Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Whois Protocol Support (using rdap) #1354

Merged
merged 9 commits into from
Dec 16, 2021
Merged

Whois Protocol Support (using rdap) #1354

merged 9 commits into from
Dec 16, 2021

Conversation

parrasajad
Copy link
Contributor

@parrasajad parrasajad commented Dec 10, 2021
edited
Loading

Proposed changes

Checklist

  • Pull request is created against the dev branch
  • All checks passed (lint, unit/integration/regression tests etc.) with my changes
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)

@parrasajad
Copy link
Contributor Author

parrasajad commented Dec 10, 2021
edited
Loading

basic example template:

id: basic-whois-example

info:
  name: test template for WHOIS
  author: pdteam
  severity: info

whois:
  - query: "{{Host}}"
    extractors:
      - type: kval
        kval:
          - "expiration date"
          - "registrar"

@parrasajad parrasajad linked an issue Dec 13, 2021 that may be closed by this pull request
Whois protocol support #798
Closed
@parrasajad parrasajad marked this pull request as ready for review December 13, 2021 06:54
@Ice3man543 Ice3man543 self-requested a review December 13, 2021 09:44
Ice3man543
Ice3man543 approved these changes Dec 13, 2021
View reviewed changes
Copy link
Member

@Ice3man543 Ice3man543 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm!

@Ice3man543
Copy link
Member

Also, we should consider adding support for Debug mode whois response since currently no additional info is printed when running rdap protocol templates with -debug flag.

ehsandeep
ehsandeep requested changes Dec 14, 2021
View reviewed changes
Copy link
Member

@ehsandeep ehsandeep left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As @Ice3man543 suggested, we can add support for debug/debug-req/debug-resp flag.

@ehsandeep ehsandeep changed the title RDAP Whois Protocol Support (using rdap) Dec 15, 2021
@ehsandeep ehsandeep merged commit 5200bcd into dev Dec 16, 2021
@ehsandeep ehsandeep deleted the rdap branch December 16, 2021 11:38
@geeknik
Copy link
Contributor

geeknik commented Dec 21, 2021

Will there be support for querying whois/rdap servers directly? For example:

[WRN] [basic-whois-example] Could not execute request for aeda.net.ae: could not make whois request: No RDAP servers found for 'aeda.net.ae'

However, if I use the posix whois tool like so: whois -I aeda.net.ae, we see that whois.aeda.net.ae is queried successfully and returns useful data:

whois -I aeda.net.ae
% IANA WHOIS server
% for more information on IANA, visit http://www.iana.org
% This query returned 1 object

refer:        whois.aeda.net.ae

domain:       AE

organisation: Telecommunications and Digital Government Regulatory Authority (TDRA)
address:      P.O. Box 116688
address:      Dubai
address:      United Arab Emirates

contact:      administrative
**SNIP**

@parrasajad
Copy link
Contributor Author

We can specify a custom rdap domain (server) to query in the template

Example template:

id: basic-whois-example

info:
  name: test template for WHOIS
  author: pdteam
  severity: info

whois:
  - query: "{{Host}}"
    server: https://rdap.namecheap.com
    extractors:
      - type: kval
        kval:
          - "expiration date"
          - "registrar"

@geeknik
Copy link
Contributor

geeknik commented Dec 22, 2021

That's great. Is there a chance we can define the custom rdap server as an environmental variable so we don't have to maintain 200+ templates?

@ehsandeep
Copy link
Member

That's great. Is there a chance we can define the custom rdap server as an environmental variable so we don't have to maintain 200+ templates?

that's a great idea, ENV variable, and CLI flag to feed custom whois server to use will ease the process. cc @parrasajad

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ehsandeep ehsandeep ehsandeep approved these changes

@Ice3man543 Ice3man543 Ice3man543 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Whois protocol support
4 participants
@parrasajad @Ice3man543 @geeknik @ehsandeep