From 2978fcbcba366ddac4c5d9516a0663aded3b81c9 Mon Sep 17 00:00:00 2001
From: geoffrey <geoffrey.bucchino@protonmail.com>
Date: Wed, 19 Jun 2024 21:09:34 +0200
Subject: [PATCH] Add DNS resolving

---
 config.py                    |  7 +++++++
 dns.py => dnsinformations.py | 21 ++++++++++++++++++---
 main.py                      | 15 +++++++++++++--
 3 files changed, 38 insertions(+), 5 deletions(-)
 rename dns.py => dnsinformations.py (92%)

diff --git a/config.py b/config.py
index ab47c23..80b9c95 100644
--- a/config.py
+++ b/config.py
@@ -11,3 +11,10 @@ VT_ATTRIBUTES_MAPPING = {
     'network': 'str',
     'ip': 'str'
 }
+
+#DNS_QUERIES_TYPE = ('A', 'MX', 'TXT')
+DNS_QUERIES_TYPE = {
+    'A': 'address',
+    'MX': ['exchange', 'preference'],
+    'TXT': 'strings',
+}
diff --git a/dns.py b/dnsinformations.py
similarity index 92%
rename from dns.py
rename to dnsinformations.py
index e4b8374..9732672 100644
--- a/dns.py
+++ b/dnsinformations.py
@@ -13,9 +13,10 @@ from tunneling import tunnelingDNSAttacks
 from config import VT_ATTRIBUTES_MAPPING
 import whois
 import dns.resolver
+from config import DNS_QUERIES_TYPE
 
 
-class DNS:
+class DNSInformations:
     def __init__(self, api_key):
         pass
 
@@ -34,10 +35,24 @@ class DNS:
     def resolver(self, fqdn):
         report = dict()
 
-        res_query = dns.resolver.resolve(fqdn)
+        for t in DNS_QUERIES_TYPE.keys():
+            report[t] = self._resolving(fqdn, t, DNS_QUERIES_TYPE[t])
+        return report
 
+    def _resolving(self, fqdn, t, attr):
+        report = list()
+        res_query = dns.resolver.resolve(fqdn, t)
         for rdata in res_query:
-            print(rdata.target)
+            if isinstance(attr, list):
+                data = dict()
+                for a in attr:
+                    data[a] = getattr(rdata, a)
+                report.append(data)
+            else:
+                report.append({
+                    attr: getattr(rdata, attr)
+                })
+        return report
 
 def _getType(t):
     """
diff --git a/main.py b/main.py
index 39e0443..f01b0c1 100644
--- a/main.py
+++ b/main.py
@@ -6,7 +6,7 @@ import requests
 import re
 from config import VT_ATTRIBUTES_MAPPING
 from vt import VT
-from dns import DNS
+from dnsinformations import DNSInformations as DNS
 
 
 def checkArguments():
@@ -79,7 +79,18 @@ def main():
     if args.dns:
         dns = DNS(config['api_key'])
 
-        print("IP information:\n")
+        print("IP Informations:\n")
+        report = dns.resolver(args.dns)
+        for key in report.keys():
+            s = f"{key}: "
+            print(s)
+            for entry in report[key]:
+                for subkey in entry.keys():
+                    #print(f"\t{subkey}: {entry[subkey].decode()}")
+                    value = entry[subkey]
+                    if isinstance(value, bytes):
+                        value = value.decode()
+                    print(f"\t{subkey}: {value}")
 
         print("\nReport with Whois:\n")
         report = dns.whois(args.dns)