passivedns-client 2.0.2 → 2.0.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 9e141cbc5d84ea9c25ee8c207db9c7758869117e
-  data.tar.gz: 81c70c9a9a4c272133c4e33a2e043fab650fd00a
+  metadata.gz: 47032e96af18547a42a6f394a674c15d304bdb90
+  data.tar.gz: 9ac2529bfa59e287053789922bca5075d094e689
 SHA512:
-  metadata.gz: fffadc8b47040b55d25255cf62ab2b8f2498a8a39d89caa1812da37944da266f411cf9b384cb1f6ab70718ac106811313a0d4987c792487919f239ad388bc4ed
-  data.tar.gz: d0592a94d6f4cec71afdf55d3cccedf1cfc1fe8ecf17cc3f3d746d92b184a694e3c1e1655c17d03f3972a63bc56de433d3cb7ec9eb067172d02183f7c7ff4a5b
+  metadata.gz: 6365b198cdfe54f1f2dfedbbead44141e9b4d810370a7dce786131006e06f120b47b41c72b430527ff27c0391098c71fe2a87a3185d993205471cd1036ebad90
+  data.tar.gz: b8cbf892878c90cb0bbe7bbf29d24ebf7f0512bfa7721bc4cfbec674268b42cc50423af4a4d39b3800fa8639870f8b2435a23b18b58b01fb01a51c63bc5a9ad6

data/README.md

@@ -1,6 +1,16 @@
 # PassiveDNS::Client
 
-This rubygem queries 7 major Passive DNS databases: BFK, CERTEE, DNSParse, DNSDB, VirusTotal, PassiveDNS.cn, and Mnemonic.
+This rubygem queries the following Passive DNS databases: 
+
+* BFK.de
+* CIRCL
+* DNSDB (FarSight)
+* Mnemonic
+* PassiveDNS.cn (Qihoo 360 Technology Co.,Ltd)
+* PassiveTotal
+* TCPIPUtils
+* VirusTotal
+
 Passive DNS is a technique where IP to hostname mappings are made by recording the answers of other people's queries.  
 
 There is a tool included, pdnstool, that wraps a lot of the functionality that you would need.
@@ -39,13 +49,24 @@ From version 2.0.0 on, all configuration keys for passive DNS providers are in o
 	APIKEY = 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
 	[mnemonic]
 	APIKEY = 01234567890abcdef01234567890abcdef012345
+	[passivetotal]
+	APIKEY = 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
+	[CIRCL]
+	USERNAME = circl_user
+	PASSWORD = circl_pass
+
+CIRCL also can use and authorization token.  In that case, you should drop the USERNAME and PASSWORD options and change the section to something like the following:
+
+	[CIRCL]
+	AUTH_TOKEN = 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
 
 ## Getting Access
 * 360.cn : http://www.passivedns.cn
 * BFK.de : No registration required, but please, please ready their usage policy at http://www.bfk.de/bfk_dnslogger.html
-* CERT-EE : No registration required
+* CIRCL : https://www.circl.lu/services/passive-dns/
 * DNSDB (Farsight Security) : https://api.dnsdb.info/
 * Mnemonic : mss .at. mnemonic.no
+* PassiveTotal : https://www.passivetotal.org
 * TCPIPUtils : http://www.tcpiputils.com/premium-access
 * VirusTotal : https://www.virustotal.com
 
@@ -56,34 +77,40 @@ From version 2.0.0 on, all configuration keys for passive DNS providers are in o
 	c = PassiveDNS::Client.new(['bfk','dnsdb']) # providers: bfk, tcpiputils, certee, dnsdb, virustotal, passivedns.cn, mnemonic
 	results = c.query("example.com")
 	
-Or use the included tool!
 
-	Usage: bin/pdnstool [-d [bedvt3m]] [-g|-v|-m|-c|-x|-y|-j|-t] [-os <sep>] [-f <file>] [-r#|-w#|-v] [-l <count>] <ip|domain|cidr>
-	  -dbedvt3m uses all of the available passive dns databases
-	  -db use BFK
-	  -de use CERT-EE (default)
-	  -dd use DNSDB (formerly ISC)
-	  -dv use VirusTotal
+Or use the included tool...
+
+	Usage: bin/pdnstool [-d [3bcdmptv]] [-g|-v|-m|-c|-x|-y|-j|-t] [-os <sep>] [-f <file>] [-r#|-w#|-v] [-l <count>] <ip|domain|cidr>
+	Passive DNS Providers  -d3bcdmptv uses all of the available passive dns database
+	  -d3 use 360.cn
+	  -db use BFK.de
+	  -dc use CIRCL
+	  -dd use DNSDB
+	  -dm use Mnemonic
+	  -dp use PassiveTotal
 	  -dt use TCPIPUtils
-	  -d3 use 360.cn (www.passivedns.cn)
-	  -dm uses Mnemonic (passivedns.mnemonic.no)
+	  -dv use VirusTotal
 	  -dvt uses VirusTotal and TCPIPUtils (for example)
-
-	  -g outputs a link-nodal GDF visualization definition
-	  -v outputs a link-nodal graphviz visualization definition
-	  -m output a link-nodal graphml visualization definition
-	  -c outputs CSV
-	  -x outputs XML
-	  -y outputs YAML
-	  -j outputs JSON
-	  -t outputs ASCII text (default)
+	  
+	Output Formatting
+	  -g link-nodal GDF visualization definition
+	  -v link-nodal graphviz visualization definition
+	  -m link-nodal graphml visualization definition
+	  -c CSV
+	  -x XML
+	  -y YAML
+	  -j JSON
+	  -t ASCII text (default)
 	  -s <sep> specifies a field separator for text output, default is tab
-
+	  
+	State and Recusion
 	  -f[file] specifies a sqlite3 database used to read the current state - useful for large result sets and generating graphs of previous runs.
 	  -r# specifies the levels of recursion to pull. **WARNING** This is quite taxing on the pDNS servers, so use judiciously (never more than 3 or so) or find yourself blocked!
 	  -w# specifies the amount of time to wait, in seconds, between queries (Default: 0)
-	  -v outputs debugging information
 	  -l <count> limits the number of records returned per passive dns database queried.
+	  
+	Getting Help
+	  -v debugging information
 
 ## Writing Your Own Database Adaptor
 

data/lib/passivedns/client/cli.rb

@@ -156,6 +156,7 @@ module PassiveDNS
     	help_text << "  -l <count> limits the number of records returned per passive dns database queried.\n"
     	help_text << "\n"
       help_text << "Getting Help\n"
+      help_text << "  -h hello there.  This option produces this helpful help information on how to access help.\n"
     	help_text << "  -v debugging information\n"
       
     	help_text

data/lib/passivedns/client/{bfk.rb → providers/bfk.rb}

@@ -1,5 +1,4 @@
 require 'open-uri'
-require_relative 'passivedb'
 
 module PassiveDNS
 	class BFK < PassiveDB

data/lib/passivedns/client/{circl.rb → providers/circl.rb}

@@ -3,7 +3,6 @@
 require 'net/http'
 require 'net/https'
 require 'openssl'
-require 'pp'
 
 module PassiveDNS
 	class Circl < PassiveDB
@@ -22,7 +21,7 @@ module PassiveDNS
     
     attr_accessor :debug
 		def initialize(options={})
-      @debug = options[:debug] || true
+      @debug = options[:debug] || false
       @username = options["USERNAME"]
       @password = options["PASSWORD"]
       @auth_token = options["AUTH_TOKEN"]

data/lib/passivedns/client/{cn360.rb → providers/cn360.rb}

@@ -3,7 +3,6 @@ require 'net/https'
 require 'openssl'
 require 'json'
 require 'digest/md5'
-require_relative 'passivedb'
 
 module PassiveDNS
   class CN360 < PassiveDB

data/lib/passivedns/client/{dnsdb.rb → providers/dnsdb.rb}

@@ -3,7 +3,6 @@
 # to request an API key, please email dnsdb-api at farsightsecurity dot com.
 require 'net/http'
 require 'net/https'
-require_relative 'passivedb'
 
 module PassiveDNS
 	class DNSDB < PassiveDB

data/lib/passivedns/client/version.rb

@@ -1,5 +1,5 @@
 module PassiveDNS
   class Client
-    VERSION = "2.0.2"
+    VERSION = "2.0.3"
   end
 end

data/lib/passivedns/client.rb

@@ -6,24 +6,23 @@ require "passivedns/client/version"
 require 'passivedns/client/state'
 require 'passivedns/client/passivedb'
 
-require 'passivedns/client/bfk'
-require 'passivedns/client/circl'
-require 'passivedns/client/cn360'
-require 'passivedns/client/dnsdb'
-require 'passivedns/client/mnemonic'
-require 'passivedns/client/passivetotal'
-require 'passivedns/client/tcpiputils'
-require 'passivedns/client/virustotal'
+# load all the providers
+$passivedns_providers = Array.new
+provider_path = File.dirname(__FILE__)+"/client/providers/*.rb"
+Dir.glob(provider_path).each do |provider|
+  name = File.basename(provider, '.rb')
+  require "passivedns/client/providers/#{name}.rb"
+  $passivedns_providers << name
+end
 
 require 'configparser'
-require 'pp'
 
 module PassiveDNS
 
 	class PDNSResult < Struct.new(:source, :response_time, :query, :answer, :rrtype, :ttl, :firstseen, :lastseen, :count); end
 
 	class Client
-		def initialize(pdns=['bfk','dnsdb','virustotal','tcpiputils','cn360','mnemonic','passivetotal','CIRCL'], configfile="#{ENV['HOME']}/.passivedns-client")
+		def initialize(pdns=$passivedns_providers, configfile="#{ENV['HOME']}/.passivedns-client")
       cp = ConfigParser.new(configfile)
       # this creates a map of all the PassiveDNS provider names and their classes
       class_map = {}

data/test/test_passivedns-client.rb

@@ -65,25 +65,6 @@ class TestPassiveDnsQuery < Minitest::Test
     refute_nil(rows.to_yaml)
 	end
 	
-	def test_CERTEE
-		PassiveDNS::Client.new(['certee'])
-    d = PassiveDNS::CERTEE.new(@cp['certee'] || {})
-    refute_nil(d)
-		rows = d.lookup("sim.cert.ee",3)
-		refute_nil(rows)
-		refute_nil(rows.to_s)
-		refute_nil(rows.to_xml)
-		refute_nil(rows.to_json)
-		refute_nil(rows.to_yaml)
-    assert_equal(3, rows.length)
-    rows = d.lookup("8.8.8.8")
-    refute_nil(rows)
-    refute_nil(rows.to_s)
-    refute_nil(rows.to_xml)
-    refute_nil(rows.to_json)
-    refute_nil(rows.to_yaml)
-	end
-
 	def test_DNSDB
 		PassiveDNS::Client.new(['dnsdb'])
     d = PassiveDNS::DNSDB.new(@cp['dnsdb'] || {})

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: passivedns-client
 version: !ruby/object:Gem::Version
-  version: 2.0.2
+  version: 2.0.3
 platform: ruby
 authors:
 - chrislee35
@@ -125,18 +125,18 @@ files:
 - Rakefile
 - bin/pdnstool
 - lib/passivedns/client.rb
-- lib/passivedns/client/bfk.rb
-- lib/passivedns/client/circl.rb
 - lib/passivedns/client/cli.rb
-- lib/passivedns/client/cn360.rb
-- lib/passivedns/client/dnsdb.rb
-- lib/passivedns/client/mnemonic.rb
 - lib/passivedns/client/passivedb.rb
-- lib/passivedns/client/passivetotal.rb
+- lib/passivedns/client/providers/bfk.rb
+- lib/passivedns/client/providers/circl.rb
+- lib/passivedns/client/providers/cn360.rb
+- lib/passivedns/client/providers/dnsdb.rb
+- lib/passivedns/client/providers/mnemonic.rb
+- lib/passivedns/client/providers/passivetotal.rb
+- lib/passivedns/client/providers/tcpiputils.rb
+- lib/passivedns/client/providers/virustotal.rb
 - lib/passivedns/client/state.rb
-- lib/passivedns/client/tcpiputils.rb
 - lib/passivedns/client/version.rb
-- lib/passivedns/client/virustotal.rb
 - passivedns-client.gemspec
 - test/helper.rb
 - test/test_passivedns-client.rb