def name(self): name = self.env(self._env_name_key) if name: return name.strip() return self._container[NAME].strip("/")
def process_thread(filename, name, supposed_soa): outputf = open(name.strip("") + "_rrsig.txt", "w") inputf = open(filename, "rb") pcap = dpkt.pcap.Reader(inputf) count = 0 outline = [] for ts, buf in pcap: count += 1 if count % 500 == 0: print(count, "packets.") # break try: eth = dpkt.ethernet.Ethernet(buf) ip = eth.data resolver = socket.inet_ntoa(ip.src) ip_dst = socket.inet_ntoa(ip.dst) try: udp = ip.data dns_obj = dns.message.from_wire(udp.data) outline_soa = "" query_domain = "" for rr in dns_obj.question: query_domain = rr.name.to_text().lower() for rr in dns_obj.answer: qname = rr.name.to_text().lower() if qname != ".": continue # check records in the authority section. if rr.rdtype == dns.rdatatype.RRSIG: qdata = rr.items # print type(rr) print(rr) dns.dnssec.validate(root_ns_rrs, rr, root_public_keys, None, when) # print resolver for rr in dns_obj.authority: qname = rr.name.to_text().lower() if qname != ".": continue # check records in the authority section. if rr.rdtype == dns.rdatatype.RRSIG: qdata = rr.items[0] if qdata.type_covered == dns.rdatatype.SOA: # print type(rr) print rr dns.dnssec.validate(root_soa_rrs, rr, root_public_keys, None, None) # print resolver except Exception as e: print("Error:", resolver, ip_dst, e) # continue except Exception as e: continue inputf.close() for line in sorted(outline): outputf.write(line + "\n")
def name_addr_mappings_from_string(mappings): mappings_set = set() mappings = mappings.split(',') i = 1 for mapping in mappings: try: name, addr = mapping.rsplit('=', 1) except ValueError: # first see if it's a plain IP address try: addr = IPAddr(mapping.strip()) except ValueError: # if not, then assign name to mapping name = mapping addr = None else: # if it's an IP with no name specified, then create # a name name = 'ns%d' % i i += 1 else: addr = addr.strip() name = name.strip() try: name = dns.name.from_text(name) except dns.exception.DNSException: usage('The domain name was invalid: "%s"' % name) sys.exit(1) # no address is provided, so query A/AAAA records for the name if addr is None: query_tuples = ((name, dns.rdatatype.A, dns.rdataclass.IN), (name, dns.rdatatype.AAAA, dns.rdataclass.IN)) answer_map = resolver.query_multiple_for_answer(*query_tuples) found_answer = False for a in answer_map.values(): if isinstance(a, DNSAnswer): found_answer = True for a_rr in a.rrset: mappings_set.add((name, IPAddr(a_rr.to_text()))) # negative responses elif isinstance(a, (dns.resolver.NXDOMAIN, dns.resolver.NoAnswer)): pass # error responses elif isinstance(a, (dns.exception.Timeout, dns.resolver.NoNameservers)): usage('There was an error resolving "%s". Please specify an address or use a name that resolves properly.' % fmt.humanize_name(name)) sys.exit(1) if not found_answer: usage('"%s" did not resolve to an address. Please specify an address or use a name that resolves properly.' % fmt.humanize_name(name)) sys.exit(1) # otherwise, add the address elif not addr: usage('No IP address was supplied.') sys.exit(1) else: if addr and addr[0] == '[' and addr[-1] == ']': addr = addr[1:-1] try: addr = IPAddr(addr) except ValueError: usage('The IP address was invalid: "%s"' % addr) sys.exit(1) mappings_set.add((name, addr)) return mappings_set