continue
all_names = set()
all_names.add(name)
all_names.add(real_name)
all_names.update(aliaslist)
for name in all_names:
if name and name not in visited:
visited.add(name)
with warnings.catch_warnings():
warnings.filterwarnings("ignore")
in_scope = name in Config.audit_scope
if not in_scope:
Logger.log_more_verbose("Hostname out of scope: %s" % name)
continue
data = Domain(name)
data.add_resource(info)
results.append(data)
for ip in addresslist:
with warnings.catch_warnings():
warnings.filterwarnings("ignore")
in_scope = ip in Config.audit_scope
if not in_scope:
Logger.log_more_verbose("IP address out of scope: %s" % ip)
continue
d = IP(ip)
data.add_resource(d)
results.append(d)
text = "Found %d emails and %d hostnames for keyword %r"
text = text % (len(all_emails), len(all_hosts), word)
if len(all_emails) + len(all_hosts) > 0:
all_names = set()
all_names.add(name)
all_names.add(real_name)
all_names.update(aliaslist)
for name in all_names:
if name and name not in visited:
visited.add(name)
with warnings.catch_warnings():
warnings.filterwarnings("ignore")
in_scope = name in Config.audit_scope
if not in_scope:
Logger.log_more_verbose("Hostname out of scope: %s" %
name)
continue
data = Domain(name)
data.add_resource(info)
results.append(data)
for ip in addresslist:
with warnings.catch_warnings():
warnings.filterwarnings("ignore")
in_scope = ip in Config.audit_scope
if not in_scope:
Logger.log_more_verbose(
"IP address out of scope: %s" % ip)
continue
d = IP(ip)
data.add_resource(d)
results.append(d)
text = "Found %d emails and %d hostnames for keyword %r"
text = text % (len(all_emails), len(all_hosts), word)
def recv_info(self, info):
# Get the root domain only.
root = info.root
# Skip localhost.
if root == "localhost":
return
# Skip if the root domain is out of scope.
if root not in Config.audit_scope:
return
# Skip root domains we've already processed.
if self.state.put(root, True):
return
# Attempt a DNS zone transfer.
ns_servers, results = DNS.zone_transfer(
root, ns_allowed_zone_transfer = True)
# On failure, skip.
if not results:
Logger.log_verbose(
"DNS zone transfer failed, server %r not vulnerable"
% root)
return
# Create a Domain object for the root domain.
domain = Domain(root)
# Associate all the results with the root domain.
map(domain.add_information, results)
# Add the root domain to the results.
results.append(domain)
# We have a vulnerability on each of the nameservers involved.
msg = "DNS zone transfer successful, "
if len(ns_servers) > 1:
msg += "%d nameservers for %r are vulnerable!"
msg %= (len(ns_servers), root)
else:
msg += "nameserver for %r is vulnerable!" % root
Logger.log(msg)
# If we don't have the name servers...
if not ns_servers:
# Link the vulnerability to the root domain instead.
vulnerability = DNSZoneTransfer(root)
vulnerability.add_resource(domain)
results.append(vulnerability)
# If we have the name servers...
else:
# Create a vulnerability for each nameserver in scope.
for ns in ns_servers:
# Instance the vulnerability object.
vulnerability = DNSZoneTransfer(ns)
# Instance a Domain or IP object.
try:
resource = IP(ns)
except ValueError:
resource = Domain(ns)
# Associate the resource to the root domain.
domain.add_resource(resource)
# Associate the nameserver to the vulnerability.
vulnerability.add_resource(resource)
# Add both to the results.
results.append(resource)
results.append(vulnerability)
# Return the results.
return results
def recv_info(self, info):
# Get the root domain only.
root = info.root
# Skip localhost.
if root == "localhost":
return
# Skip if the root domain is out of scope.
if root not in Config.audit_scope:
return
# Skip root domains we've already processed.
if self.state.put(root, True):
return
# Attempt a DNS zone transfer.
ns_servers, results = DNS.zone_transfer(root,
ns_allowed_zone_transfer=True)
# On failure, skip.
if not results:
Logger.log_verbose(
"DNS zone transfer failed, server %r not vulnerable" % root)
return
# Create a Domain object for the root domain.
domain = Domain(root)
# Associate all the results with the root domain.
map(domain.add_information, results)
# Add the root domain to the results.
results.append(domain)
# We have a vulnerability on each of the nameservers involved.
msg = "DNS zone transfer successful, "
if len(ns_servers) > 1:
msg += "%d nameservers for %r are vulnerable!"
msg %= (len(ns_servers), root)
else:
msg += "nameserver for %r is vulnerable!" % root
Logger.log(msg)
# If we don't have the name servers...
if not ns_servers:
# Link the vulnerability to the root domain instead.
vulnerability = DNSZoneTransfer(root)
vulnerability.add_resource(domain)
results.append(vulnerability)
# If we have the name servers...
else:
# Create a vulnerability for each nameserver in scope.
for ns in ns_servers:
# Instance the vulnerability object.
vulnerability = DNSZoneTransfer(ns)
# Instance a Domain or IP object.
try:
resource = IP(ns)
except ValueError:
resource = Domain(ns)
# Associate the resource to the root domain.
domain.add_resource(resource)
# Associate the nameserver to the vulnerability.
vulnerability.add_resource(resource)
# Add both to the results.
results.append(resource)
results.append(vulnerability)
# Return the results.
return results
