def do_pdns_query(self, obj):
"""Perform a passive DNS lookup on the query value."""
client = self._generate_request_instance('dns')
query = self._get_query_type(obj)
results = client.get_passive_dns(query=query)
self._check_response(results)
results = DnsResponse(results)
for record in results.get_records():
stats = {
'First Seen': record.firstSeen,
'Last Seen': record.lastSeen,
'Sources': ','.join(record.source)
}
self._add_result('Passive DNS', record.resolve, stats)
def main():
"""Perform a passive DNS lookup and save the output."""
if len(sys.argv) <= 1:
print "Usage: python pdns_multiput <query>"
sys.exit(1)
query = sys.argv[1]
output_formats = ['json', 'xml', 'stix', 'csv', 'table']
client = DnsRequest.from_config()
raw_results = client.get_passive_dns(query=query)
pdns_results = DnsResponse(raw_results)
for format_type in output_formats:
save_location = "/tmp/%s.pdns.%s" % (query, format_type)
tmp = open(save_location, "w")
tmp.write(getattr(pdns_results, format_type))
tmp.close()
print "Saved results inside of /tmp/%s" % (query)
