RubyGems - passivedns-client - Versions diffs - 1.3.2 → 1.4.0 - Mend

passivedns-client 1.3.2 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/README.md +13 -0
data/bin/pdnstool +9 -6
data/lib/passivedns/client.rb +4 -3
data/lib/passivedns/client/cn360.rb +83 -0
data/lib/passivedns/client/version.rb +1 -1
data/test/test_passivedns-client.rb +26 -0
metadata +3 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: cde5271625d34d5936db557dd2d91d7a4eff23bd
-  data.tar.gz: b119c8deccbc64b2b174cdb58af80e399e420e33
+  metadata.gz: 6b56440dfbab8244d4d4d1561de2b3e9eb9ce74e
+  data.tar.gz: 9de3ca69fbeb821d673e459b9d3937ae44e9c4e2
 SHA512:
-  metadata.gz: 7558c0115c300fbb8f6fead3ae4035dacbd9262d273599c541c1e8ed82aa29f0db1b072fc9f3256c9bc469ef87d3446f8d02d2360b84e4c9a2133aacc5c9c6a4
-  data.tar.gz: db8efada307bb6d5df8a8eacf6138a8e60b08b5cc85bf7db80e564e406b87bb6fc7c34f3aca743546ef11ff066bff5f8eefeb2f1ab984a479493ee7ccc5467aa
+  metadata.gz: 5dcbcd4fbe695618c6321abb1804bc67b6483dec14cc12ca5163c7701577e23c8461de8bd8dd3171b1b29b0478fd79c2c4d926ee4a6567da0f921e97c1d2cd91
+  data.tar.gz: 19221b3e2408b293d4de1876af80fe53110403ba9d2152ea164e7416a1f7bd53428a46e07f92be231d9a9679dbfea9e42365468e8c7286b4e2a48fd9ae8d22e1

data/README.md CHANGED Viewed

@@ -53,6 +53,19 @@ TCPIPUtils's (http://www.tcpiputils.com/premium-access) passive DNS database req
   01234567890abcdef01234567890abcdef01234567890abcdef01234567890abcdef
+### PassiveDNS.cn from 360.cn
+PassiveDNS.cn (http://www.passivedns.cn) requires an API ID and and API KEY, which is obtainable by creating an account and sending an email to request an API key.
+The configuration file can be in /etc/flint.conf (flint is the name of their tool, which is available at <a href='https://github.com/360netlab/flint'>https://github.com/360netlab/flint</a>) or in $HOME/.flint.conf (which is my preference).
+The file must have three lines and looks like:
+  API = http://some.web.address.for.their.api
+  API_ID = a username that is given when you register
+  API_KEY = a long and random password of sorts that is used along with the page request to generate a per page API key
 ## Usage
 	require 'passivedns-client'

data/bin/pdnstool CHANGED Viewed

@@ -50,12 +50,13 @@ end
 def usage
 	puts "Usage: #{$0} [-d [bedvt]] [-g|-v|-m|-c|-x|-y|-j|-t] [-os <sep>] [-f <file>] [-r#|-w#|-v] [-l <count>] <ip|domain|cidr>"
-	puts "  -dbedvt uses all of the available passive dns databases"
-	puts "  -db only use BFK"
-	puts "  -de only use CERT-EE (default)"
-	puts "  -dd only use DNSDB (formerly ISC)"
-	puts "  -dv only use VirusTotal"
-  puts "  -dt only use TCPIPUtils"
+	puts "  -dbedvt3 uses all of the available passive dns databases"
+	puts "  -db use BFK"
+	puts "  -de use CERT-EE (default)"
+	puts "  -dd use DNSDB (formerly ISC)"
+	puts "  -dv use VirusTotal"
+  puts "  -dt use TCPIPUtils"
+  puts "  -d3 use 360.cn (www.passivedns.cn)"
   puts "  -dvt uses VirusTotal and TCPIPUtils (for example)"
 	puts ""
 	puts "  -g outputs a link-nodal GDF visualization definition"
@@ -128,6 +129,8 @@ opts.each do |opt, arg|
     		pdnsdbs << "virustotal"
       when 't'
         pdnsdbs << "tcpiputils"
+      when '3'
+        pdnsdbs << "cn360"
       else
         raise "Unknown passive DNS database identifier: #{c}"
       end

data/lib/passivedns/client.rb CHANGED Viewed

@@ -8,6 +8,7 @@ require 'passivedns/client/certee.rb'
 require 'passivedns/client/dnsdb.rb'
 require 'passivedns/client/virustotal.rb'
 require 'passivedns/client/tcpiputils.rb'
+require 'passivedns/client/cn360.rb'
 require 'passivedns/client/state.rb'
 module PassiveDNS
@@ -15,7 +16,7 @@ module PassiveDNS
 	class PDNSResult < Struct.new(:source, :response_time, :query, :answer, :rrtype, :ttl, :firstseen, :lastseen, :count); end
 	class Client
-		def initialize(pdns=['bfk','certee','dnsdb','virustotal','tcpiputils'])
+		def initialize(pdns=['bfk','certee','dnsdb','virustotal','tcpiputils','cn360'])
 			@pdnsdbs = []
 			pdns.uniq.each do |pd|
 				case pd
@@ -23,8 +24,6 @@ module PassiveDNS
 					@pdnsdbs << PassiveDNS::BFK.new
 				when 'certee'
 					@pdnsdbs << PassiveDNS::CERTEE.new
-        #when 'dnsparse'
-				#	@pdnsdbs << PassiveDNS::DNSParse.new
 				when 'dnsdb'
 					@pdnsdbs << PassiveDNS::DNSDB.new
 				when 'isc'
@@ -33,6 +32,8 @@ module PassiveDNS
 					@pdnsdbs << PassiveDNS::VirusTotal.new
         when 'tcpiputils'
 					@pdnsdbs << PassiveDNS::TCPIPUtils.new
+        when 'cn360'
+					@pdnsdbs << PassiveDNS::CN360.new
 				else
 					raise "Unknown Passive DNS provider: #{pd}"
 				end

data/lib/passivedns/client/cn360.rb ADDED Viewed

@@ -0,0 +1,83 @@
+require 'net/http'
+require 'net/https'
+require 'openssl'
+require 'json'
+require 'digest/md5'
+require 'configparser'
+require 'pp'
+# Please read http://www.tcpiputils.com/terms-of-service under automated requests
+module PassiveDNS
+  class CN360
+    attr_accessor :debug
+    def initialize(configfile="#{ENV["HOME"]}/.flint.conf")
+      @debug = false
+      if not File.exist?(configfile)
+        if not File.exist?("/etc/flint.conf")
+          raise "Cannot find a configuration file at #{configfile} or /etc/flint.conf"
+        end
+        configfile = "/etc/flint.conf"
+      end
+      @cp = ConfigParser.new(configfile)
+      if not @cp["API"]
+        raise "Field, API, is required in the configuration file.  It should specify the URL of the JSON Web API."
+      end
+      if not @cp["API_ID"]
+        raise "Field, API_ID, is required in the configuration file.  It should specify the user ID for the API key."
+      end
+      if not @cp["API_KEY"]
+        raise "Field, API_KEY, is required in the configuration file.  It should specify the API key."
+      end
+    end
+    def parse_json(page,query,response_time=0)
+			res = []
+			# need to remove the json_class tag or the parser will crap itself trying to find a class to align it to
+			data = JSON.parse(page)
+      data.each do |row|
+        time_first = (row["time_first"]) ? Time.at(row["time_first"].to_i) : nil
+        time_last = (row["time_last"]) ? Time.at(row["time_last"].to_i) : nil
+        count = row["count"] || 0
+        res << PDNSResult.new('cn360', response_time, row["rrname"], row["rdata"], row["rrtype"], time_first, time_last, count)
+			end
+			res
+		rescue Exception => e
+			$stderr.puts "360.cn Exception: #{e}"
+			raise e
+    end
+    def lookup(label, limit=10000)
+      table = "rrset"
+      if label =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/ or label =~ /^[0-9a-fA-F]+:[0-9a-fA-F:]+[0-9a-fA-F]$/
+        table = "rdata"
+      end
+      limit ||= 10000
+      path = "/api/#{table}/keyword/#{label}/count/#{limit}/"
+      url = @cp["API"]+path
+			url = URI.parse url
+			http = Net::HTTP.new(url.host, url.port)
+			http.use_ssl = (url.scheme == 'https')
+			http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+			http.verify_depth = 5
+			request = Net::HTTP::Get.new(url.path)
+			request.add_field("User-Agent", "Ruby/#{RUBY_VERSION} passivedns-client rubygem v#{PassiveDNS::Client::VERSION}")
+      request.add_field('Accept', 'application/json')
+      request.add_field("X-BashTokid", @cp["API_ID"])
+      token = Digest::MD5.hexdigest(path+@cp["API_KEY"])
+			$stderr.puts "DEBUG: cn360 url = #{url} token = #{token}" if @debug
+      request.add_field("X-BashToken", token)
+			t1 = Time.now
+			response = http.request(request)
+			t2 = Time.now
+			recs = parse_json(response.body, label, t2-t1)
+      if limit
+        recs[0,limit]
+      else
+        recs
+      end
+    end
+  end
+end

data/lib/passivedns/client/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module PassiveDNS
   class Client
-    VERSION = "1.3.2"
+    VERSION = "1.4.0"
   end
 end

data/test/test_passivedns-client.rb CHANGED Viewed

@@ -141,4 +141,30 @@ class TestPassiveDnsQuery < Test::Unit::TestCase
     assert_not_nil(rows.to_json)
     assert_not_nil(rows.to_yaml)
   end
+  def test_cn360
+    assert_not_nil(PassiveDNS::CN360.new)
+    assert_nothing_raised do
+      PassiveDNS::Client.new(['cn360'])
+    end
+    rows = PassiveDNS::CN360.new.lookup("example.org")
+    assert_not_nil(rows)
+    assert_not_nil(rows.to_s)
+    assert_not_nil(rows.to_xml)
+    assert_not_nil(rows.to_json)
+    assert_not_nil(rows.to_yaml)
+    rows = PassiveDNS::CN360.new.lookup("example.org",3)
+    assert_not_nil(rows)
+    assert_not_nil(rows.to_s)
+    assert_not_nil(rows.to_xml)
+    assert_not_nil(rows.to_json)
+    assert_not_nil(rows.to_yaml)
+    assert_equal(3, rows.length)
+    rows = PassiveDNS::CN360.new.lookup("8.8.8.8")
+    assert_not_nil(rows)
+    assert_not_nil(rows.to_s)
+    assert_not_nil(rows.to_xml)
+    assert_not_nil(rows.to_json)
+    assert_not_nil(rows.to_yaml)
+  end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: passivedns-client
 version: !ruby/object:Gem::Version
-  version: 1.3.2
+  version: 1.4.0
 platform: ruby
 authors:
 - chrislee35
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-09-23 00:00:00.000000000 Z
+date: 2014-09-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: json
@@ -99,6 +99,7 @@ files:
 - lib/passivedns/client.rb
 - lib/passivedns/client/bfk.rb
 - lib/passivedns/client/certee.rb
+- lib/passivedns/client/cn360.rb
 - lib/passivedns/client/dnsdb.rb
 - lib/passivedns/client/state.rb
 - lib/passivedns/client/tcpiputils.rb