CIRCL
/
lookyloo
mirror of https://github.com/CIRCL/lookyloo
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: Improve DNS resolution

pull/573/head
Raphaël Vinot 2023-01-16 15:50:10 +01:00
parent ae59b59071
commit 1e563ff345
1 changed files with 22 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
lookyloo/capturecache.py
View File

@ -428,30 +428,32 @@ class CapturesIndex(Mapping):
_all_ips = set() _all_ips = set()
for node in ct.root_hartree.hostname_tree.traverse(): for node in ct.root_hartree.hostname_tree.traverse():
if node.name not in host_cnames or node.name not in host_ips: if node.name not in host_cnames or node.name not in host_ips:
host_cnames[node.name] = ''
host_ips[node.name] = {'v4': set(), 'v6': set()}
# Resolve and cache # Resolve and cache
try: for query_type in [dns.rdatatype.RdataType.A, dns.rdatatype.RdataType.AAAA]:
for query_type in [dns.rdatatype.RdataType.A, dns.rdatatype.RdataType.AAAA]: try:
response = dns.resolver.resolve(node.name, query_type, search=True, raise_on_no_answer=False) response = dns.resolver.resolve(node.name, query_type, search=True, raise_on_no_answer=False)
for answer in response.response.answer: except Exception as e:
name_to_cache = str(answer.name).rstrip('.') self.logger.warning(f'Unable to resolve DNS: {e}')
if name_to_cache not in host_ips: continue
host_ips[name_to_cache] = {'v4': set(), 'v6': set()} for answer in response.response.answer:
name_to_cache = str(answer.name).rstrip('.')
if name_to_cache not in host_ips:
host_ips[name_to_cache] = {'v4': set(), 'v6': set()}
if answer.rdtype == dns.rdatatype.RdataType.CNAME: if answer.rdtype == dns.rdatatype.RdataType.CNAME:
host_cnames[name_to_cache] = str(answer[0].target).rstrip('.') host_cnames[name_to_cache] = str(answer[0].target).rstrip('.')
else: else:
host_cnames[name_to_cache] = '' host_cnames[name_to_cache] = ''
if answer.rdtype == dns.rdatatype.RdataType.A:
_all_ips.update({str(b) for b in answer})
host_ips[name_to_cache]['v4'].update({str(b) for b in answer})
elif answer.rdtype == dns.rdatatype.RdataType.AAAA:
_all_ips.update({str(b) for b in answer})
host_ips[name_to_cache]['v6'].update({str(b) for b in answer})
if answer.rdtype == dns.rdatatype.RdataType.A:
_all_ips.update({str(b) for b in answer})
host_ips[name_to_cache]['v4'].update({str(b) for b in answer})
elif answer.rdtype == dns.rdatatype.RdataType.AAAA:
_all_ips.update({str(b) for b in answer})
host_ips[name_to_cache]['v6'].update({str(b) for b in answer})
except Exception as e:
self.logger.exception(f'Unable to resolve DNS: {e}')
host_cnames[node.name] = ''
host_ips[name_to_cache] = {'v4': set(), 'v6': set()}
if (cnames := _build_cname_chain(host_cnames, node.name)): if (cnames := _build_cname_chain(host_cnames, node.name)):
node.add_feature('cname', cnames) node.add_feature('cname', cnames)
if cnames[-1] in host_ips: if cnames[-1] in host_ips: