def check_domain_for_zone_transfer(domain):
kraken.log(kraken.LOG_LVL_INFO, "getting NS records for " + domain)
try:
answers = dns.resolver.query(domain, 'NS')
except dns.resolver.NoAnswer:
return
nameservers = map(str, answers)
zone = None
for nameserver in nameservers:
kraken.log(kraken.LOG_LVL_INFO, "trying a zone transfer for " + domain + " from name server " + nameserver)
try:
zone = dns.zone.from_xfr(dns.query.xfr(nameserver, domain))
kraken.log(kraken.LOG_LVL_INFO, "successful tranfser for " + domain + " on server " + nameserver)
except (DNSException, socket.error, EOFError):
kraken.log(kraken.LOG_LVL_INFO, "transfer failed on server: " + nameserver)
continue
if zone == None:
return
names_to_ips = {}
for (name, ttl, rdata) in zone.iterate_rdatas('A'):
if name.is_wild():
continue
if not name.is_absolute():
name = name.concatenate(zone.origin)
name = name.to_text().rstrip('.')
ip = str(rdata)
kraken.host_manager.set_host_details({'ipv4_addr':ip, 'names':name})
if not name in names_to_ips:
names_to_ips[name] = []
names_to_ips[name].append(ip)
for (name, ttl, rdata) in zone.iterate_rdatas('CNAME'):
if name.is_wild():
continue
if not name.is_absolute():
name = name.concatenate(zone.origin)
cname = name.to_text().rstrip('.')
if rdata.target.is_absolute():
target = rdata.target.to_text().rstrip('.')
else:
target = rdata.target.concatenate(zone.origin).to_text().rstrip('.')
if target in names_to_ips:
for ip in names_to_ips[target]:
kraken.host_manager.set_host_details({'ipv4_addr':ip, 'names':[target, cname]})
else:
try:
dnsresp = socket.gethostbyname_ex(target)
except:
continue # probably a "herror: [Errno 4] No address associated with name" error
if ip in dnsresp[2]:
kraken.host_manager.add_hostname(ip, [target, cname])
return
def you_get_signal_scan(host):
ip = host['ipv4_addr']
url_h = urllib2.urlopen(YOU_GET_SIGNAL_URL,
"remoteAddress={0}&key=".format(ip))
try:
data = json.load(url_h)
except:
kraken.log(kraken.LOG_LVL_WARNING, "failed to get yougetsignal data")
raise kraken.error("failed to get yougetsignal data")
if data['status'].lower() != 'success':
kraken.log(kraken.LOG_LVL_WARNING, data['message'])
raise kraken.error(" ".join(data['message'].split()[:6]))
if str(data.get('domainCount', '0')) == '0':
kraken.log(kraken.LOG_LVL_DEBUG,
'you_get_signal returned 0 domains for ' + ip)
return
domainArray = map(lambda x: x[0], data['domainArray'])
if not len(domainArray):
return
known_hostnames = kraken.host_manager.get_hostnames(ip)
for name in known_hostnames:
if name in domainArray:
domainArray.remove(name)
if not len(domainArray):
return
for name in domainArray:
try:
dnsresp = socket.gethostbyname_ex(name)
except:
return # probably a "herror: [Errno 4] No address associated with name" error
if ip in dnsresp[2]:
kraken.host_manager.add_hostname(ip, name)
def you_get_signal_scan(host):
ip = host['ipv4_addr']
url_h = urllib2.urlopen(YOU_GET_SIGNAL_URL, "remoteAddress={0}&key=".format(ip))
try:
data = json.load(url_h)
except:
kraken.log(kraken.LOG_LVL_WARNING, "failed to get yougetsignal data")
raise kraken.error("failed to get yougetsignal data")
if data['status'].lower() != 'success':
kraken.log(kraken.LOG_LVL_WARNING, data['message'])
raise kraken.error(" ".join(data['message'].split()[:6]))
if str(data.get('domainCount', '0')) == '0':
kraken.log(kraken.LOG_LVL_DEBUG, 'you_get_signal returned 0 domains for ' + ip)
return
domainArray = map(lambda x: x[0], data['domainArray'])
if not len(domainArray):
return
known_hostnames = kraken.host_manager.get_hostnames(ip)
for name in known_hostnames:
if name in domainArray:
domainArray.remove(name)
if not len(domainArray):
return
for name in domainArray:
try:
dnsresp = socket.gethostbyname_ex(name)
except:
return # probably a "herror: [Errno 4] No address associated with name" error
if ip in dnsresp[2]:
kraken.host_manager.add_hostname(ip, name)
def main(args):
ips = kraken.host_manager.get_hosts()
for ip in ips:
kraken.log(kraken.LOG_LVL_DEBUG, 'running you_get_signal on ip: ' + ip)
you_get_signal_scan({'ipv4_addr': ip})
return 0
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # import kraken import socket try: import dns.resolver import dns.query import dns.zone from dns.exception import DNSException from dns.rdataclass import * from dns.rdatatype import * except ImportError as err: kraken.log(kraken.LOG_LVL_ERROR, "could not import python module dnspython, can't load zone_transfer plugin") raise err try: import tldextract has_tldextract = True except ImportError: kraken.log(kraken.LOG_LVL_WARNING, "could not import python module tldextract") tldextract = None has_tldextract = False def check_domain_for_zone_transfer(domain): kraken.log(kraken.LOG_LVL_INFO, "getting NS records for " + domain) try: answers = dns.resolver.query(domain, 'NS') except dns.resolver.NoAnswer:
def check_domain_for_zone_transfer(domain):
kraken.log(kraken.LOG_LVL_INFO, "getting NS records for " + domain)
try:
answers = dns.resolver.query(domain, 'NS')
except dns.resolver.NoAnswer:
return
nameservers = map(str, answers)
zone = None
for nameserver in nameservers:
kraken.log(
kraken.LOG_LVL_INFO, "trying a zone transfer for " + domain +
" from name server " + nameserver)
try:
zone = dns.zone.from_xfr(dns.query.xfr(nameserver, domain))
kraken.log(
kraken.LOG_LVL_INFO, "successful tranfser for " + domain +
" on server " + nameserver)
except (DNSException, socket.error, EOFError):
kraken.log(kraken.LOG_LVL_INFO,
"transfer failed on server: " + nameserver)
continue
if zone == None:
return
names_to_ips = {}
for (name, ttl, rdata) in zone.iterate_rdatas('A'):
if name.is_wild():
continue
if not name.is_absolute():
name = name.concatenate(zone.origin)
name = name.to_text().rstrip('.')
ip = str(rdata)
kraken.host_manager.set_host_details({'ipv4_addr': ip, 'names': name})
if not name in names_to_ips:
names_to_ips[name] = []
names_to_ips[name].append(ip)
for (name, ttl, rdata) in zone.iterate_rdatas('CNAME'):
if name.is_wild():
continue
if not name.is_absolute():
name = name.concatenate(zone.origin)
cname = name.to_text().rstrip('.')
if rdata.target.is_absolute():
target = rdata.target.to_text().rstrip('.')
else:
target = rdata.target.concatenate(
zone.origin).to_text().rstrip('.')
if target in names_to_ips:
for ip in names_to_ips[target]:
kraken.host_manager.set_host_details({
'ipv4_addr': ip,
'names': [target, cname]
})
else:
try:
dnsresp = socket.gethostbyname_ex(target)
except:
continue # probably a "herror: [Errno 4] No address associated with name" error
if ip in dnsresp[2]:
kraken.host_manager.add_hostname(ip, [target, cname])
return
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
import kraken
import socket
try:
import dns.resolver
import dns.query
import dns.zone
from dns.exception import DNSException
from dns.rdataclass import *
from dns.rdatatype import *
except ImportError as err:
kraken.log(
kraken.LOG_LVL_ERROR,
"could not import python module dnspython, can't load zone_transfer plugin"
)
raise err
try:
import tldextract
has_tldextract = True
except ImportError:
kraken.log(kraken.LOG_LVL_WARNING,
"could not import python module tldextract")
tldextract = None
has_tldextract = False
def check_domain_for_zone_transfer(domain):
kraken.log(kraken.LOG_LVL_INFO, "getting NS records for " + domain)
def main(args):
ips = kraken.host_manager.get_hosts()
for ip in ips:
kraken.log(kraken.LOG_LVL_DEBUG, 'running you_get_signal on ip: ' + ip)
you_get_signal_scan({'ipv4_addr':ip})
return 0
def finalize():
kraken.log(kraken.LOG_LVL_NOTICE,
"kraken plugin sanity_check finalized successfully")
return 0
def main(args):
kraken.log(kraken.LOG_LVL_NOTICE,
"kraken plugin sanity_check main() method called")
kraken.log(kraken.LOG_LVL_NOTICE, "arguments supplied are: " + str(args))
return 0
def finalize(): kraken.log(kraken.LOG_LVL_NOTICE, "kraken plugin sanity_check finalized successfully") return 0
def main(args): kraken.log(kraken.LOG_LVL_NOTICE, "kraken plugin sanity_check main() method called") kraken.log(kraken.LOG_LVL_NOTICE, "arguments supplied are: " + str(args)) return 0
