Add DNS resolving

2024-06-19 21:09:34 +02:00 · 2024-06-19 21:09:34 +02:00 · 2978fcbcba
commit 2978fcbcba
parent 816918f041
3 changed files with 38 additions and 5 deletions
--- a/config.py
+++ b/config.py
@ -11,3 +11,10 @@ VT_ATTRIBUTES_MAPPING = {
    'network': 'str',
    'ip': 'str'
 }
+
+#DNS_QUERIES_TYPE = ('A', 'MX', 'TXT')
+DNS_QUERIES_TYPE = {
+    'A': 'address',
+    'MX': ['exchange', 'preference'],
+    'TXT': 'strings',
+}
--- a/dnsinformations.py
+++ b/dnsinformations.py
@ -13,9 +13,10 @@ from tunneling import tunnelingDNSAttacks
 from config import VT_ATTRIBUTES_MAPPING
 import whois
 import dns.resolver
+from config import DNS_QUERIES_TYPE


-class DNS:
+class DNSInformations:
    def __init__(self, api_key):
        pass

@ -34,10 +35,24 @@ class DNS:
    def resolver(self, fqdn):
        report = dict()

-        res_query = dns.resolver.resolve(fqdn)
+        for t in DNS_QUERIES_TYPE.keys():
+            report[t] = self._resolving(fqdn, t, DNS_QUERIES_TYPE[t])
+        return report

+    def _resolving(self, fqdn, t, attr):
+        report = list()
+        res_query = dns.resolver.resolve(fqdn, t)
        for rdata in res_query:
-            print(rdata.target)
+            if isinstance(attr, list):
+                data = dict()
+                for a in attr:
+                    data[a] = getattr(rdata, a)
+                report.append(data)
+            else:
+                report.append({
+                    attr: getattr(rdata, attr)
+                })
+        return report

 def _getType(t):
    """
--- a/main.py
+++ b/main.py
@ -6,7 +6,7 @@ import requests
 import re
 from config import VT_ATTRIBUTES_MAPPING
 from vt import VT
-from dns import DNS
+from dnsinformations import DNSInformations as DNS


 def checkArguments():
@ -79,7 +79,18 @@ def main():
    if args.dns:
        dns = DNS(config['api_key'])

-        print("IP information:\n")
+        print("IP Informations:\n")
+        report = dns.resolver(args.dns)
+        for key in report.keys():
+            s = f"{key}: "
+            print(s)
+            for entry in report[key]:
+                for subkey in entry.keys():
+                    #print(f"\t{subkey}: {entry[subkey].decode()}")
+                    value = entry[subkey]
+                    if isinstance(value, bytes):
+                        value = value.decode()
+                    print(f"\t{subkey}: {value}")

        print("\nReport with Whois:\n")
        report = dns.whois(args.dns)