MISP
/
misp-modules
mirror of https://github.com/MISP/misp-modules
2
0
Fork 0
Code Issues Releases Wiki Activity

MISP dns expansion module

Browse Source
alternate_response
Alexandre Dulaunoy 7 years ago
parent 707233b940
commit 03dbfb1d2b
1 changed files with 30 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 30
      modules/expansion/dns.py

30
modules/expansion/dns.py
Unescape View File

@ -0,0 +1,30 @@
import json
import dns.resolver
mispattributes = ['hostname', 'domain']
def handler(q=False):
if q is False:
return False
request = json.loads(q)
if request.get('hostname'):
toquery = request['hostname']
elif request.get('domain'):
toquery = request['domain']
else:
return False
r = dns.resolver.Resolver()
r.nameservers = ['8.8.8.8']
try:
answer = r.query(toquery, 'A')
except dns.resolver.NXDOMAIN:
return False
except dns.exception.Timeout:
return False
r = {}
r["ip-dst"] = str(answer[0])
return r
def introspection():
return mispattributes
Write Preview
Loading…
Cancel
Save