-
Notifications
You must be signed in to change notification settings - Fork 236
/
Copy pathdns.py
executable file
·61 lines (50 loc) · 1.73 KB
/
dns.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
import json
import dns.resolver
misperrors = {'error': 'Error'}
mispattributes = {'input': ['hostname', 'domain', 'domain|ip'], 'output': ['ip-src',
'ip-dst']}
moduleinfo = {'version': '0.2', 'author': 'Alexandre Dulaunoy',
'description': 'Simple DNS expansion service to resolve IP address from MISP attributes',
'module-type': ['expansion', 'hover']}
moduleconfig = ['nameserver']
def handler(q=False):
if q is False:
return False
request = json.loads(q)
if request.get('hostname'):
toquery = request['hostname']
elif request.get('domain'):
toquery = request['domain']
elif request.get('domain|ip'):
toquery = request['domain|ip'].split('|')[0]
else:
return False
r = dns.resolver.Resolver()
r.timeout = 2
r.lifetime = 2
if request.get('config'):
if request['config'].get('nameserver'):
nameservers = []
nameservers.append(request['config'].get('nameserver'))
r.nameservers = nameservers
else:
r.nameservers = ['8.8.8.8']
try:
answer = r.query(toquery, 'A')
except dns.resolver.NXDOMAIN:
misperrors['error'] = "NXDOMAIN"
return misperrors
except dns.exception.Timeout:
misperrors['error'] = "Timeout"
return misperrors
except Exception:
misperrors['error'] = "DNS resolving error"
return misperrors
r = {'results': [{'types': mispattributes['output'],
'values':[str(answer[0])]}]}
return r
def introspection():
return mispattributes
def version():
moduleinfo['config'] = moduleconfig
return moduleinfo