def whois(url):
# clean domain to expose netloc
domain = extract_domain(url)
# call whois command with domain
nic_client = NICClient()
text = nic_client.whois_lookup(None, domain, 0)
return WhoisEntry.load(domain, text)
def whois(url):
# clean domain to expose netloc
domain = extract_domain(url)
# call whois command with domain
nic_client = NICClient()
text = nic_client.whois_lookup(None, domain, 0)
return WhoisEntry.load(domain, text)
def query(domain):
domain = domain.lower()
tld = domain[(domain.find('.') + 1):]
target = tld + '_domains'
record = db[target].find_one({'_id': domain}, {'_id': 1, 'updatedAt': 1})
if record is not None: # existed
days = (datetime.now() - record['updatedAt']).days
if days < SCAN_INTERVAL: # last query was within SCAN_INTERVAL days
print(domain + ' was already queried in recent %d days' % days)
return False
print('Querying ' + domain)
nic_client = NICClient()
options = {'proxy': {
'type': socks.SOCKS5,
'host': 'localhost',
'port': 9050
}}
text = nic_client.whois_lookup(options, domain, 0)
if 'limit exceeded' in text.lower() or len(text) < len(domain):
print('whois limit exceeded, received: ' + text)
change_ip()
q.put(domain)
return False
elif 'No match for' in text or 'not registered' in text or 'NOT FOUND' in text: # not registered
if record is None: # insert
db[target].insert({'_id': domain, 'registered': False, 'createdAt': datetime.now(), 'updatedAt': datetime.now()})
else: # update
db[target].update({'_id': domain}, {'$set': {'registered': False, 'updatedAt': datetime.now(), 'rawInfo': None}})
print(domain + ' is not registered')
return False
elif is_valid(tld, text):
pos = text.find('For more information on Whois status codes')
if pos != -1: # remove garbage text
text = text[0 : pos]
if record is None: # insert
info = {
'_id': domain,
'registered': True,
'createdAt': datetime.now(),
'updatedAt': datetime.now(),
'rawInfo': text
}
db[target].insert(info)
else: # update
if (datetime.now() - record['updatedAt']).days > 30: # last query was within 30 days
db[target].update({'_id': domain}, {'$set': {'registered': True, 'updatedAt': datetime.now(), 'rawInfo': text}})
print(domain + ' is registered, ' + text[: 60])
return True
elif 'in process of registration, try again later' in text:
print(text)
return False
else:
raise ValueError(text)
return False
def whois(url):
# clean domain to expose netloc
domain = extract_domain(url)
try:
# try native whois command first
r = subprocess.Popen(['whois', domain], stdout=subprocess.PIPE)
text = r.stdout.read()
except OSError:
# try experimental client
nic_client = NICClient()
text = nic_client.whois_lookup(None, domain, 0)
return Entry.load(domain, text)
def whois(url):
# clean domain to expose netloc
domain = extract_domain(url)
try:
# try native whois command first
r = subprocess.Popen(['whois', "--no-redirect", domain], stdout=subprocess.PIPE)
text = r.stdout.read()
except OSError:
# try experimental client
nic_client = NICClient()
text = nic_client.whois_lookup(None, domain, 0)
return WhoisEntry.load(domain, text)
def whois(url):
# clean domain to expose netloc
ip_match = re.match(r"^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$", url)
if ip_match:
domain = url
else:
domain = extract_domain(url)
try:
# try native whois command first
r = subprocess.Popen(['whois', domain], stdout=subprocess.PIPE)
text = r.stdout.read()
except OSError:
# try experimental client
nic_client = NICClient()
text = nic_client.whois_lookup(None, domain, 0)
return WhoisEntry.load(domain, text)
def get_domain_info(domain: str) -> str:
"""Make a whois lookup for domain.
Args:
domain: domain to look up
Returns:
whois lookup results
"""
nicclient = NICClient()
options = {"quick": True}
flags = 0
domain_info = nicclient.whois_lookup(query_arg=domain,
options=options,
flags=flags)
return domain_info
def get_data_from_host(host):
flags = 0
nic_client = NICClient()
data = nic_client.whois_lookup(None, host, flags)
w = WhoisEntry.load(host, data)
keys_to_test = ['domain_name', 'expiration_date', 'updated_date', 'creation_date', 'status']
results = {}
for key in keys_to_test:
results[key] = w.__getattr__(key)
print repr(get_ips_for_host(host))
for key in keys_to_test:
print "%s: %s" % (key, results[key])
def sendReq(hash):
server = "hash.cymru.com"
flags = 0
options = {"whoishost": server}
nic_client = NICClient()
response = nic_client.whois_lookup(options, hash, flags).rstrip()
hash = response.split(' ')[0]
lastSeen = response.split(' ')[1]
if lastSeen == "NO_DATA":
avPct = 0
else:
avPct = response.split(' ')[2]
lastSeen = datetime.datetime.fromtimestamp(
int(lastSeen)).strftime("%Y-%d-%m %H:%M:%S")
raw = {
"hash": hash,
"last_seen": lastSeen,
"av_detection_percentage": int(avPct)
}
return raw
