def handle_data(self):
for subdomain, cname_list in self.cname_block_dict.items():
if (self.check_cdn(cname_list, self.target_domain)):
cname_list.append("Yes")
else:
cname_list.append("No")
self.cname_block_dict[subdomain] = cname_list
for subdomain, ip_list in self.ip_all_dict.items():
for ip in ip_list:
iptype = IP(ip).iptype()
if (iptype != 'PUBLIC'):
self.ip_all_dict[subdomain] = "{iptype}({ip})".format(
iptype=iptype, ip=ip)
else:
try:
key_yes = self.cname_block_dict[subdomain][-1]
except KeyError:
key_yes = "No"
if (key_yes == "No"):
CIP = (IP(ip).make_net("255.255.255.0"))
if CIP in self.ip_flag_dict:
self.ip_flag_dict[CIP] = self.ip_flag_dict[CIP] + 1
else:
self.ip_flag_dict[CIP] = 1
if CIP in self.active_ip_dict:
active_ip_list = self.active_ip_dict[CIP]
if (ip not in active_ip_list):
active_ip_list.append(ip)
else:
active_ip_list = [ip]
self.active_ip_dict[CIP] = active_ip_list
def init_pool(pool):
"""
Initialize a pool of ipv4 addresses for NAT64
"""
ip = IP(pool)
for x in ip:
if x != ip.broadcast() and x != ip.net():
p_hosts.append(x.strNormal())
def init_pool(pool):
"""
Initialize a pool of ipv4 addresses for NAT64
"""
ip = IP(pool)
for x in ip:
if x != ip.broadcast() and x != ip.net():
p_hosts.append(x.strNormal())
def __get_target_from_line(self):
'''
get target from cmd line by --u(target)
'''
try:
ips = IP(self.args.target)
self.__target_total = len(ips)
for ip in ips:
self.queue_target.put({'ip':str(ip),'port':self.args.port,'os':''})
return True
except Exception, ex:
self.print_result("[-]Fail to get target:%s" % ex.message)
return False
def load_dns(filename):
if filename is not None:
try:
r = open(filename, "rb")
for row in csv.reader(r):
try:
IP(row[1])
dns_hosts[row[0]] = row[1]
except:
pass
r.close()
return "Success"
except IOError:
return "IO Error"
fake_records = dict()
for record in self.server.nametodns:
fake_records[record] = self.findnametodns(qname,self.server.nametodns[record])
# Check if there is a fake record for the current request qtype
if qtype in fake_records and fake_records[qtype]:
fake_record = fake_records[qtype]
response = DNSRecord(DNSHeader(id=d.header.id, bitmap=d.header.bitmap,qr=1, aa=1, ra=1), q=d.q)
print "[%s] %s: cooking the response of type '%s' for %s to %s" % (time.strftime("%H:%M:%S"), self.client_address[0], qtype, qname, fake_record)
# IPv6 needs additional work before inclusion:
if qtype == "AAAA":
ipv6 = IP(fake_record)
ipv6_bin = ipv6.strBin()
ipv6_hex_tuple = [int(ipv6_bin[i:i+8],2) for i in xrange(0,len(ipv6_bin),8)]
response.add_answer(RR(qname, QTYPE[qtype], rdata=RDMAP[qtype](ipv6_hex_tuple)))
elif qtype == "SOA":
mname,rname,t1,t2,t3,t4,t5 = fake_record.split(" ")
times = tuple([int(t) for t in [t1,t2,t3,t4,t5]])
# dnslib doesn't like trailing dots
if mname[-1] == ".": mname = mname[:-1]
if rname[-1] == ".": rname = rname[:-1]
response.add_answer(RR(qname, QTYPE[qtype], rdata=RDMAP[qtype](mname,rname,times)))
elif qtype == "NAPTR":
def deweighting_subdomain(self):
temp_list = list()
for subdomain, ip_list in self.ip_block_dict.items():
ip_str = str(sorted(ip_list))
if ip_str not in self.black_ip_dict.keys():
if (self.ip_count_dict.__contains__(ip_str)):
self.ip_subdomain_dict[ip_str].append(subdomain)
if (self.ip_count_dict[ip_str] > config.ip_max_count):
temp_list.append(subdomain)
else:
self.ip_count_dict[
ip_str] = self.ip_count_dict[ip_str] + 1
else:
self.ip_subdomain_dict[ip_str] = [subdomain]
self.ip_count_dict[ip_str] = 1
for ip in ip_list:
if ip in config.waiting_fliter_ip:
temp_list.append(subdomain)
if (IP(ip).iptype() != 'PUBLIC'):
temp_list.append(subdomain)
else:
temp_list.append(subdomain)
for ip_str, count in self.ip_count_dict.items():
if (count > 10):
i = 0
subdomain_list = self.ip_subdomain_dict[ip_str]
min_subdomain = reduce(
lambda x, y: x if len(x) < len(y) else y, subdomain_list)
for subdomain in subdomain_list:
if ("." + min_subdomain in subdomain):
i = i + 1
if (i > 10):
self.black_ip_dict[ip_str] = subdomain_list
break
for subdomain_list in self.black_ip_dict.values():
temp_list.extend(subdomain_list)
for subdomain in temp_list:
try:
del self.ip_all_dict[subdomain]
except Exception:
pass
try:
del self.cname_block_dict[subdomain]
self.white_filter_subdomain.add(subdomain)
except Exception:
pass
try:
del self.ip_block_dict[subdomain]
except Exception:
pass
self.found_count = self.ip_all_dict.__len__()
self.ip_all_dict.update(self.ip_block_dict)
for subdomain, ip_list in self.ip_block_dict.items():
if (subdomain.count(".") < self.level):
self.queue_sub.put(subdomain)
self.ip_block_dict.clear()