def run(self): for nameserver in self.resolvers: self.dns_handlers.append( aiodns.DNSResolver(nameservers=[nameserver], loop=self.loop, timeout=self.timeout, tries=1)) if not self.dns_handlers: self.dns_handlers.append(aiodns.DNSResolver(loop=self.loop)) for domain in self.domains: self.loop.run_until_complete(self._run(domain))
async def check(self): loop = asyncio.get_event_loop() resolver = aiodns.DNSResolver(loop=loop, timeout=4) if len(self.nameserver) == 0\ else aiodns.DNSResolver(loop=loop, timeout=4, nameservers=self.nameserver) results = await self.query_all(resolver) for host, address in results: self.realhosts.append(host) self.addresses.update({addr for addr in address}) # address may be a list of ips # and do a set comprehension to remove duplicates self.realhosts.sort() self.addresses = list(self.addresses) return self.realhosts, self.addresses
async def resolve_scopes(self, scopes_ids, project_uuid): """ Using all the ids of scopes, resolve the hosts, now we resolve ALL the scopes, that are related to the project_uuid """ self.resolver_called += 1 with self.session_spawner.get_session() as session: # Select all hosts from the db project_hosts = session.query(HostDatabase).filter( HostDatabase.project_uuid == project_uuid).options( joinedload(HostDatabase.ip_addresses)).all() if scopes_ids is None: to_resolve = project_hosts else: # Yet we cannot resolve only specific hosts. # TODO: add such possibility to_resolve = list( filter(lambda x: x.id in scopes_ids, project_hosts)) loop = asyncio.get_event_loop() try: nameservers_ips = await get_nameservers(map( lambda host: host.target, to_resolve), logger=self.logger) resolver = aiodns.DNSResolver(loop=loop, nameservers=nameservers_ips) except Exception as exc: self.logger.error("{} during resolver setup {}@{}".format( str(exc), scopes_ids, project_uuid)) resolver = aiodns.DNSResolver(loop=loop) current_retries = 0 while current_retries < 3: resolve_results = await self._resolve(to_resolve, resolver) total_ips, failed_hosts = await self.parse_resolve_results( resolve_results, project_uuid, nameservers_ips) to_resolve = failed_hosts current_retries += 1 if self.resolver_called % 5 == 0: print(self.debug_resolve_results) self.logger.info("Successfully resolved {} ips @{}".format( len(to_resolve), project_uuid)) return (total_ips, 0)
def get_discoverer( host, port, discovery_host, discovery_port, selector: Optional[Selector] = None, retry_policy: Optional[DiscoveryRetryPolicy] = None, ): if discovery_host is None: LOG.info("Using single-node discoverer") retry_policy = retry_policy or DiscoveryRetryPolicy( retries_per_node=KEEP_RETRYING) return SingleNodeDiscovery( NodeService(host or "localhost", port, None), retry_policy) try: socket.inet_aton(discovery_host) LOG.info("Using cluster node discovery with a static seed") return ClusterDiscovery( StaticSeedFinder( [NodeService(discovery_host, discovery_port, None)]), retry_policy or DiscoveryRetryPolicy(), selector, ) except socket.error: LOG.info("Using cluster node discovery with DNS") resolver = aiodns.DNSResolver() return ClusterDiscovery( DnsSeedFinder(discovery_host, resolver, discovery_port), retry_policy or DiscoveryRetryPolicy(), selector, )
def __init__(self): config = configparser.ConfigParser() config.read('config.ini') def write_config_file(): config.write(open('config.ini', 'w')) try: self.vt_api_key = config["API_KEY"][ "virus_total"] # Edit config file with your virus total API key. except: config["API_KEY"] = {"virus_total": ""} write_config_file() self.vt_api_key = config["API_KEY"]["virus_total"] self.loop = asyncio.get_event_loop() self.resolver = aiodns.DNSResolver(loop=self.loop) print(self.banner) if len(sys.argv) < 2: sys.exit( input( "[!] Usage: python3 NstatResolver.py NstatLogger-00-00-00.csv" )) elif len(sys.argv) > 2: sys.exit( input( "[!] Usage: python3 NstatResolver.py NstatLogger-00-00-00.csv" )) self.reslove_func(sys.argv[1])
async def srv_records(cls, service: SRV_TYPE, domain: str) -> List['SRVRecord']: """Return list of SRV records for the given SRV type and for the given domain. Parameters ---------- service : SRV_TYPE One of the SRV_TYPE constants designating the desired XMPP service. domain : str The Domain to test. """ proto = 'tcp' resolver = aiodns.DNSResolver() query = '_%s._%s.%s' % (service.value, proto, domain) try: results = await resolver.query(query, 'SRV') except aiodns.error.DNSError as e: tag.error(0, 'No SRV record "%s" for domain %s' % (query, domain), 'dns') return [] return [ cls(service=service.value, proto=proto, domain=domain, ttl=r.ttl, priority=r.priority, weight=r.weight, port=r.port, target=r.host) for r in results ]
async def do_work(self, work_queue): resolver = aiodns.DNSResolver(loop=self.loop, nameservers=self.nameservers, timeout=2, tries=1) while not work_queue.empty(): domain = await work_queue.get() try: res = await resolver.query(domain, self.qtype) self.results[domain] = res except aiodns.error.DNSError as e: error_code = e.args[0] if error_code == aiodns.error.ARES_ECONNREFUSED: self.results[domain] = "CONNECTION_REFUSED" elif error_code == aiodns.error.ARES_ENODATA: self.results[domain] = "NODATA" elif error_code == aiodns.error.ARES_ENOTFOUND: self.results[domain] = "NXDOMAIN" elif error_code == aiodns.error.ARES_EREFUSED: self.results[domain] = "REFUSED" elif error_code == aiodns.error.ARES_ESERVFAIL: self.results[domain] = "SERVFAIL" elif error_code == aiodns.error.ARES_ETIMEOUT: self.results[domain] = "TIMEOUT" else: self.results[domain] = "UNKNOWN_STATUS" except Exception as e: print(e) work_queue.task_done()
async def dns_resolve(domain, dns_server, sem, async_loop): """ Return IP string if domain has a DNA A record on this DNS server, False otherwise. """ resolver = aiodns.DNSResolver(nameservers=(dns_server, ), loop=async_loop) timeout = BASE_DNS_TIMEOUT_S for attempt in range(1, MAX_DNS_ATTEMPTS + 1): coroutine = resolver.query(domain, "A") try: async with sem: response = await asyncio.wait_for(coroutine, timeout=timeout, loop=async_loop) except asyncio.TimeoutError: jitter = random.randint(-20, 20) / 100 timeout = BASE_DNS_TIMEOUT_S + jitter continue except aiodns.error.DNSError: return False try: ip = response[0].host except IndexError: return False break else: # too many failed attemps return False return ip
async def main(loop): resolver = aiodns.DNSResolver(loop=loop) for domain in ('example.com', 'google.com', 'ns', 'test', 'fails'): await query(resolver, domain, 'A') await query(resolver, 'example.com', 'MX') await query(resolver, 'foobar.example.com', 'A') await query(resolver, 'testing.com', 'TXT')
async def test_server(server): resolver = aiodns.DNSResolver(nameservers=[server]) try: answers = await resolver.query('public-dns-a.baidu.com', "A") if answers[0].host != '180.76.76.76': raise Exception('[AWIScan] %s return incorrect DNS response' % server) else: try: await resolver.query('test.bad.dns.iassas.com', "A") with open('output/AWIScan/bad_dns_servers.txt', 'a') as f: f.write(server + '\n') logger.warning("[AWIScan] Bad DNS Server found %s" % server) except aiodns.error.DNSError as e: if b"DNS server returned answer with no data" == e.args[1]: CONF.dns_servers.append(server) elif b"Timeout while contacting DNS servers" == e.args[1]: logger.warning( "[AWIScan] %s DNS Server test error. Please verify." % server) logger.info('[AWIScan] DNS Server %s < OK > Found %s' % (server.ljust(16), len(CONF.dns_servers))) except Exception as e: logger.warning("[AWIScan] DNS Server %s <Fail> Found %s" % (server.ljust(16), len(CONF.dns_servers)))
async def _get_ip_address(hostname, resolver_address, query_type): """Get IP address""" _LOGGER.info("GET_ADDRESS - Started IP address resolver") response = None try: resolver = aiodns.DNSResolver() resolver.nameservers = [resolver_address] try: response = await resolver.query(hostname, query_type) _LOGGER.info("GET_ADDRESS - Got response from Resolver: %s", response) except DNSError as err: _LOGGER.warning("GET_ADDRESS - Unable to resolve host: %s", err) except: _LOGGER.warning( 'GET_ADDRESS - Unable to setup the Resolver for "resolver" %s', resolver_address, ) if response: _LOGGER.info("GET_ADDRESS - Got IP address") response = response[0].host else: _LOGGER.warning("GET_ADDRESS - No IP address returned by Resolver") _LOGGER.info("GET_ADDRESS - Finished IP address resolver") return response
def __init__(self, subdomain_list, domain, domain_result, domain_count, ctnum, retrycount, dns_servers=None): self.loop = asyncio.get_event_loop() self.subdomain_list = subdomain_list self.resolver = aiodns.DNSResolver(timeout=2, loop=self.loop) self.domain = domain self.domain_result = domain_result self.scan_remain = domain_count self.domain_count = domain_count self.find_total = 0 self.retrycount = retrycount # retry max number self.semaphore = asyncio.Semaphore( ctnum) # limit the number of coroutines self.checkGA = set() #check General analysis self.errordomain = [] # retry to query dns if dns_servers is None: self.resolver.nameservers = [ '119.29.29.29', '223.5.5.5', '114.114.114.114' ] else: self.resolver.nameservers = dns_servers
def __init__(self,nameservers=[],timeout=2,loop=None): self.resolver = aiodns.DNSResolver() self.loop = loop if loop else asyncio.get_event_loop() self.lookup_history = {} self.rlookup_history = {} if nameservers: self.resolver.nameservers = nameservers
def __init__( self, name: str, hostname: str, resolver: str, ipv6: bool, ) -> None: """Initialize the DNS IP sensor.""" self._attr_name = f"{name} IPv6" if ipv6 else name self._attr_unique_id = f"{hostname}_{ipv6}" self.hostname = hostname self.resolver = aiodns.DNSResolver() self.resolver.nameservers = [resolver] self.querytype = "AAAA" if ipv6 else "A" self._attr_extra_state_attributes = { "Resolver": resolver, "Querytype": self.querytype, } self._attr_device_info = DeviceInfo( entry_type=DeviceEntryType.SERVICE, identifiers={(DOMAIN, f"{hostname}_{ipv6}")}, manufacturer="DNS", model=aiodns.__version__, name=hostname, )
def __init__(self, dest: str, port: int = 33434, max_hops: int = 30, timeout: int = 1, packet_size: int = 60) -> None: try: socket.inet_aton(dest) self.dest_addr = dest except socket.error: self.dest_addr = socket.gethostbyname(dest) self.port = port self.max_hops = max_hops self.timeout = timeout self.packet_size = packet_size self.i = 0 self._ttl = 0 self._loop = asyncio.get_event_loop() self._resolver = aiodns.DNSResolver(loop=self._loop) self._queue = asyncio.Queue() # type: asyncio.Queue[Tuple[bytes, Any]] self._rx = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_ICMP) self._tx = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP) self._loop.add_reader( self._rx, lambda: self._queue.put_nowait(self._rx.recvfrom(512)))
async def parse_data( wordlist: str, domainlist: str, nameservers: Union[str, None] ) -> None: """This function loads the specified worlist and domainlist and runs the resolve function""" with open(wordlist, "r") as file_handler: word_list = file_handler.read().splitlines() with open(domainlist, "r") as file_handler: domain_list = file_handler.read().splitlines() if nameservers is None: name_servers = None else: with open(nameservers, "r") as file_handler: name_servers = file_handler.read().splitlines() resolver = aiodns.DNSResolver(nameservers=name_servers) tasks = [ check_takeover(f"{subdomain}.{domain}", resolver) for subdomain in word_list for domain in domain_list ] resolved = await asyncio.gather(*tasks) resolved = [x for x in resolved if x[1] is not None] log.debug("Domains resolved: %d", len(resolved))
async def send_one_ping(my_socket, dest_addr, id_, timeout): """ this function send one ping to the given address "dest_addr" """ try: resolver = aiodns.DNSResolver(timeout=timeout, tries=1) dest_addr = await resolver.gethostbyname(dest_addr, socket.AF_INET) dest_addr = dest_addr.addresses[0] except aiodns.error.DNSError: raise ValueError("Unable to resolve host") # Header is type (8), code (8), checksum (16), id (16), sequence (16) my_checksum = 0 header = struct.pack("bbHHh", ICMP_ECHO_REQUEST, 0, my_checksum, id_, 1) bytes_in_double = struct.calcsize("d") data = (192 - bytes_in_double) * "Q" data = struct.pack("d", default_timer()) + data.encode("ascii") my_checksum = checksum(header + data) header = struct.pack("bbHHh", ICMP_ECHO_REQUEST, 0, socket.htons(my_checksum), id_, 1) packet = header + data loop = asyncio.get_event_loop() await loop.sock_connect(my_socket, (dest_addr, 1)) await loop.sock_sendall(my_socket, packet)
def __init__(self, host, port, *, trust_forwarded_for, ssl=None): self.host = host self.port = port self.trust_forwarded_for = trust_forwarded_for self.ssl = ssl self.loop = asyncio.get_event_loop() self.resolver = aiodns.DNSResolver(loop=self.loop) self.start_time = time.time() self.processed = 0 self.avg_latency_sec = 0 # URL: include some basic metadata inside the URL -- mozilla found # they needed to do this to allow fast sharding at high data # rates. maybe the instance-id and the submission-nonce? (mozilla's # metadata is which app, which version of it, which ping type, etc.) # -- https://bugzilla.mozilla.org/show_bug.cgi?id=860846 include a # version number of course. # POST incoming.sempervirens.whereever.org/1.0/submit/<instance-id>/<submission-nonce> # POST incoming.sempervirens.whereever.org/1.0/opt-out/<instance-id> self.app = web.Application(loop=self.loop) self.app.router.add("GET", "/", self.root) self.app.router.add("POST", "/1.0/submit/{install_id}", self.submit) self.app.router.add("POST", "/1.0/opt-out/{install_id}", self.opt_out)
def get_discoverer(host, port, discovery_host, discovery_port, selector: Optional[Selector] = None): if discovery_host is None: LOG.info("Using single-node discoverer") return SingleNodeDiscovery(NodeService(host or "localhost", port, None)) session = aiohttp.ClientSession() try: socket.inet_aton(discovery_host) LOG.info("Using cluster node discovery with a static seed") return ClusterDiscovery( StaticSeedFinder( [NodeService(discovery_host, discovery_port, None)]), session, DiscoveryRetryPolicy(), selector, ) except socket.error: LOG.info("Using cluster node discovery with DNS") resolver = aiodns.DNSResolver() return ClusterDiscovery( DnsSeedFinder(discovery_host, resolver, discovery_port), session, DiscoveryRetryPolicy(), selector, )
def GetHostByName(filename, oOutput, options): hostnames = File2Strings(filename) if hostnames == None: print('Error reading file %s' % filename) return if options.transform != '': hostnames = [ options.transform.replace('%%', hostname) for hostname in hostnames ] loop = asyncio.get_event_loop() oResolver = aiodns.DNSResolver(loop=loop, nameservers=ParseOptionNameservers( options.nameservers)) while len(hostnames) > 0: queue = asyncio.gather(*(GethostbynameAsync(oResolver, ipv4) for ipv4 in hostnames[:options.number])) result = loop.run_until_complete(queue) for resolve in result: if isinstance(resolve[1], pycares.ares_host_result): oOutput.Line('%s,1,%s' % (resolve[0], ';'.join(resolve[1].addresses))) elif isinstance(resolve[1], aiodns.error.DNSError): oOutput.Line('%s,0,%s' % (resolve[0], resolve[1].args[1])) else: print(resolve) raise Exception('Unknown') hostnames = hostnames[options.number:]
def perform_ptr_lookups(ips, dns_servers=None): """ Perform DNS reverse lookups for IP addresses to find corresponding DNS name Parameters ---------- ips: list list of IP addresses to look up dns_servers: list list of DNS servers to use to look up list of IP addresses Returns ------- dict: of {"ip": "hostname"} for requested ips, hostname will be None if no hostname returned """ loop = asyncio.get_event_loop() resolver = aiodns.DNSResolver(loop=loop) if dns_servers is not None: if isinstance(dns_servers, list): log.debug2("using provided DNS servers to perform lookup: %s" % ", ".join(dns_servers)) resolver.nameservers = dns_servers else: log.error(f"List of provided DNS servers invalid: {dns_servers}") queue = asyncio.gather(*(reverse_lookup(resolver, ip) for ip in ips)) results = loop.run_until_complete(queue) # return dictionary instead of a list of dictionaries return {k: v for x in results for k, v in x.items()}
def ctfr_scan(self): subdomains = [] req = requests.get( "https://crt.sh/?q=%.{d}&output=json".format(d=self.target_domain)) if req.status_code != 200: print("[X] Information not available!") exit(1) json_data = json.loads('[{}]'.format(req.text.replace('}{', '},{'))) for (key, value) in enumerate(json_data): subdomains.append(value['name_value']) subdomains = sorted(set(subdomains)) if self.show_expired: loop = asyncio.get_event_loop() for s in subdomains: try: resolver = aiodns.DNSResolver(loop=loop, nameservers=[self.dns]) f = resolver.query(s, 'A') result = loop.run_until_complete(f) print("[-] {s}".format(s=s)) self.subdomains.append(s) except Exception as e: pass else: for s in subdomains: print("[-] {s}".format(s=s)) self.subdomains.append(s)
def __init__(self, *, loop=None, middleware=(), defaults=None, debug=False, dialplan=BaseDialplan(), dns_resolver=aiodns.DNSResolver()): if loop is None: loop = asyncio.get_event_loop() if defaults: self.defaults = {**DEFAULTS, **defaults} else: self.defaults = DEFAULTS self.debug = debug self.dns = dns_resolver self._finish_callbacks = [] self._state = {} self._dialogs = {} self._connectors = { UDP: UDPConnector(self, loop=loop), TCP: TCPConnector(self, loop=loop), WS: WSConnector(self, loop=loop) } self._middleware = middleware self._tasks = list() self.dialplan = dialplan self.loop = loop
async def resolve_list(self, loop, domain_list): resolver = aiodns.DNSResolver(loop=loop, nameservers=self.nameservers, timeout=2, tries=1) for domain in domain_list: try: res = await resolver.query(domain, self.qtype) self.results[domain] = res[0][0] except aiodns.error.DNSError as e: error_code = e.args[0] if error_code == aiodns.error.ARES_ECONNREFUSED: self.results[domain] = "DNS ERROR: CONNECTION_REFUSED" elif error_code == aiodns.error.ARES_ENODATA: self.results[domain] = "DNS ERROR: NODATA" elif error_code == aiodns.error.ARES_ENOTFOUND: self.results[domain] = "DNS ERROR: NOTFOUND" elif error_code == aiodns.error.ARES_EREFUSED: self.results[domain] = "DNS ERROR: REFUSED" elif error_code == aiodns.error.ARES_ESERVFAIL: self.results[domain] = "DNS ERROR: SERVFAIL" elif error_code == aiodns.error.ARES_ETIMEOUT: self.results[domain] = "DNS ERROR: TIMEOUT" else: self.results[domain] = "DNS ERROR: UNKNOWN_STATUS" except Exception as e: print(e) return(self.results)
def __init__(self, name: str, hostname: str, resolver: str, ipv6: bool) -> None: """Initialize the DNS IP sensor.""" self._attr_name = name self.hostname = hostname self.resolver = aiodns.DNSResolver() self.resolver.nameservers = [resolver] self.querytype = "AAAA" if ipv6 else "A"
def __init__(self, subdomain_list, domain, allip_dict, timeout_domain, create_limit, next_scan, domain_result, dns_servers=None): self.loop = asyncio.get_event_loop() self.subdomain_list = subdomain_list self.resolver = aiodns.DNSResolver(timeout=2, loop=self.loop) if dns_servers is None: # '192.168.102.81','192.168.102.82' self.resolver.nameservers = [ '223.5.5.5', '223.6.6.6', '114.114.114.114' ] self.domain = domain self.allip_dict = allip_dict self.ip_con = 5 self.domain_result = domain_result self.scan_total = 0 self.find_total = 0 self.semaphore = asyncio.Semaphore( 8000) # 协程并发最大 大佬建议是10000 我觉得2000-5000差不多 也不怎么慢 self.timeout_domain = timeout_domain self.next_scan = next_scan self.create_limit = create_limit # 扫描队列分组为了减少内存开销 异步的task内存占用是在是....可调 self.limit_timeout = 6 # 超时重试次数 默认重试6次
def __init__(self, json_entry): """ Init class structure. Each module takes a JSON entry object which can pass different values to the module with out changing up the API. adapted form Empire Project: https://github.com/EmpireProject/Empire/blob/master/lib/modules/python_template.py :param json_entry: JSON data object passed to the module. """ module_helpers.RequestsHelpers.__init__(self) self.json_entry = json_entry self.info = { # mod name 'Module': 'subdomain_bruteforce.py', # long name of the module to be used 'Name': 'Recursive Subdomain Bruteforce Using Wordlist', # version of the module to be used 'Version': '1.0', # description 'Description': ['Uses lists from dnspop', 'with high quality dns resolvers.'], # authors or sources to be quoted 'Authors': ['@Killswitch-GUI', '@blark'], # list of resources or comments 'comments': [ 'Searches and performs recursive dns-lookup.', ' adapted from https://github.com/blark/aiodnsbrute/blob/master/aiodnsbrute/cli.py' ], # priority of module (0) being first to execute 'priority': 0 } self.options = {} # ~ queue object self.word_count = int(self.json_entry['args'].wordlist_count) self.word_list_queue = queue.Queue(maxsize=0) self.tasks = [] self.domain = '' self.errors = [] self.fqdn = [] asyncio.set_event_loop_policy(uvloop.EventLoopPolicy()) self.loop = asyncio.get_event_loop() self.resolver = aiodns.DNSResolver(loop=self.loop, rotate=True) # TODO: make max tasks defined in config.json self.max_tasks = 512 # TODO: make total set from wordcount in config.json self.sem = asyncio.BoundedSemaphore(self.max_tasks) self.cs = core_scrub.Scrub() self.core_args = self.json_entry['args'] self.core_resolvers = self.json_entry['resolvers']
def __init__(self, domain: str): Module.__init__(self) self.domain = self.register(domain) self.module = 'dnsquery' self.source = "BruteSRV" self.loop = asyncio.new_event_loop() self.nameservers = resolver_nameservers self.resolver = aiodns.DNSResolver(self.nameservers, self.loop)
def test_query_timeout(self): self.resolver = aiodns.DNSResolver(timeout=0.1, loop=self.loop) self.resolver.nameservers = ['1.2.3.4'] f = self.resolver.query('google.com', 'A') try: self.loop.run_until_complete(f) except aiodns.error.DNSError as e: self.assertEqual(e.args[0], aiodns.error.ARES_ETIMEOUT)
async def run(): loop = asyncio.get_event_loop() resolver = aiodns.DNSResolver(loop=loop) hosts = ("invalid1", "invalid2") for host in hosts: await query(host, "A", resolver)