gw_host = srv_resp.answers[0]['data'][-1]
logging.debug('gw hostname: {}'.format(gw_host))
ssh_client = paramiko.SSHClient()
ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy)
ssh_client.load_system_host_keys()
ssh_client.connect(gw_host, username=os.getenv('USER'))
return(ssh_client)
def pipe_dig(domain):
#cmd = "dig +short " + domain
#result = os.popen(cmd)
#domains = []
#for line in result:
# domain = line.strip('\r\n.')
# if not re.match("^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", domain):
# domains.append(domain)
domains = []
reqobj = DNS.Request()
try:
answerobj = reqobj.req(name = domain, qtype = DNS.Type.A)
except Exception as e:
print e
return False, domains
if not answerobj:
print "no ansoerobj"
return False, ""
if not len(answerobj.answers):
print "Not found"
return False, "Not found."
for item in answerobj.answers:
if (item["typename"] == "CNAME"):
domains.append(item['data'])
#print domains
return True, domains
def srv_lookup(self, server):
" SRV resolver. Takes server=(host, port) as argument. Returns new (host, port) pair "
if HAVE_DNSPYTHON or HAVE_PYDNS:
host, port = server
possible_queries = ['_xmpp-client._tcp.' + host]
for query in possible_queries:
try:
if HAVE_DNSPYTHON:
answers = [x for x in dns.resolver.query(query, 'SRV')]
if answers:
host = str(answers[0].target)
port = int(answers[0].port)
break
elif HAVE_PYDNS:
# ensure we haven't cached an old configuration
DNS.DiscoverNameServers()
response = DNS.Request().req(query, qtype='SRV')
answers = response.answers
if len(answers) > 0:
# ignore the priority and weight for now
_, _, port, host = answers[0]['data']
del _
port = int(port)
break
except:
self.DEBUG('An error occurred while looking up %s' % query,
'warn')
server = (host, port)
else:
self.DEBUG(
"Could not load one of the supported DNS libraries (dnspython or pydns). SRV records will not be queried and you may need to set custom hostname/port for some servers to be accessible.\n",
'warn')
# end of SRV resolver
return server
def hierquery(qstring,qtype):
reqobj=DNS.Request()
try:
print query
answerobj=reqobj.req(name=query,qtype=qtype)
answers=[x['data'] for x in answerobj.answers if x['type']==qtype]
'''
answers = []
for x in answerobj.answers:
if x['type'] == qtype:
answers.append(x['data'])
'''
print answers
except DNS.Base.DNSError:
answers=[]
if len(answers):
return answers
else:
print 'aaa'
remainder=qstring.split(".",1)
print remainder
if len(remainder)==1:
return None
else:
return hierquery(remainder[1],qtype)
def handle_domain_rc(ns_name,domain):
"""
获取指定dns记录的内容和ttl时间,主要为A记录和CNAME记录
"""
ip,ip_ttl,cname,cname_ttl = [],[],[],[]
req_obj = DNS.Request()
flag = False # 是否获取成功标志,默认为false
# try:
# 取消这里的异常捕获,把异常捕获都至于了ge_ip_cname_td函数中统一处理
try:
answer_obj = req_obj.req(name=domain, qtype=DNS.Type.A, server=ns_name, timeout=timeout)
flag = True # 标志已经获取成功了
except:
pass
if not flag: # 如果没有获取成功,则再获取一次,这里不加异常处理,若还是获取失败,则直接由get_ip_cname_td进行异常捕获
answer_obj = req_obj.req(name=domain, qtype=DNS.Type.A, server=ns_name, timeout=timeout)
for i in answer_obj.answers:
r_data = i['data']
r_ttl = i['ttl']
if i['typename'] == 'A':
ip.append(r_data)
ip_ttl.append(r_ttl)
elif i['typename'] == 'CNAME':
cname.append(r_data)
cname_ttl.append(r_ttl)
return ip, cname
def find_ns(fqdn_domain):
"""
获取域名的NS名称
注意:部分是多级NS,所以需要进行两次判断
"""
ns = []
domain_len = len(fqdn_domain.split('.'))
for i in range(0, domain_len):
req_obj = DNS.Request()
try:
answer_obj = req_obj.req(name=fqdn_domain,
qtype=DNS.Type.NS,
server=server,
timeout=timeout)
except DNS.Error, e:
print '获取NS服务器异常:', e
return [], '' # 空ns
for i in answer_obj.answers:
if i['typename'] == 'NS':
ns.append(i['data'])
if ns:
return ns, fqdn_domain
else:
fqdn_domain = extract_main_domain(fqdn_domain)
domain_tld = tldextract.extract(fqdn_domain)
if fqdn_domain == domain_tld.suffix:
return [], ''
def find_ns_tll(main_domain,ns_name):
"""获取域名NS服务器的默认TTL时间"""
req_obj = DNS.Request()
answer_obj = req_obj.req(name=main_domain, qtype=DNS.Type.NS, server=ns_name,timeout=timeout)
for i in answer_obj.answers:
if i['typename']=='NS' and i['data'] == ns_name:
return i['ttl']
def find_ns(fqdn_domain):
"""
获取域名的NS名称
注意:部分是多级NS,所以需要进行两次判断
"""
ns = []
domain_len = len(fqdn_domain.split('.')) # 点的个数用来计算能获取几次"次级域名"
for i in range(0,domain_len):
req_obj = DNS.Request()
flag = False # 是否获取成功标志,默认为false
# 取消这里的异常捕获,把异常捕获都至于了ge_ip_cname_td函数中统一处理
try:
answer_obj = req_obj.req(name=fqdn_domain, qtype=DNS.Type.NS, server=server, timeout=timeout)
flag = True
except:
pass
if not flag:# 如果没有获取成功,则再获取一次,这里不加异常处理,若还是获取失败,则直接由get_ip_cname_td进行异常捕获
answer_obj = req_obj.req(name=fqdn_domain, qtype=DNS.Type.NS, server=server, timeout=timeout)
for i in answer_obj.answers:
if i['typename'] == 'NS':
ns.append(i['data'])
if ns:
return ns
else:
fqdn_domain = extract_main_domain(fqdn_domain)
domain_tld = tldextract.extract(fqdn_domain)
# print "提取次级域名为: " + fqdn_domain
if fqdn_domain == domain_tld.suffix:
return ns
def get_soa_txt_mx_rr(ns,main_domain):
"""
功能:获取主域名的txt,soa和mx记录(经过测试,www.***.***没有这些记录,因此获取主域名的)
param:ns: 某个ns服务器
param:main_domain:主域名
"""
soa,txt,mx = [],[],[]
req_obj = DNS.Request()
# 请求mx记录
answer_obj = req_obj.req(name=main_domain, qtype=DNS.Type.MX, server=ns, timeout=20)
for i in answer_obj.answers:
if i['typename'] == 'MX':
mx.append(i['data'])
# 请求txt记录
answer_obj = req_obj.req(name=main_domain, qtype=DNS.Type.TXT, server=ns, timeout=20)
for i in answer_obj.answers:
if i['typename'] == 'TXT':
txt.append(i['data'])
# 请求mx记录
answer_obj = req_obj.req(name=main_domain, qtype=DNS.Type.SOA, server=ns, timeout=20)
for i in answer_obj.answers:
if i['typename'] == 'SOA':
soa.append(i['data'])
return soa,txt,mx
def getRemoteResolve(self, host):
dnsserver = dnsHeap[0][1] #heap top
logging.info ("remote resolve " + host + " by " + dnsserver)
reqProtocol = "udp"
if "DNS_PROTOCOL" in gConfig:
if gConfig["DNS_PROTOCOL"] in ["udp", "tcp"]:
reqProtocol = gConfig["DNS_PROTOCOL"]
try:
response = DNS.Request().req(name=host, qtype="A", protocol=reqProtocol, port=gConfig["DNS_PORT"], server=dnsserver)
except:
d = heapq.heappop(dnsHeap)
heapq.heappush(dnsHeap, (d[0]+1, d[1]))
logging.error(host + " resolve fail by " + dnsserver)
return host
#response.show()
#print "answers: " + str(response.answers)
ip = ""
blockedIp = ""
cname = ""
ttl = 0
for a in response.answers:
if a['typename'] == 'CNAME':
cname = a["data"]
else:
ttl = a["ttl"]
if isIpBlocked(a["data"]):
print (host + " => " + a["data"]+" is blocked. ")
blockedIp = a["data"]
continue
ip = a["data"]
if (ip != ""):
if len(self.dnsCache) >= gConfig["DNS_CACHE_MAXSZ"] and self.dnsCacheLock <=0 :
self.dnsCacheLock = 1
logging.debug("purge DNS cache...")
for h in self.dnsCache:
if self.now >= self.dnsCache[h]["expire"]:
del self.dnsCache[h]
logging.debug("purge DNS cache done, now %d" % len(self.dnsCache))
self.dnsCacheLock = 0
if len(self.dnsCache) < gConfig["DNS_CACHE_MAXSZ"]: self.dnsCache[host] = {"ip":ip, "expire":self.now + ttl*2 + 60}
return ip
if (blockedIp != ""):
return blockedIp
if (cname != ""):
return self.getip(cname)
logging.info ("authority: "+ str(response.authority))
for a in response.authority:
if a['typename'] != "NS":
continue
if type(a['data']) == type((1,2)):
return self.getRemoteResolve(host, a['data'][0])
else :
return self.getRemoteResolve(host, a['data'])
print ("DNS remote resolve failed: " + host)
return host
def testDnsRequestSrvD(self):
dnsob = DNS.Request(qtype='srv')
respdef = dnsob.req('_ldap._tcp.openldap.org')
self.assertTrue(respdef.answers)
data = respdef.answers[0]['data']
self.assertEqual(len(data), 4)
self.assertEqual(data[2], 389)
self.assertTrue('openldap.org' in data[3])
def find_ns(domain):
reqobj = DNS.Request()
answerobj_a = reqobj.req(name=domain,
qtype=DNS.Type.NS,
server="222.194.15.253")
print answerobj_a
for i in answerobj_a.answers:
print i
def has_ns(domain):
try:
query = DNS.Request(domain, qtype="NS").req()
except:
time.sleep(0.014)
has_ns(domain)
status = query.header['status']
return (domain, status)
def generic_DNS_censorship(self, experiment_hostname, experiment_resolver,
control_data):
req = DNS.Request(name=experiment_hostname, server=experiment_resolver)
resolved_data = s.req().answers
for answer in range(len(resolved_data)):
if resolved_data[answer]['data'] == control_data:
return True
return False
def get_ns_ips(domain):
req=DNS.Request(domain,qtype=DNS.Type.NS,server='223.6.6.6',timeout=5)
response=req.req()
ips=[]
for ns in response.answers:
temp=get_domain_ip(ns['data'])
for item in temp:
ips.append(item)
return ips
def checkdns(name, dns):
try:
reqobj = DNS.Request()
answerobj = reqobj.req(name=name, server=dns, timeout=3)
if len(answerobj.answers):
return 1
except:
pass
return 0
def dnsrequest(domain):
"""dnsrequest(domain)"""
import DNS
DNS.DiscoverNameServers()
r = DNS.Request()
res = r.req(name=domain, qtype=255)
for i in res.answers:
print('%-5s %s' % (i['typename'], i['data']))
if not res.answers: print('Domain not found')
