def run(self, params={}):
timeout = params.get(Input.TIMEOUT)
output = checkdmarc.check_domains([params.get(Input.DOMAIN)], timeout=timeout, skip_tls=True)
try:
clean_output = helper.clean(json.loads(json.dumps(output)))
except Exception as e:
raise PluginException(cause="Unexpected response from server", assistance=e)
return {Output.REPORT: clean_output}
def test_has_email_security_records(domain):
result = checkdmarc.check_domains([domain])
assert result["spf"]["valid"], f"{domain} has missing/invalid SPF record"
assert result["dmarc"][
"valid"], f"{domain} has missing/invalid DMARC record"
# https://cyber.dhs.gov/bod/18-01/#where-should-dmarc-reports-be-sent
reporting_addrs = [
val["address"] for val in result["dmarc"]["tags"]["rua"]["value"]
]
assert any(addr == "*****@*****.**"
for addr in reporting_addrs)
def dmarc_check(self, domainname, approved_nameservers,
approved_mx_hostnames):
domainlist = []
domainlist.append(domainname)
rsp = checkdmarc.check_domains(
domainlist,
approved_nameservers=approved_nameservers,
approved_mx_hostnames=approved_mx_hostnames)
ns = rsp["ns"]
if ns["warnings"]:
ns_warnings = ns["warnings"]
for warning in ns_warnings:
self.add_remark_warning(warning, "DNS CHECKS")
mx = rsp["mx"]
hosts = mx["hosts"]
for host in hosts:
if host["tls"] == False:
tls_compliance = [{
'host_name': host["hostname"],
'tls_status': 'non_compliant',
'error': None
}]
self.add_remark_warning("TLS is not compliant",
"TLS COMPLIANCE")
if mx["warnings"]:
mx_warnings = mx["warnings"]
for warning in mx_warnings:
self.add_remark_warning(warning, "DNS CHECK")
dmarc = rsp["dmarc"]
if "error" in dmarc:
error = dmarc["error"]
dmarc_compliance = [{
'domain': domainname,
'dmarc_status': 'non_compliant',
'error': error
}]
self.add_remark_warning("Dmarc is not compliant:" + dmarc["error"],
"DNS CHECKS")
else:
dmarc_compliance = [{
'domain': domainname,
'dmarc_status': 'compliant',
'error': None
}]
self.add_remark_ok(
"DMARC DNS record has been published (Compliant)",
"DNS CHECKS")
def scan_domain(domain):
scan_results = {
'A': get_record(domain, 'A'),
'AAAA': get_record(domain, 'AAAA'),
'TXT': get_record(domain, 'TXT'),
'DMARC': check_domains([domain])
}
domain_data = {'domain': domain, 'scan_results': scan_results}
# following print statement should be replaced by push to elastic
print(json.dumps(domain_data))
current_app.logger.debug(domain_data)
return 'OK'
def check():
form = CheckDmarcForm()
domains = []
results = []
if form.validate_on_submit():
nameservers = dns.resolver.Resolver().nameservers
domains.append(form.domain.data)
form.domain.data = None
results = checkdmarc.check_domains(
domains,
nameservers=nameservers,
include_dmarc_tag_descriptions=True,
)
return render_template('check.html', form=form, results=results)
def full_check(domain, skip_tls=True, timeout=None):
nameservers = os.getenv('NAMESERVERS', None)
if nameservers:
nameservers = nameservers.split(",")
res = checkdmarc.check_domains([domain],
skip_tls=skip_tls,
nameservers=nameservers)
output = OrderedDict()
output['_about'] = "For questions: mailto:[email protected]. Data produced "\
"using https://domainaware.github.io/checkdmarc/index.html"
output['_version'] = f"checkdmarc {checkdmarc.__version__} (from pip)"
output['_nameservers'] = nameservers
# We do this to make sure "about" is put first in the merged ordered dict
output.update(res)
return output
def testKnownGood(self):
"""Domains with known SPF and DMARC records"""
results = checkdmarc.check_domains(known_good_domains)
for domain in results:
spf_error = None
dmarc_error = None
if "error" in domain["spf"]:
spf_error = domain["spf"]["error"]
if "error" in domain["dmarc"]:
dmarc_error = domain["dmarc"]["error"]
self.assertEqual(domain["spf"]["valid"], True,
"Known good domain {0} failed SPF check:"
"\n\n{0}".format(domain["domain"], spf_error))
self.assertEqual(domain["dmarc"]["valid"], True,
"Known good domain {0} failed DMARC check:"
"\n\n{1}".format(domain["domain"], dmarc_error))
def get_domains(domain):
print("==== Domains ====")
dmarc = {}
try:
dmarc = checkdmarc.check_domains(domain,
timeout=10.0,
nameservers=["8.8.8.8", "1.1.1.1"])
if len(dmarc) > 0:
print(dmarc)
else:
print("None found")
except Exception as e:
print('Error with ' + domain)
print(e)
print("\n")
def testKnownGood(self):
"""Domains with known good STARTTLS support, SPF and DMARC records"""
results = checkdmarc.check_domains(known_good_domains)
for result in results:
spf_error = None
dmarc_error = None
for mx in result["mx"]["hosts"]:
self.assertEqual(
mx["starttls"], True,
"MX host of known good domain {0} failed STARTTLS check:"
"\n\n{0}".format(result["domain"], mx["hostname"])
)
if "error" in result["spf"]:
spf_error = result["spf"]["error"]
if "error" in result["dmarc"]:
dmarc_error = result["dmarc"]["error"]
self.assertEqual(result["spf"]["valid"], True,
"Known good domain {0} failed SPF check:"
"\n\n{0}".format(result["domain"], spf_error))
self.assertEqual(result["dmarc"]["valid"], True,
"Known good domain {0} failed DMARC check:"
"\n\n{1}".format(result["domain"], dmarc_error))
def get_info(self, data):
try:
result = checkdmarc.check_domains(data.split())
except Exception as e:
self.error(e)
return {"DomainMailSPFDMARC": dict(result)}
async def check_domain(domain: str, response: Response):
response.headers["Access-Control-Allow-Origin"] = "*"
return checkdmarc.check_domains([domain], include_dmarc_tag_descriptions=True)
def get_info(self, data):
try:
result = checkdmarc.check_domains(data.split())
except ValueError:
print("Explotioooooooo")
return {"DomainMailSPFDMARC": dict(result)}
#!/usr/bin/python3
import checkdmarc, argparse, json, shutil, os
Parser = argparse.ArgumentParser(description='To check DNS.')
Parser.add_argument('-d', '--domain')
Args = Parser.parse_args()
if Args.domain:
print('[+] Retrieving details for domain: ' + Args.domain + '.')
domains = [Args.domain]
results = checkdmarc.check_domains(domains)
print(results['base_domain'])
output_dict = json.dumps(results, indent=4, sort_keys=True)
json_dict = json.loads(output_dict)
print(output_dict)
NS_Hosts = json_dict['ns']['hostnames']
MX_Hosts = json_dict['mx']['hosts']
DMARC_Record = json_dict['dmarc']['record']a
DMARC_Location = json_dict['dmarc']['location']
DMARC_Valid = json_dict['dmarc']['valid']
DNSSEC_Enabled = json_dict['dnssec']
SPF_Record = json_dict['spf']['record']
SPF_Valid = json_dict['spf']['valid']
print('-' * shutil.get_terminal_size().columns)
print("NS Information:")
print('-' * shutil.get_terminal_size().columns)
if NS_Hosts: