mirror of https://github.com/MISP/misp-modules
dns MISP module - option to specify nameserver added
parent
39f3c3b0f8
commit
45d5743374
|
@ -1,9 +1,14 @@
|
||||||
import json
|
import json
|
||||||
import dns.resolver
|
import dns.resolver
|
||||||
|
|
||||||
misperrors = {'error' : 'Error'}
|
misperrors = {'error': 'Error'}
|
||||||
mispattributes = {'input': ['hostname', 'domain'], 'output': ['ip-src', 'ip-dst']}
|
mispattributes = {'input': ['hostname', 'domain'], 'output': ['ip-src',
|
||||||
moduleinfo = {'version': '0.1', 'author': 'Alexandre Dulaunoy', 'description': 'Simple DNS expansion service to resolve IP address from MISP attributes', 'module-type': ['expansion','hover']}
|
'ip-dst']}
|
||||||
|
moduleinfo = {'version': '0.2', 'author': 'Alexandre Dulaunoy',
|
||||||
|
'description': 'Simple DNS expansion service to resolve IP address from MISP attributes',
|
||||||
|
'module-type': ['expansion', 'hover']}
|
||||||
|
|
||||||
|
moduleconfig = ['nameserver']
|
||||||
|
|
||||||
|
|
||||||
def handler(q=False):
|
def handler(q=False):
|
||||||
|
@ -19,7 +24,15 @@ def handler(q=False):
|
||||||
r = dns.resolver.Resolver()
|
r = dns.resolver.Resolver()
|
||||||
r.timeout = 2
|
r.timeout = 2
|
||||||
r.lifetime = 2
|
r.lifetime = 2
|
||||||
r.nameservers = ['8.8.8.8']
|
|
||||||
|
if request.get('config'):
|
||||||
|
if request['config'].get('nameserver'):
|
||||||
|
nameservers = []
|
||||||
|
nameservers.append(request['config'].get('nameserver'))
|
||||||
|
r.nameservers = nameservers
|
||||||
|
else:
|
||||||
|
r.nameservers = ['8.8.8.8']
|
||||||
|
|
||||||
try:
|
try:
|
||||||
answer = r.query(toquery, 'A')
|
answer = r.query(toquery, 'A')
|
||||||
except dns.resolver.NXDOMAIN:
|
except dns.resolver.NXDOMAIN:
|
||||||
|
@ -31,7 +44,9 @@ def handler(q=False):
|
||||||
except:
|
except:
|
||||||
misperrors['error'] = "DNS resolving error"
|
misperrors['error'] = "DNS resolving error"
|
||||||
return misperrors
|
return misperrors
|
||||||
r = {'results': [{'types': mispattributes['output'], 'values':[str(answer[0])]}]}
|
|
||||||
|
r = {'results': [{'types': mispattributes['output'],
|
||||||
|
'values':[str(answer[0])]}]}
|
||||||
return r
|
return r
|
||||||
|
|
||||||
|
|
||||||
|
@ -40,4 +55,5 @@ def introspection():
|
||||||
|
|
||||||
|
|
||||||
def version():
|
def version():
|
||||||
|
moduleinfo['config'] = moduleconfig
|
||||||
return moduleinfo
|
return moduleinfo
|
||||||
|
|
Loading…
Reference in New Issue