def setUp(self): self.resolver = Resolver(5, False, 0, "127.0.0.1")
class DomainConnect: _networkContext = NetworkContext() _resolver = Resolver() def __init__(self, networkcontext=NetworkContext()): self._networkContext = networkcontext if networkcontext.nameservers is not None: self._resolver.nameservers = networkcontext.nameservers.split(',') @staticmethod def identify_domain_root(domain): return psl.privatesuffix(domain) def _identify_domain_connect_api(self, domain_root): # noinspection PyBroadException try: dns = self._resolver.query('_domainconnect.{}'.format(domain_root), 'TXT') domain_connect_api = str(dns[0]).replace('"', '') logger.debug('Domain Connect API {} for {} found.'.format( domain_connect_api, domain_root)) return domain_connect_api except Timeout: logger.debug( 'Timeout. Failed to find Domain Connect API for "{}"'.format( domain_root)) raise NoDomainConnectRecordException( 'Timeout. Failed to find Domain Connect API for "{}"'.format( domain_root)) except NXDOMAIN or YXDOMAIN: logger.debug('Failed to resolve "{}"'.format(domain_root)) raise NoDomainConnectRecordException( 'Failed to resolve "{}"'.format(domain_root)) except NoAnswer: logger.debug( 'No Domain Connect API found for "{}"'.format(domain_root)) raise NoDomainConnectRecordException( 'No Domain Connect API found for "{}"'.format(domain_root)) except NoNameservers: logger.debug( 'No nameservers avalaible for "{}"'.format(domain_root)) raise NoDomainConnectRecordException( 'No nameservers avalaible for "{}"'.format(domain_root)) except Exception: pass logger.debug( 'No Domain Connect API found for "{}"'.format(domain_root)) raise NoDomainConnectRecordException( 'No Domain Connect API found for "{}"'.format(domain_root)) def get_domain_config(self, domain): """Makes a discovery of domain name and resolves configuration of DNS provider :param domain: str domain name :return: DomainConnectConfig domain connect config :raises: NoDomainConnectRecordException when no _domainconnect record found :raises: NoDomainConnectSettingsException when settings are not found """ domain_root = self.identify_domain_root(domain) host = '' if len(domain_root) != len(domain): host = domain.replace('.' + domain_root, '') domain_connect_api = self._identify_domain_connect_api(domain_root) ret = self._get_domain_config_for_root(domain_root, domain_connect_api) return DomainConnectConfig(domain, domain_root, host, ret) def _get_domain_config_for_root(self, domain_root, domain_connect_api): """ :param domain_root: str domain name for zone root :param domain_connect_api: str URL of domain connect API of the vendor :return: dict domain connect config :raises: NoDomainConnectRecordException when no _domainconnect record found :raises: NoDomainConnectSettingsException when settings are not found """ url = 'https://{}/v2/{}/settings'.format(domain_connect_api, domain_root) try: response = get_json(self._networkContext, url) logger.debug('Domain Connect config for {} over {}: {}'.format( domain_root, domain_connect_api, response)) return response except Exception as e: logger.debug("Exception when getting config:{}".format(e)) logger.debug( 'No Domain Connect config found for {}.'.format(domain_root)) raise NoDomainConnectSettingsException( 'No Domain Connect config found for {}.'.format(domain_root)) # Generates a signature on the passed in data @staticmethod def _generate_sig(private_key, data): pk = serialization.load_pem_private_key(private_key.encode(), password=None, backend=default_backend()) sig = pk.sign(data.encode(), padding.PKCS1v15(), hashes.SHA256()) return b64encode(sig) @staticmethod def _generate_sig_params(queryparams, private_key=None, keyid=None): if private_key is None or keyid is None: raise InvalidDomainConnectSettingsException( "Private key and/or key ID not provided for signing") signature = DomainConnect._generate_sig(private_key, queryparams) return '&' + urllib.parse.urlencode({ "sig": signature, "key": keyid, }) def check_template_supported(self, config, provider_id, service_ids): """ :param config: DomainConnectConfig domain connect config :param provider_id: str provider_id to check :param service_ids: str service_id to check :return: (dict, str) (template supported, error) :raises: TemplateNotSupportedException when template is not supported """ if type(service_ids) != list: service_ids = [service_ids] for service_id in service_ids: url = '{}/v2/domainTemplates/providers/{}/services/{}' \ .format(config.urlAPI, provider_id, service_id) try: response = get_http(self._networkContext, url) logger.debug('Template for serviceId: {} from {}: {}'.format( service_id, provider_id, response)) except Exception as e: logger.debug("Exception when getting config:{}".format(e)) raise TemplateNotSupportedException( 'No template for serviceId: {} from {}'.format( service_id, provider_id)) def get_domain_connect_template_sync_url(self, domain, provider_id, service_id, redirect_uri=None, params=None, state=None, group_ids=None, sign=False, private_key=None, keyid=None): """Makes full Domain Connect discovery of a domain and returns full url to request sync consent. :param domain: str :param provider_id: str :param service_id: str :param redirect_uri: str :param params: dict :param state: str :param group_ids: list(str) :param sign: bool :param private_key: str - RSA key in PEM format :param keyid: str - host name of the TXT record with public KEY (appended to syncPubKeyDomain) :return: (str, str) first field is an url which shall be used to redirect the browser to second field is an indication of error :raises: NoDomainConnectRecordException when no _domainconnect record found :raises: NoDomainConnectSettingsException when settings are not found :raises: InvalidDomainConnectSettingsException when settings contain missing fields """ # TODO: support for provider_name (for shared templates) if params is None: params = {} config = self.get_domain_config(domain) self.check_template_supported(config, provider_id, service_id) if config.urlSyncUX is None: raise InvalidDomainConnectSettingsException( "No sync URL in config") sync_url_format = '{}/v2/domainTemplates/providers/{}/services/{}/' \ 'apply?{}{}' params['domain'] = config.domain_root if config.host is not None and config.host != '': params['host'] = config.host if redirect_uri is not None: params["redirect_uri"] = redirect_uri if state is not None: params["state"] = state if group_ids is not None: params["groupId"] = ",".join(group_ids) queryparams = urllib.parse.urlencode( sorted(params.items(), key=lambda val: val[0])) sigparams = DomainConnect._generate_sig_params( queryparams, private_key, keyid) if sign else '' return sync_url_format.format(config.urlSyncUX, provider_id, service_id, queryparams, sigparams) def get_domain_connect_template_async_context(self, domain, provider_id, service_id, redirect_uri, params=None, state=None, service_id_in_path=False): """Makes full Domain Connect discovery of a domain and returns full context to request async consent. :param domain: str :param provider_id: str :param service_id: str :param redirect_uri: str :param params: dict :param state: str :param service_id_in_path: bool :return: (DomainConnectAsyncContext, str) asyncConsentUrl field of returned context shall be used to redirect the browser to second field is an indication of error :raises: NoDomainConnectRecordException when no _domainconnect record found :raises: NoDomainConnectSettingsException when settings are not found :raises: TemplateNotSupportedException when template is not found :raises: InvalidDomainConnectSettingsException when parts of the settings are missing :raises: DomainConnectException on other domain connect issues """ if params is None: params = {} config = self.get_domain_config(domain) self.check_template_supported(config, provider_id, service_id) if config.urlAsyncUX is None: raise InvalidDomainConnectSettingsException( "No asynch UX URL in config") if service_id_in_path: if type(service_id) is list: raise DomainConnectException( "Multiple services are only supported with service_id_in_path=false" ) async_url_format = '{0}/v2/domainTemplates/providers/{1}/services/{2}' \ '?client_id={1}&scope={2}&domain={3}&host={4}&{5}' else: if type(service_id) is list: service_id = '+'.join(service_id) async_url_format = '{0}/v2/domainTemplates/providers/{1}' \ '?client_id={1}&scope={2}&domain={3}&host={4}&{5}' if redirect_uri is not None: params["redirect_uri"] = redirect_uri if state is not None: params["state"] = state ret = DomainConnectAsyncContext(config, provider_id, service_id, redirect_uri, params) ret.asyncConsentUrl = async_url_format.format( config.urlAsyncUX, provider_id, service_id, config.domain_root, config.host, urllib.parse.urlencode( sorted(params.items(), key=lambda val: val[0]))) return ret def open_domain_connect_template_asynclink(self, domain, provider_id, service_id, redirect_uri, params=None, state=None, service_id_in_path=False): """ :param domain: :param provider_id: :param service_id: :param redirect_uri: :param params: :param state: :param service_id_in_path: :return: :raises: NoDomainConnectRecordException when no _domainconnect record found :raises: NoDomainConnectSettingsException when settings are not found :raises: TemplateNotSupportedException when template is not found :raises: InvalidDomainConnectSettingsException when parts of the settings are missing :raises: DomainConnectException on other domain connect issues """ if params is None: params = {} async_context = self.get_domain_connect_template_async_context( domain, provider_id, service_id, redirect_uri, params, state, service_id_in_path) print('Please open URL: {}'.format(async_context.asyncConsentUrl)) if "webbrowser" in sys.modules: try: webbrowser.open_new_tab(async_context.asyncConsentUrl) except webbrowser.Error as err: raise Exception("Error opening browser window: {}".format(err)) return async_context def get_async_token(self, context, credentials): """Gets access_token in async process :param context: DomainConnectAsyncContext :param credentials: DomainConnectAsyncCredentials :return: DomainConnectAsyncContext context enriched with access_token and refresh_token if existing :raises: AsyncTokenException """ params = {'code': context.code, 'grant_type': 'authorization_code'} if getattr(context, 'iat', None) and getattr(context, 'access_token_expires_in', None) and \ getattr(context, 'refresh_token', None): now = int(time.time()) + 60 if now > context.iat + context.access_token_expires_in: params = { 'refresh_token': context.refresh_token, 'grant_type': 'refresh_token', 'client_id': credentials.client_id, 'client_secret': credentials.client_secret } else: logger.debug('Context has a valid access token') return context params['redirect_uri'] = context.return_url url_get_access_token = '{}/v2/oauth/access_token?{}'.format( context.config.urlAPI, urllib.parse.urlencode( sorted(params.items(), key=lambda val: val[0]))) try: # this has to be checked to avoid secret leakage by spoofed "settings" end-point if credentials.api_url != context.config.urlAPI: raise AsyncTokenException( "URL API for provider does not match registered one with credentials" ) data, status = http_request_json(self._networkContext, method='POST', content_type='application/json', body=json.dumps({ 'client_id': credentials.client_id, 'client_secret': credentials.client_secret, }), url=url_get_access_token, accepted_statuses=[200, 400]) if status == 400: raise AsyncTokenException( 'Failed to get async token: {} {} {}'.format( status, data["error"], data["error_description"] if "error_description" in data else "")) except AsyncTokenException: raise except Exception as ex: logger.debug('Cannot get async token: {}'.format(ex)) raise AsyncTokenException('Cannot get async token: {}'.format(ex)) if 'access_token' not in data \ or 'expires_in' not in data \ or 'token_type' not in data \ or data['token_type'].lower() != 'bearer': logger.debug('Token not complete: {}'.format(data)) raise AsyncTokenException('Token not complete: {}'.format(data)) context.access_token = data['access_token'] context.access_token_expires_in = data['expires_in'] context.iat = int(time.time()) if 'refresh_token' in data: context.refresh_token = data['refresh_token'] return context def apply_domain_connect_template_async(self, context, host=None, service_id=None, params=None, force=False, group_ids=None): """ :param context: DomainConnectAsyncContext :param host: str :param service_id: :param params: :param force: :param group_ids: list(str) :return: None :raises: ConflictOnApply Conflict situation :raises: ApplyException Other errors in apply operation """ if params is None: params = {} if host is None: host = context.config.host if service_id is None: service_id = context.serviceId if group_ids is not None: params["groupId"] = ",".join(group_ids) async_url_format = '{}/v2/domainTemplates/providers/{}/services/{}/' \ 'apply?domain={}&host={}&{}' if force: params['force'] = 'true' url = async_url_format.format( context.config.urlAPI, context.providerId, service_id, context.config.domain_root, host, urllib.parse.urlencode( sorted(params.items(), key=lambda val: val[0]))) try: res, status = http_request_json(self._networkContext, 'POST', url, bearer=context.access_token, accepted_statuses=[200, 202, 409]) if status in [409]: raise ConflictOnApplyException("Conflict: {}".format(res)) except ConflictOnApplyException: raise except Exception as e: raise ApplyException('Error on apply: {}'.format(e))
logger.warning('There is a new version, check {} for update.'.format(f.geturl())) if __name__ == '__main__': print("Accesser v{} Copyright (C) 2018-2019 URenko".format(__version__)) threading.Thread(target=update_checker).start() proxy = Proxy() webui.init(proxy) if setting.config['webui']: webbrowser.open('http://localhost:7654/') DNScache = setting.config['hosts'].copy() DNS_lock = threading.Lock() if setting.config['DNS']: DNSresolver = Resolver(configure=False) if 'SYSTEM' != setting.config['DNS'].upper(): DNSresolver.read_resolv_conf(setting.config['DNS']) else: if sys.platform == 'win32': DNSresolver.read_registry() else: DNSresolver.read_resolv_conf('/etc/resolv.conf') DNSquery = lambda x:DNSresolver.query(x, 'A')[0].to_text() else: from utils import DoH DNSquery = DoH.DNSquery importca.import_ca() context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
def testResolver(self): res = Resolver(0, False, 0) self.assertEqual(res.gethostbyname("google.com")[0], "google.com") self.assertEqual( res.gethostbyname("symposium.thalia.nu")[2], res.gethostbyname("reis.thalia.nu")[2])
def connect(self): resolver = Resolver() resolver.nameservers = self._dnsproxy answer = resolver.query(self.host, 'A') self.host = answer.rrset.items[0].address self.sock = socket.create_connection((self.host, self.port))
def main(): print_banner() parser = ArgumentParser() parser.add_argument( "-t", dest="target_hosts", required=True, help="Set a target range of addresses to target. Ex 10.11.1.1-255") parser.add_argument( "-w", dest="wordlists", required=False, type=str, help= "Set the wordlists to use (default ./wordlists/virtual-host-scanning.txt)", default=False) parser.add_argument( "-b", dest="base_host", required=False, help= "Set host to be used during substitution in wordlist (default to TARGET).", default=False) parser.add_argument("-p", dest="port", required=False, help="Set the port to use (default 80).", default=80) parser.add_argument( "-r", dest="real_port", required=False, help= "The real port of the webserver to use in headers when not 80 (see RFC2616 14.23), useful when pivoting through ssh/nc etc (default to PORT).", default=False) parser.add_argument( '--ignore-http-codes', dest='ignore_http_codes', type=str, help= 'Comma separated list of http codes to ignore with virtual host scans (default 404).', default='404') parser.add_argument( '--ignore-content-length', dest='ignore_content_length', type=int, help='Ignore content lengths of specificed amount (default 0).', default=0) parser.add_argument( '--unique-depth', dest='unique_depth', type=int, help= 'Show likely matches of page content that is found x times (default 1).', default=1) parser.add_argument( "--ssl", dest="ssl", action="store_true", help= "If set then connections will be made over HTTPS instead of HTTP (default http).", default=False) parser.add_argument( "--fuzzy-logic", dest="fuzzy_logic", action="store_true", help= "If set then fuzzy match will be performed against unique hosts (default off).", default=False) parser.add_argument( "--no-lookups", dest="no_lookup", action="store_true", help= "Disable reverse lookups (identifies new targets and appends to wordlist, on by default).", default=False) parser.add_argument( "--rate-limit", dest="rate_limit", type=int, help= 'Amount of time in seconds to delay between each scan (default 0).', default=0) parser.add_argument( '--random-agent', dest='random_agent', action='store_true', help= 'If set, then each scan will use random user-agent from predefined list.', default=False) parser.add_argument('--user-agent', dest='user_agent', type=str, help='Specify a user-agent to use for scans') parser.add_argument( "--waf", dest="add_waf_bypass_headers", action="store_true", help="If set then simple WAF bypass headers will be sent.", default=False) parser.add_argument( "-oN", dest="output_normal", help= "Normal output printed to a file when the -oN option is specified with a filename argument." ) parser.add_argument( "-oJ", dest="output_json", help= "JSON output printed to a file when the -oJ option is specified with a filename argument." ) parser.add_argument( "-", dest="stdin", action="store_true", help= "By passing a blank '-' you tell VHostScan to expect input from stdin (pipe).", default=False) arguments = parser.parse_args() wordlist = [] word_list_types = [] default_wordlist = "./wordlists/virtual-host-scanning.txt" if not arguments.stdin else None if arguments.stdin: word_list_types.append('stdin') wordlist.extend(list(line for line in sys.stdin.read().splitlines())) combined = get_combined_word_lists(arguments.wordlists or default_wordlist) word_list_types.append('wordlists: {}'.format( ', '.join(combined['file_paths']), )) wordlist.extend(combined['words']) if len(wordlist) == 0: print("[!] No words found in provided wordlists, unable to scan.") sys.exit(1) print( "[+] Starting virtual host scan for {host} using port {port} and {inputs}" .format( host=arguments.target_hosts, port=arguments.port, inputs=', '.join(word_list_types), )) user_agents = [] if arguments.user_agent: print('[>] User-Agent specified, using it') user_agents = [arguments.user_agent] elif arguments.random_agent: print('[>] Random User-Agent flag set') user_agents = load_random_user_agents() if (arguments.ssl): print("[>] SSL flag set, sending all results over HTTPS") if (arguments.add_waf_bypass_headers): print("[>] WAF flag set, sending simple WAF bypass headers") print("[>] Ignoring HTTP codes: %s" % (arguments.ignore_http_codes)) if (arguments.ignore_content_length > 0): print("[>] Ignoring Content length: %s" % (arguments.ignore_content_length)) if not arguments.no_lookup: for ip in Resolver().query(arguments.target_hosts, 'A'): host, aliases, ips = gethostbyaddr(str(ip)) wordlist.append(str(ip)) wordlist.append(host) wordlist.extend(aliases) scanner_args = vars(arguments) scanner_args.update({ 'target': arguments.target_hosts, 'wordlist': wordlist, 'user_agents': user_agents }) scanner = virtual_host_scanner(**scanner_args) scanner.scan() output = output_helper(scanner, arguments) print(output.output_normal_likely()) if (arguments.fuzzy_logic): print(output.output_fuzzy()) if (arguments.output_normal): output.write_normal(arguments.output_normal) print("\n[+] Writing normal ouptut to %s" % arguments.output_normal) if (arguments.output_json): output.output_json(arguments.output_json) print("\n[+] Writing json ouptut to %s" % arguments.output_json)
from dns.resolver import Resolver import csv my1_r = Resolver() my1_r.nameservers = ['8.8.8.8'] my2_r = Resolver() my2_r.nameservers = ['8.8.4.4'] # Create empty dictionaries names = {} resolved1 = {} resolved2 = {} # Open toresolve.csv file and populate dictionary names with open('toresolve.csv', mode='r') as infile: reader = csv.reader(infile) names = dict((rows[0],0) for rows in reader) infile.close() print("Using server: ",my1_r.nameservers) for x in names: try: hostip = my1_r.resolve(x,raise_on_no_answer=False) except: hostip = 'None' resolved1[x] = str(hostip.rrset[0]) print(resolved1) print("""-------
def __init__(self, signup_list, result_queue): URLGetter.__init__(self, signup_list, result_queue) self.resolver = Resolver(configure=False) self.delay = 0
class DnsServerTest(unittest.TestCase): # region Properties path.append(dirname(dirname(dirname(dirname(dirname(abspath(__file__))))))) from raw_packet.Utils.base import Base from raw_packet.Utils.tm import ThreadManager from raw_packet.Servers.dns_server import RawDnsServer base: Base = Base() tm: ThreadManager = ThreadManager(2) dns_server: RawDnsServer = RawDnsServer() interface: str = 'lo' ipv4_address: str = '127.0.0.1' ipv6_address: str = '::1' listen_port: int = 53 fake_ipv4_addresses: List[str] = ['192.168.0.123', '192.168.0.234'] fake_ipv6_addresses: List[str] = ['fd00::123', 'fd00::234'] fake_ns_servers: List[str] = ['ns1.test.com', 'ns2.test.com'] fake_mx_servers: List[str] = ['mail1.test.com', 'mail2.test.com'] fake_domains_regexp: List[str] = ['(test1|test2)\\.google.com', 'evil.com'] fake_domains: List[str] = [ 'test1.google.com', 'test2.google.com', 'evil.com' ] no_such_domains: List[str] = ['gooogle.com', 'eviiil.com'] real_domains: List[str] = ['www.google.com', 'google.com'] success_domains: List[str] = ['evil.com'] config_file_name: str = 'config.json' config_fake_domains: List[str] = ['test1.com', 'www.test1.com'] config_success_domains: List[str] = ['test2.com', 'www.test2.com'] config_no_such_domains: List[str] = ['test3.com', 'www.test3.com'] config_content: Dict = { '.*test1.com': { 'A': fake_ipv4_addresses[0], 'AAAA': fake_ipv6_addresses, 'NS': fake_ns_servers[0], 'MX': fake_mx_servers }, '.*test2.com': { 'success': True, 'A': 'my ipv4 address', 'AAAA': 'my ipv6 address' }, '.*test3.com': { 'no such domain': True } } with open(config_file_name, 'w') as config_file: dump(config_content, config_file) tm.add_task(dns_server.listen, interface, listen_port, None, None, None, False, fake_ipv4_addresses, fake_ipv6_addresses, fake_domains_regexp, no_such_domains, True, False, success_domains, config_file_name) test_ipv4_resolver = Resolver() test_ipv6_resolver = Resolver() test_ipv4_resolver.nameservers = [ipv4_address] test_ipv6_resolver.nameservers = [ipv6_address] test_ipv4_resolver.timeout = 3 test_ipv6_resolver.timeout = 3 result_addresses: List[str] = list() # endregion def test01_resolve_ipv4_fake_domain(self): for fake_domain in self.fake_domains: answers = self.test_ipv6_resolver.query(fake_domain, A) for answer in answers: self.result_addresses.append(answer.address) self.assertEqual(self.result_addresses, self.fake_ipv4_addresses) self.result_addresses.clear() def test02_resolve_ipv6_fake_domain(self): for fake_domain in self.fake_domains: answers = self.test_ipv6_resolver.query(fake_domain, AAAA) for answer in answers: self.result_addresses.append(answer.address) self.assertEqual(self.result_addresses, self.fake_ipv6_addresses) self.result_addresses.clear() def test03_resolve_no_such_domain(self): for no_such_domain in self.no_such_domains: nslookup_process = run( ['nslookup ' + no_such_domain + ' ' + self.ipv6_address], stdout=PIPE, shell=True) nslookup_stdout: str = nslookup_process.stdout.decode('utf-8') self.assertIn('server can\'t find ' + no_such_domain, nslookup_stdout) def test04_resolve_ipv4_real_domain(self): for real_domain in self.real_domains: answers = self.test_ipv6_resolver.query(real_domain, A) for answer in answers: self.result_addresses.append(answer.address) self.assertNotEqual(self.result_addresses, self.fake_ipv4_addresses) self.assertNotEqual(len(self.result_addresses), 0) self.result_addresses.clear() def test05_resolve_ipv6_real_domain(self): for real_domain in self.real_domains: answers = self.test_ipv6_resolver.query(real_domain, AAAA) for answer in answers: self.result_addresses.append(answer.address) self.assertNotEqual(self.result_addresses, self.fake_ipv6_addresses) self.assertNotEqual(len(self.result_addresses), 0) self.result_addresses.clear() def test06_resolve_config_domains(self): for config_fake_domain in self.config_fake_domains: answers = self.test_ipv6_resolver.query(config_fake_domain, A) for answer in answers: self.result_addresses.append(answer.address) self.assertEqual(self.result_addresses, [self.fake_ipv4_addresses[0]]) self.result_addresses.clear() answers = self.test_ipv6_resolver.query(config_fake_domain, AAAA) for answer in answers: self.result_addresses.append(answer.address) self.assertEqual(self.result_addresses, self.fake_ipv6_addresses) self.result_addresses.clear() answers = self.test_ipv6_resolver.query(config_fake_domain, NS) for answer in answers: self.result_addresses.append(str(answer.target)[:-1]) self.assertEqual(self.result_addresses, [self.fake_ns_servers[0]]) self.result_addresses.clear() answers = self.test_ipv6_resolver.query(config_fake_domain, MX) for answer in answers: self.result_addresses.append(str(answer.exchange)[:-1]) self.assertEqual(self.result_addresses, self.fake_mx_servers) self.result_addresses.clear() for config_success_domain in self.config_success_domains: answers = self.test_ipv6_resolver.query(config_success_domain, A) for answer in answers: self.result_addresses.append(answer.address) self.assertEqual(self.result_addresses, [self.ipv4_address]) self.result_addresses.clear() answers = self.test_ipv6_resolver.query(config_success_domain, AAAA) for answer in answers: self.result_addresses.append(answer.address) self.assertEqual(self.result_addresses, [self.ipv6_address]) self.result_addresses.clear() for no_such_domain in self.config_no_such_domains: nslookup_process = run( ['nslookup ' + no_such_domain + ' ' + self.ipv6_address], stdout=PIPE, shell=True) nslookup_stdout: str = nslookup_process.stdout.decode('utf-8') self.assertIn('server can\'t find ' + no_such_domain, nslookup_stdout) remove(self.config_file_name)
def run(self): if self.option_extdns: if self.nameservers: resolv = Resolver(configure=False) resolv.nameservers = self.nameservers else: resolv = Resolver() resolv.search = [] resolv.lifetime = REQUEST_TIMEOUT_DNS * REQUEST_RETRIES_DNS resolv.timeout = REQUEST_TIMEOUT_DNS EDNS_PAYLOAD = 1232 resolv.use_edns(edns=True, ednsflags=0, payload=EDNS_PAYLOAD) if hasattr(resolv, 'resolve'): resolve = resolv.resolve else: resolve = resolv.query if self.option_geoip: geo = geoip() while not self.kill_received: try: task = self.jobs.get(block=False) except queue.Empty: self.kill_received = True return domain = task.get('domain') dns_a = False dns_aaaa = False if self.option_extdns: nxdomain = False dns_ns = False dns_mx = False try: task['dns_ns'] = self._answer_to_list( resolve(domain, rdtype=dns.rdatatype.NS)) dns_ns = True except NXDOMAIN: nxdomain = True except NoNameservers: task['dns_ns'] = ['!ServFail'] except DNSException as e: self._debug(e) if nxdomain is False: try: task['dns_a'] = self._answer_to_list( resolve(domain, rdtype=dns.rdatatype.A)) dns_a = True except NoNameservers: task['dns_a'] = ['!ServFail'] except DNSException as e: self._debug(e) try: task['dns_aaaa'] = self._answer_to_list( resolve(domain, rdtype=dns.rdatatype.AAAA)) dns_aaaa = True except NoNameservers: task['dns_aaaa'] = ['!ServFail'] except DNSException as e: self._debug(e) if nxdomain is False and dns_ns is True: try: task['dns_mx'] = self._answer_to_list( resolve(domain, rdtype=dns.rdatatype.MX)) dns_mx = True except NoNameservers: task['dns_mx'] = ['!ServFail'] except DNSException as e: self._debug(e) else: try: ip = socket.getaddrinfo(domain, 80) except socket.gaierror as e: if e.errno == -3: task['dns_a'] = ['!ServFail'] except Exception as e: self._debug(e) else: task['dns_a'] = list() task['dns_aaaa'] = list() for j in ip: if '.' in j[4][0]: task['dns_a'].append(j[4][0]) if ':' in j[4][0]: task['dns_aaaa'].append(j[4][0]) task['dns_a'] = sorted(task['dns_a']) task['dns_aaaa'] = sorted(task['dns_aaaa']) dns_a = True dns_aaaa = True if self.option_mxcheck: if dns_mx is True: if domain != self.domain_init: if self._mxcheck(task['dns_mx'][0], self.domain_init, domain): task['mx_spy'] = True if self.option_geoip: if dns_a is True: try: country = geo.country_by_addr(task['dns_a'][0]) except Exception as e: self._debug(e) pass else: if country: task['geoip'] = country.split(',')[0] if self.option_banners: if dns_a is True: banner = self._banner_http(task['dns_a'][0], domain) if banner: task['banner_http'] = banner if dns_mx is True: banner = self._banner_smtp(task['dns_mx'][0]) if banner: task['banner_smtp'] = banner if self.option_ssdeep: if dns_a is True or dns_aaaa is True: try: req = requests.get( self.uri_scheme + '://' + domain + self.uri_path + self.uri_query, timeout=REQUEST_TIMEOUT_HTTP, headers={'User-Agent': self.useragent}, verify=False) except Exception as e: self._debug(e) pass else: if req.status_code // 100 == 2 and req.url.split( '?')[0] != self.ssdeep_effective_url: ssdeep_curr = ssdeep.hash(''.join( req.text.split()).lower()) task['ssdeep'] = ssdeep.compare( self.ssdeep_init, ssdeep_curr) self.jobs.task_done()
def run(self): """ Run the handler thread""" msg = Message.from_bytes(self.data) header = msg.header recursion = header.rd != 0 questions = msg.questions answers = [] authorative = [] additional = [] for question in questions: qname = question.qname qtype = question.qtype if question.qclass != Class.IN: pass domains = self.getdomains(str(qname)) for domain in domains: if not self.zone.records.get(domain, False): continue for rr in self.zone.records[domain]: if (rr.type_ == Type.A or rr.type_ == Type.CNAME) and domain == str(qname): answers.append(rr) if rr.type_ == Type.NS: authorative.append(rr) for rec in self.zone.records[str(rr.rdata.nsdname)]: if rec not in additional: if rec.qtype == Type.A: additional.append(rec) if authorative or answers: header_response = Header(9001, 0, 1, len(answers), len(authorative), len(additionals)) header_response.qr = True header_response.opcode(1) header_response.aa(False) header_respones.tc(False) header_response.rd(False) header_response.ra(True) header_response.z(False) header_respones.rcode(False) respons = Message(header_response, [question], answers, authorities, additionals) self.sock.sendto(respons.to_bytes(), self.addr) break if recursion and (qtype == Type.A or qtype == Type.CNAME): answers = [] resolver = Resolver(100, False, 0, True) (hostname, aliaslist, ipaddrlist) = resolver.gethostbyname(question.qname) header_response = Header(9001, 0, 1, len(aliaslist) + len(ipaddrlist), 0, 0) header_response.qr = 1 header_response.opcode = 1 header_response.aa = 0 header_response.tc = 0 header_response.rd = 0 header_response.ra = 1 header_response.rcode = 0 for addr in ipaddrlist: answers.append( ResourceRecord.from_dict({ "name": str(hostname), "type": str(Type.A), "class": str(Class.IN), "ttl": 0, "rdata": { "address": str(addr) } })) for alias in aliaslist: answers.append( ResourceRecord.from_dict({ "name": str(hostname), "type": str(Type.CNAME), "class": str(Class.IN), "ttl": 0, "rdata": { "cname": str(alias) } })) response = Message(header_response, questions, answers) self.sock.sendto(response.to_bytes(), self.addr) break
def mtr_report(ip_address): try: mtr_result = sub_run([MTR_LOCATION, '--show-ips', '--json', '-c', '5', ip_address], capture_output=True) except: return False if mtr_result.returncode != 0: return False mtr_json = loads(mtr_result.stdout.strip()) last_hop = mtr_json['report']['hubs'][-1] return f"Hops: {last_hop['count']} - Loss: {last_hop['Loss%']}% - Last: {last_hop['Last']}ms - Avg: {last_hop['Avg']}ms - Best: {last_hop['Best']}ms - Worst: {last_hop['Wrst']}ms - StdDev: {last_hop['StDev']}ms" dns_ctx = Resolver(configure=False) for resolver in resolvers: dns_ctx.nameservers = resolvers[resolver] print("------------") print(f"Testing {resolver}") mtr = mtr_report(resolvers[resolver][0]) if not mtr: print(f"Resolver {resolver} is not accepting ICMP, skipping") continue print(mtr) print("------------") for resolver_test in resolver_tests: try:
def run(self): if self.option_extdns: if self.nameservers: resolv = Resolver(configure=False) resolv.nameservers = self.nameservers else: resolv = Resolver() resolv.search = [] resolv.lifetime = REQUEST_TIMEOUT_DNS * REQUEST_RETRIES_DNS resolv.timeout = REQUEST_TIMEOUT_DNS EDNS_PAYLOAD = 1232 resolv.use_edns(edns=True, ednsflags=0, payload=EDNS_PAYLOAD) if hasattr(resolv, 'resolve'): resolve = resolv.resolve else: resolve = resolv.query if self.option_geoip: geo = geoip() if self.option_phash: browser = HeadlessBrowser(useragent=self.useragent) _answer_to_list = lambda ans: sorted( [str(x).split(' ')[-1].rstrip('.') for x in ans]) while not self.kill_received: try: task = self.jobs.get(block=False) except queue.Empty: self.kill_received = True return domain = task.get('domain') dns_a = False dns_aaaa = False if self.option_extdns: nxdomain = False dns_ns = False dns_mx = False try: task['dns_ns'] = _answer_to_list( resolve(domain, rdtype=dns.rdatatype.NS)) dns_ns = True except NXDOMAIN: nxdomain = True except NoNameservers: task['dns_ns'] = ['!ServFail'] except DNSException as e: self._debug(e) if nxdomain is False: try: task['dns_a'] = _answer_to_list( resolve(domain, rdtype=dns.rdatatype.A)) dns_a = True except NoNameservers: task['dns_a'] = ['!ServFail'] except DNSException as e: self._debug(e) try: task['dns_aaaa'] = _answer_to_list( resolve(domain, rdtype=dns.rdatatype.AAAA)) dns_aaaa = True except NoNameservers: task['dns_aaaa'] = ['!ServFail'] except DNSException as e: self._debug(e) if nxdomain is False and dns_ns is True: try: task['dns_mx'] = _answer_to_list( resolve(domain, rdtype=dns.rdatatype.MX)) dns_mx = True except NoNameservers: task['dns_mx'] = ['!ServFail'] except DNSException as e: self._debug(e) else: try: ip = socket.getaddrinfo(domain, 80) except socket.gaierror as e: if e.errno == -3: task['dns_a'] = ['!ServFail'] except Exception as e: self._debug(e) else: task['dns_a'] = list() task['dns_aaaa'] = list() for j in ip: if '.' in j[4][0]: task['dns_a'].append(j[4][0]) if ':' in j[4][0]: task['dns_aaaa'].append(j[4][0]) task['dns_a'] = sorted(task['dns_a']) task['dns_aaaa'] = sorted(task['dns_aaaa']) dns_a = True dns_aaaa = True if self.option_mxcheck: if dns_mx is True: if domain != self.url.domain: if self._mxcheck(task['dns_mx'][0], self.url.domain, domain): task['mx_spy'] = True if self.option_geoip: if dns_a is True: try: country = geo.country_by_addr(task['dns_a'][0]) except Exception as e: self._debug(e) pass else: if country: task['geoip'] = country.split(',')[0] if self.option_banners: if dns_a is True: banner = self._banner_http(task['dns_a'][0], domain) if banner: task['banner_http'] = banner if dns_mx is True: banner = self._banner_smtp(task['dns_mx'][0]) if banner: task['banner_smtp'] = banner if self.option_phash or self.screenshot_dir: if dns_a or dns_aaaa: try: browser.get(self.url.full_uri(domain)) screenshot = browser.screenshot() except Exception as e: self._debug(e) else: if self.option_phash: phash = pHash(BytesIO(screenshot)) task['phash'] = self.phash_init - phash if self.screenshot_dir: filename = os.path.join( self.screenshot_dir, '{:08x}_{}.png'.format(self.id, domain)) try: with open(filename, 'wb') as f: f.write(screenshot) except Exception as e: self._debug(e) if self.option_ssdeep: if dns_a is True or dns_aaaa is True: try: r = UrlOpener( self.url.full_uri(domain), timeout=REQUEST_TIMEOUT_HTTP, headers={ 'User-Agent': self.useragent, 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9', 'Accept-Encoding': 'gzip,identity', 'Accept-Language': 'en-GB,en-US;q=0.9,en;q=0.8' }, verify=False) except Exception as e: self._debug(e) else: if r.url.split('?')[0] != self.ssdeep_effective_url: ssdeep_curr = ssdeep.hash(r.normalized_content) task['ssdeep'] = ssdeep.compare( self.ssdeep_init, ssdeep_curr) self.jobs.task_done()
def __init__(self, *args, **kwargs): super(CrimeFlare, self).__init__("http://www.crimeflare.com/") self.resolver = Resolver()
from dns.resolver import Resolver # make a system resolver using /etc/resolv.conf sys_r = Resolver() dns = ['ns1.dreamhost.com', 'ns2.dreamhost.com', 'ns3.dreamhost.com'] dreamhost_dns = [ item.address for server in dns for item in sys_r.query(server) ] # a resolver using dreamhost dns server dreamhost_r = Resolver() dreamhost_r.nameservers = dreamhost_dns answer = dreamhost_r.query('slobodensoftver.org.mk', 'mx') for mx in answer.rrset.items: print mx
def retrieveDNSRecords(db, domain): resolver = Resolver() resolver.timeout = 1 resolver.lifetime = 1 types = ["A", "MX", "NS", "AAAA", "SOA", "TXT"] timestamp = int(time()) print(colored("\n[*]-Retrieving DNS Records...", "yellow")) for type in types: try: answers = resolver.query(domain, type) for answer in answers: if type == "A": db.add( Record(domain=domain, type=type, value=answer.address, timestamp=timestamp)) if type == "MX": db.add( Record(domain=domain, type=type, value=answer.exchange.to_text()[:-1], timestamp=timestamp)) if type == "NS": db.add( Record(domain=domain, type=type, value=answer.target.to_text()[:-1], timestamp=timestamp)) if type == "AAAA": db.add( Record(domain=domain, type=type, value=answer.address, timestamp=timestamp)) if type == "SOA": db.add( Record(domain=domain, type=type, value=answer.mname.to_text()[:-1], timestamp=timestamp)) if type == "TXT": db.add( Record(domain=domain, type=type, value=str(answer), timestamp=timestamp)) try: db.commit() except (IntegrityError, FlushError): db.rollback() except Exception as e: pass for row in db.query(Record).filter(Record.domain == domain).order_by( Record.type): print(" \__ {0}: {1}".format(colored(row.type, "cyan"), colored(row.value, "yellow")))
def __init__(self, lookup_host): self.lookup_host = lookup_host self._listed = None self.resolver = Resolver() self.resolver.timeout = 0.2 self.resolver.lifetime = 1.0
def resolve_ip(domain): resolver = Resolver() resolver.nameservers = ['114.114.114.114', '119.29.29.29'] ip = resolver.query(domain).rrset.items[0] return ip
from urllib import urlencode from nylas.logging import get_logger from tldextract import extract as tld_extract import re log = get_logger('inbox.util.url') from inbox.providers import providers # http://www.regular-expressions.info/email.html EMAIL_REGEX = re.compile(r'[A-Z0-9._%+-]+@(?:[A-Z0-9-]+\.)+[A-Z]{2,4}', re.IGNORECASE) # Use Google's Public DNS server (8.8.8.8) GOOGLE_DNS_IP = '8.8.8.8' dns_resolver = Resolver() dns_resolver.nameservers = [GOOGLE_DNS_IP] class InvalidEmailAddressError(Exception): pass def _fallback_get_mx_domains(domain): """ Sometimes dns.resolver.Resolver fails to return what we want. See http://stackoverflow.com/questions/18898847. In such cases, try using dns.query.udp(). """ try:
def main(): print_banner() parser = cli_argument_parser() arguments = parser.parse(sys.argv[1:]) wordlist = [] word_list_types = [] default_wordlist = DEFAULT_WORDLIST_FILE if not arguments.stdin else None if arguments.stdin: word_list_types.append('stdin') wordlist.extend(list(line for line in sys.stdin.read().splitlines())) combined = get_combined_word_lists(arguments.wordlists or default_wordlist) word_list_types.append('wordlists: {}'.format( ', '.join(combined['file_paths']), )) wordlist.extend(combined['words']) if len(wordlist) == 0: print("[!] No words found in provided wordlists, unable to scan.") sys.exit(1) print("[+] Starting virtual host scan for {host} using " "port {port} and {inputs}".format( host=arguments.target_hosts, port=arguments.port, inputs=', '.join(word_list_types), )) user_agents = [] if arguments.user_agent: print('[>] User-Agent specified, using it.') user_agents = [arguments.user_agent] elif arguments.random_agent: print('[>] Random User-Agent flag set.') user_agents = load_random_user_agents() if (arguments.ssl): print("[>] SSL flag set, sending all results over HTTPS.") if (arguments.add_waf_bypass_headers): print("[>] WAF flag set, sending simple WAF bypass headers.") print("[>] Ignoring HTTP codes: {}".format(arguments.ignore_http_codes)) if (arguments.ignore_content_length > 0): print("[>] Ignoring Content length: {}".format( arguments.ignore_content_length)) if arguments.first_hit: print("[>] First hit is set.") if not arguments.no_lookup: for ip in Resolver().query(arguments.target_hosts, 'A'): host, aliases, ips = gethostbyaddr(str(ip)) wordlist.append(str(ip)) wordlist.append(host) wordlist.extend(aliases) scanner_args = vars(arguments) scanner_args.update({ 'target': arguments.target_hosts, 'wordlist': wordlist, 'user_agents': user_agents }) scanner = virtual_host_scanner(**scanner_args) scanner.scan() output = output_helper(scanner, arguments) print(output.output_normal_likely()) if (arguments.fuzzy_logic): print(output.output_fuzzy()) if (arguments.output_normal): output.write_normal(arguments.output_normal) print("\n[+] Writing normal ouptut to %s" % arguments.output_normal) if (arguments.output_json): output.output_json(arguments.output_json) print("\n[+] Writing json ouptut to %s" % arguments.output_json)
def main(self, *args): """ Main function """ ip = self.ip if self.host: try: ip = gethostbyname(self.host) except: raise InvalidTarget("Host not found.") self._check_stop() # reverse IP reversed_ip = ip.split(".") reversed_ip.reverse() reversed_ip = ".".join(reversed_ip) for blacklist in self.BLACKLISTS: self._check_stop() try: domain = "%s.%s" % (reversed_ip, blacklist) r = Resolver() r.lifetime = self.DNS_TIMEOUT result = r.query(domain, "A") if result and len(result) > 0: info = None # try to request a TXT record try: r = Resolver() r.lifetime = self.DNS_TIMEOUT result = r.query(domain, "TXT") if result and len(result) > 0: info = str(result[0]) if info[0] == "\"" and info[-1] == "\"": info = info[1:-1] except: pass message = "%s is blacklisted in %s" % (ip, blacklist) if info: message = "%s\nDetails: %s\n" % (message, info) self._write_result(message) except: pass self._check_stop() if not self.produced_output: self._write_result("Server is not listed in any known blocklist.")
if '200 OK' in response: print((Fore.GREEN + " [+]" + Fore.RESET) + " The Real IP is: %s." % ip) exit(1) if '301' in response: print((Fore.GREEN + " [+]" + Fore.RESET) + " The Real IP is: %s." % ip) exit(1) else: print((Fore.RED + " [-]" + Fore.RESET) + " %s is not the IP." % ip) if __name__ == "__main__": try: args = parse_args() sys_r = Resolver() domain = args.domain ns = put_file() dns = [ns] if args.subdomain == True: logotype() subdomain_tracking(domain) else: exit(1) first_scan() first_nc(domain) Checking_DNS(ns, dns) Checking_IP(domain) second_nc(domain) except KeyboardInterrupt: print("\n" * 80)
dict: the compiled pages of the simplate, keyed by content type (the first page gets the special key `subject`) """ r = {} with open(fpath, 'rb') as f: pages = list(split_and_escape(f.read().decode('utf8'))) for i, page in enumerate(pages, 1): tmpl = '\n' * page.offset + page.content content_type, renderer = parse_specline(page.header) key = 'subject' if i == 1 else content_type env = jinja_env_html if content_type == 'text/html' else jinja_env r[key] = SimplateLoader(fpath, tmpl).load(env, fpath) return r DNS = Resolver() DNS.cache = Cache() def normalize_email_address(email): """Normalize an email address. Returns: str: the normalized email address Raises: BadEmailAddress: if the address appears to be invalid BadEmailDomain: if the domain name is invalid """ # Remove any surrounding whitespace
def setUp(self): self.RC = RecordCache(100, "dns/ResolverTestCache.cache") #never written to self.res = Resolver(5, True, -1)
def dns_query(input="", query_type="", server="", timeout=2.0): """A unified IPv4 & IPv6 DNS lookup interface; this is essentially just a wrapper around dnspython's API. When you query a PTR record, you can use an IPv4 or IPv6 address (which will automatically be converted into an in-addr.arpa name. This wrapper only supports a subset of DNS records: 'A', 'AAAA', 'CNAME', 'MX', 'NS', 'PTR', and 'TXT' Kwargs: - input (str): A string containing the DNS record to lookup - query_type (str): A string containing the DNS record type (SOA not supported) - server (str): A string containing the fqdn or IP address of the dns server - timeout (float): DNS lookup timeout duration (default: 2.0 seconds) Returns: A set() of :class:`~ccp_util.DNSResponse` instances >>> from ciscoconfparse.ccp_util import dns_query >>> dns_query('www.pennington.net', 'A', '4.2.2.2') set([<DNSResponse 'A' result_str='65.19.187.2'>]) >>> answer = dns_query('www.pennington.net', 'A', '4.2.2.2') >>> str(answer.pop()) '65.19.187.2' >>> """ valid_records = set( ['A', 'AAAA', 'AXFR', 'CNAME', 'MX', 'NS', 'PTR', 'TXT']) query_type = query_type.upper() assert query_type in valid_records assert server != "" assert float(timeout) > 0 assert input != "" intput = input.strip() retval = set([]) resolver = Resolver() resolver.server = [socket.gethostbyname(server)] resolver.timeout = float(timeout) resolver.lifetime = float(timeout) start = time.time() if (query_type == "A") or (query_type == "AAAA"): try: answer = resolver.query(input, query_type) duration = time.time() - start for result in answer: response = DNSResponse(query_type=query_type, duration=duration, input=input, result_str=str(result.address)) retval.add(response) except DNSException as e: duration = time.time() - start response = DNSResponse(input=input, duration=duration, query_type=query_type) response.has_error = True response.error_str = e retval.add(response) elif query_type == "AXFR": """This is a hack: return text of zone transfer, instead of axfr objs""" _zone = zone.from_xfr(query.xfr(server, input, lifetime=timeout)) return [_zone[node].to_text(node) for node in _zone.nodes.keys()] elif query_type == "CNAME": try: answer = resolver.query(input, query_type) duration = time.time() - start for result in answer: response = DNSResponse(query_type=query_type, duration=duration, input=input, result_str=str(result.target)) retval.add(response) except DNSException as e: duration = time.time() - start response = DNSResponse(input=input, duration=duration, query_type=query_type) response.has_error = True response.error_str = e retval.add(response) elif query_type == "MX": try: answer = resolver.query(input, query_type) duration = time.time() - start for result in answer: response = DNSResponse(query_type=query_type, input=input, result_str=str(result.target)) response.preference = int(result.preference) retval.add(response) except DNSException as e: duration = time.time() - start response = DNSResponse(input=input, duration=duration, query_type=query_type) response.has_error = True response.error_str = e retval.add(response) elif query_type == "NS": try: answer = resolver.query(input, query_type) duration = time.time() - start for result in answer: response = DNSResponse(query_type=query_type, duration=duration, input=input, result_str=str(result.target)) retval.add(response) except DNSException as e: duration = time.time() - start response = DNSResponse(input=input, duration=duration, query_type=query_type) response.has_error = True response.error_str = e retval.add(response) elif query_type == "PTR": if is_valid_ipv4_addr(input) or is_valid_ipv6_addr(input): inaddr = reversename.from_address(input) elif 'in-addr.arpa' in input.lower(): inaddr = input else: raise ValueError('Cannot query PTR record for "{0}"'.format(input)) try: answer = resolver.query(inaddr, query_type) duration = time.time() - start for result in answer: response = DNSResponse(query_type=query_type, duration=duration, input=inaddr, result_str=str(result.target)) retval.add(response) except DNSException as e: duration = time.time() - start response = DNSResponse(input=input, duration=duration, query_type=query_type) response.has_error = True response.error_str = e retval.add(response) elif query_type == "TXT": try: answer = resolver.query(input, query_type) duration = time.time() - start for result in answer: response = DNSResponse(query_type=query_type, duration=duration, input=inaddr, result_str=str(result.strings)) retval.add(response) except DNSException as e: duration = time.time() - start response = DNSResponse(input=input, duration=duration, query_type=query_type) response.has_error = True response.error_str = e retval.add(response) return retval
def get_public_ip(): r = Resolver() r.nameservers = [socket.gethostbyname('resolver1.opendns.com')] return r.resolve('myip.opendns.com', 'A', search=True)[0].to_text()
def run(self): if self.option_extdns: if self.nameservers: resolv = Resolver(configure=False) resolv.nameservers = self.nameservers else: resolv = Resolver() resolv.search = [] resolv.lifetime = REQUEST_TIMEOUT_DNS * REQUEST_RETRIES_DNS resolv.timeout = REQUEST_TIMEOUT_DNS if hasattr(resolv, 'resolve'): resolve = resolv.resolve else: resolve = resolv.query while not self.kill_received: try: domain = self.jobs.get(block=False) except queue.Empty: self.kill_received = True return domain['domain-name'] = domain['domain-name'].encode( 'idna').decode() if self.option_extdns: nxdomain = False dns_ns = False dns_a = False dns_aaaa = False dns_mx = False try: domain['dns-ns'] = self.__answer_to_list( resolve(domain['domain-name'], rdtype=dns.rdatatype.NS)) dns_ns = True except NXDOMAIN: nxdomain = True pass except NoNameservers: domain['dns-ns'] = ['!ServFail'] pass except DNSException as e: self.__debug(e) pass if nxdomain is False: try: domain['dns-a'] = self.__answer_to_list( resolve(domain['domain-name'], rdtype=dns.rdatatype.A)) dns_a = True except NoNameservers: domain['dns-a'] = ['!ServFail'] pass except DNSException as e: self.__debug(e) pass try: domain['dns-aaaa'] = self.__answer_to_list( resolve(domain['domain-name'], rdtype=dns.rdatatype.AAAA)) dns_aaaa = True except NoNameservers: domain['dns-aaaa'] = ['!ServFail'] pass except DNSException as e: self.__debug(e) pass if nxdomain is False and dns_ns is True: try: domain['dns-mx'] = self.__answer_to_list( resolve(domain['domain-name'], rdtype=dns.rdatatype.MX)) dns_mx = True except NoNameservers: domain['dns-mx'] = ['!ServFail'] pass except DNSException as e: self.__debug(e) pass else: try: ip = socket.getaddrinfo(domain['domain-name'], 80) except socket.gaierror as e: if e.errno == -3: domain['dns-a'] = ['!ServFail'] pass except Exception as e: self.__debug(e) pass else: domain['dns-a'] = list() domain['dns-aaaa'] = list() for j in ip: if '.' in j[4][0]: domain['dns-a'].append(j[4][0]) if ':' in j[4][0]: domain['dns-aaaa'].append(j[4][0]) domain['dns-a'] = sorted(domain['dns-a']) domain['dns-aaaa'] = sorted(domain['dns-aaaa']) dns_a = True dns_aaaa = True if self.option_mxcheck: if dns_mx is True: if domain['domain-name'] != self.domain_init: if self.__mxcheck(domain['dns-mx'][0], self.domain_init, domain['domain-name']): domain['mx-spy'] = True if self.option_geoip: if dns_a is True: try: country = GeoIP.new( GeoIP.GEOIP_MEMORY_CACHE).country_name_by_addr( domain['dns-a'][0]) except Exception as e: self.__debug(e) pass else: if country: domain['geoip-country'] = country.split(',')[0] if self.option_banners: if dns_a is True: banner = self.__banner_http(domain['dns-a'][0], domain['domain-name']) if banner: domain['banner-http'] = banner if dns_mx is True: banner = self.__banner_smtp(domain['dns-mx'][0]) if banner: domain['banner-smtp'] = banner if self.option_ssdeep: if dns_a is True or dns_aaaa is True: try: req = requests.get( self.uri_scheme + '://' + domain['domain-name'] + self.uri_path + self.uri_query, timeout=REQUEST_TIMEOUT_HTTP, headers={'User-Agent': self.useragent}, verify=False) except Exception as e: self.__debug(e) pass else: if req.status_code // 100 == 2 and req.url.split( '?')[0] != self.ssdeep_effective_url: ssdeep_curr = ssdeep.hash(''.join( req.text.split()).lower()) domain['ssdeep-score'] = ssdeep.compare( self.ssdeep_init, ssdeep_curr) domain['domain-name'] = domain['domain-name'].encode().decode( 'idna') self.jobs.task_done()
def __init__(self, config): self.config = config self.resolver = Resolver() self.resolver.nameservers = self.config.get("RESOLVER", "resolver_ip").split(",") self.resolver.port = int(self.config.get("RESOLVER", "resolver_port"))
args = parser.parse_args() logging.basicConfig( level=getattr(logging, args.log_level.upper()), format='%(asctime)s - %(name)s - %(levelname)s - %(message)s', filename=(args.log_file if args.log_file != '-' else None)) if args.zone is None: args.zone = args.domain logging.info("Starting with arguments %s", args) c = Client(**(kwargs_from_env())) resolver = Resolver() resolver.nameservers = [args.server] if args.catchup: logging.info("Registering existing containers") containers = c.containers() for container in containers: register_container(container["Id"]) events = c.events(decode=True) for event in events: logging.debug("Event message: %s", repr(event)) if event['Action'] == "start": register_container(event['id']) elif event['Action'] == "die":
def setUp(self): self.resolver = Resolver(5, True, 0)