def do_pdns_query(self, obj): """Perform a passive DNS lookup on the query value.""" client = self._generate_request_instance('dns') query = self._get_query_type(obj) results = client.get_passive_dns(query=query) self._check_response(results) results = DnsResponse(results) for record in results.get_records(): stats = { 'First Seen': record.firstSeen, 'Last Seen': record.lastSeen, 'Sources': ','.join(record.source) } self._add_result('Passive DNS', record.resolve, stats)
def call_dns(args): """Abstract call to DNS-based queries.""" client = DnsRequest.from_config() pruned = prune_args(query=args.query, end=args.end, start=args.start, timeout=args.timeout, sources=args.sources) if args.unique: data = DnsResponse.process(client.get_unique_resolutions(**pruned)) else: data = DnsResponse.process(client.get_passive_dns(**pruned)) return data
def write_output(results, arguments): """Format data based on the type. :param results: Result data from one of the various calls :param arguments: Supplied arguments from the CLI :return: Formatted list of output data """ if arguments.cmd == 'pdns': if not arguments.format: arguments.format = 'table' if not arguments.unique: data = DnsResponse.process(results) else: data = DnsUniqueResponse.process(results) data = [getattr(data, arguments.format)] elif arguments.cmd == 'whois': if not arguments.format: arguments.format = 'text' if not arguments.field: tmp = WhoisResponse.process(results) data = [getattr(tmp, arguments.format)] else: data = list() results = WhoisSearchResponse(results) for record in results.get_records(): data.append(getattr(record, arguments.format)) elif arguments.cmd == 'ssl': if not arguments.format: arguments.format = 'text' if not arguments.type: tmp = SslResponse.process(results) data = [getattr(tmp, arguments.format)] elif arguments.type == 'search': data = list() for record in results.get('records', []): tmp = SslResponse.process(record) data.append(getattr(tmp, arguments.format)) else: tmp = SslHistoryResponse.process(results) data = [getattr(tmp, arguments.format)] elif arguments.cmd == 'attribute': if not arguments.format: arguments.format = 'table' tmp = AttributeResponse.process(results) data = [getattr(tmp, arguments.format)] else: return [str(results)] return data
def main(): """Perform a passive DNS lookup and save the output.""" if len(sys.argv) <= 1: print "Usage: python pdns_multiput <query>" sys.exit(1) query = sys.argv[1] output_formats = ['json', 'xml', 'stix', 'csv', 'table'] client = DnsRequest.from_config() raw_results = client.get_passive_dns(query=query) pdns_results = DnsResponse(raw_results) for format_type in output_formats: save_location = "/tmp/%s.pdns.%s" % (query, format_type) tmp = open(save_location, "w") tmp.write(getattr(pdns_results, format_type)) tmp.close() print "Saved results inside of /tmp/%s" % (query)