gbucchino/baoSOC
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add DNS resolving

Browse Source
This commit is contained in:
geoffrey 2024-06-19 21:09:34 +02:00
parent 816918f041
commit 2978fcbcba
3 changed files with 38 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
config.py
View File

@ -11,3 +11,10 @@ VT_ATTRIBUTES_MAPPING = {
'network': 'str', 'network': 'str',
'ip': 'str' 'ip': 'str'
} }
#DNS_QUERIES_TYPE = ('A', 'MX', 'TXT')
DNS_QUERIES_TYPE = {
'A': 'address',
'MX': ['exchange', 'preference'],
'TXT': 'strings',
}

21
dns.py → dnsinformations.py
View File

@ -13,9 +13,10 @@ from tunneling import tunnelingDNSAttacks
from config import VT_ATTRIBUTES_MAPPING from config import VT_ATTRIBUTES_MAPPING
import whois import whois
import dns.resolver import dns.resolver
from config import DNS_QUERIES_TYPE
class DNS: class DNSInformations:
def __init__(self, api_key): def __init__(self, api_key):
pass pass
@ -34,10 +35,24 @@ class DNS:
def resolver(self, fqdn): def resolver(self, fqdn):
report = dict() report = dict()
res_query = dns.resolver.resolve(fqdn) for t in DNS_QUERIES_TYPE.keys():
report[t] = self._resolving(fqdn, t, DNS_QUERIES_TYPE[t])
return report
def _resolving(self, fqdn, t, attr):
report = list()
res_query = dns.resolver.resolve(fqdn, t)
for rdata in res_query: for rdata in res_query:
print(rdata.target) if isinstance(attr, list):
data = dict()
for a in attr:
data[a] = getattr(rdata, a)
report.append(data)
else:
report.append({
attr: getattr(rdata, attr)
})
return report
def _getType(t): def _getType(t):
""" """

15
main.py
View File

@ -6,7 +6,7 @@ import requests
import re import re
from config import VT_ATTRIBUTES_MAPPING from config import VT_ATTRIBUTES_MAPPING
from vt import VT from vt import VT
from dns import DNS from dnsinformations import DNSInformations as DNS
def checkArguments(): def checkArguments():
@ -79,7 +79,18 @@ def main():
if args.dns: if args.dns:
dns = DNS(config['api_key']) dns = DNS(config['api_key'])
print("IP information:\n") print("IP Informations:\n")
report = dns.resolver(args.dns)
for key in report.keys():
s = f"{key}: "
print(s)
for entry in report[key]:
for subkey in entry.keys():
#print(f"\t{subkey}: {entry[subkey].decode()}")
value = entry[subkey]
if isinstance(value, bytes):
value = value.decode()
print(f"\t{subkey}: {value}")
print("\nReport with Whois:\n") print("\nReport with Whois:\n")
report = dns.whois(args.dns) report = dns.whois(args.dns)