passivedns-client 2.1.3 → 2.1.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/passivedns/client.rb +6 -1
- data/lib/passivedns/client/provider/passivetotal.rb +22 -9
- data/lib/passivedns/client/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 58add2933d802aa99d5d5869b7c77c27b3afc66c
|
|
4
|
+
data.tar.gz: 79241aee015fcc1efc1b86e2d12245b29986f83b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2c2d5bff3b1ea9f5f21bc91f8352ce63d8172c74a4d22cf7e52952097ac5d7b528ea493b65a8487c48c0c6845992d2bbd9880c08b7c9f8232bc371af27aed1c1
|
|
7
|
+
data.tar.gz: 1848f7cac439362ba083693c5b382b7e89301634923e0d342c5c9eb7272b476e138cb1a4d75d78e147cb0d432646cd1492a60417e090a7374c36b7eae8d33ba2
|
data/lib/passivedns/client.rb
CHANGED
|
@@ -28,7 +28,12 @@ module PassiveDNS # :nodoc:
|
|
|
28
28
|
# pdns array of passivedns provider names, e.g., ["dnsdb","virustotal"]
|
|
29
29
|
# configfile filename of the passivedns-client configuration (this should probably be abstracted)
|
|
30
30
|
def initialize(pdns=$passivedns_providers, configfile="#{ENV['HOME']}/.passivedns-client")
|
|
31
|
-
cp =
|
|
31
|
+
cp = {}
|
|
32
|
+
if File.exist?(configfile)
|
|
33
|
+
cp = ConfigParser.new(configfile)
|
|
34
|
+
else
|
|
35
|
+
$stderr.puts "Could not find config file at #{configfile}. Using a blank configuration."
|
|
36
|
+
end
|
|
32
37
|
# this creates a map of all the PassiveDNS provider names and their classes
|
|
33
38
|
class_map = {}
|
|
34
39
|
PassiveDNS::Provider.constants.each do |const|
|
|
@@ -3,6 +3,7 @@
|
|
|
3
3
|
require 'net/http'
|
|
4
4
|
require 'net/https'
|
|
5
5
|
require 'openssl'
|
|
6
|
+
require 'pp'
|
|
6
7
|
|
|
7
8
|
module PassiveDNS #:nodoc: don't document this
|
|
8
9
|
# The Provider module contains all the Passive DNS provider client code
|
|
@@ -27,22 +28,33 @@ module PassiveDNS #:nodoc: don't document this
|
|
|
27
28
|
# === Options
|
|
28
29
|
# * :debug Sets the debug flag for the module
|
|
29
30
|
# * "APIKEY" REQUIRED: The API key associated with PassiveTotal
|
|
30
|
-
# * "URL" Alternate url for testing. Defaults to "https://www.passivetotal.org/api/passive"
|
|
31
|
+
# * "URL" Alternate url for testing. Defaults to "https://www.passivetotal.org/api/v1/passive"
|
|
31
32
|
#
|
|
32
33
|
# === Example Instantiation
|
|
33
34
|
#
|
|
34
35
|
# options = {
|
|
35
36
|
# :debug => true,
|
|
36
37
|
# "APIKEY" => "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
|
|
37
|
-
# "URL" => "https://www.passivetotal.org/api/passive"
|
|
38
|
+
# "URL" => "https://www.passivetotal.org/api/v1/passive"
|
|
38
39
|
# }
|
|
40
|
+
|
|
41
|
+
# or
|
|
42
|
+
#
|
|
43
|
+
# options = {
|
|
44
|
+
# :debug => true,
|
|
45
|
+
# "APIKEY" => "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
|
|
46
|
+
# "API_VERSION" => "current"
|
|
47
|
+
# }
|
|
48
|
+
#
|
|
49
|
+
# then
|
|
39
50
|
#
|
|
40
51
|
# PassiveDNS::Provider::PassiveTotal.new(options)
|
|
41
52
|
#
|
|
42
53
|
def initialize(options={})
|
|
43
54
|
@debug = options[:debug] || false
|
|
44
55
|
@apikey = options["APIKEY"] || raise("#{self.class.name} requires an APIKEY")
|
|
45
|
-
@
|
|
56
|
+
@version = options["API_VERSION"] || "v1"
|
|
57
|
+
@url = options["URL"] || "https://www.passivetotal.org/api/#{@version}/passive"
|
|
46
58
|
end
|
|
47
59
|
|
|
48
60
|
# Takes a label (either a domain or an IP address) and returns
|
|
@@ -50,16 +62,16 @@ module PassiveDNS #:nodoc: don't document this
|
|
|
50
62
|
def lookup(label, limit=nil)
|
|
51
63
|
$stderr.puts "DEBUG: #{self.class.name}.lookup(#{label})" if @debug
|
|
52
64
|
Timeout::timeout(240) {
|
|
53
|
-
url = @url
|
|
65
|
+
url = @url+"?api_key=#{@apikey}&query=#{label}"
|
|
54
66
|
$stderr.puts "DEBUG: #{self.class.name} url = #{url}" if @debug
|
|
55
67
|
url = URI.parse url
|
|
56
68
|
http = Net::HTTP.new(url.host, url.port)
|
|
57
69
|
http.use_ssl = (url.scheme == 'https')
|
|
58
70
|
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
|
59
71
|
http.verify_depth = 5
|
|
60
|
-
request = Net::HTTP::
|
|
72
|
+
request = Net::HTTP::Get.new(url.request_uri)
|
|
61
73
|
request.add_field("User-Agent", "Ruby/#{RUBY_VERSION} passivedns-client rubygem v#{PassiveDNS::Client::VERSION}")
|
|
62
|
-
request.set_form_data({"
|
|
74
|
+
#request.set_form_data({"api_key" => @apikey, "query" => label})
|
|
63
75
|
t1 = Time.now
|
|
64
76
|
response = http.request(request)
|
|
65
77
|
t2 = Time.now
|
|
@@ -79,13 +91,14 @@ module PassiveDNS #:nodoc: don't document this
|
|
|
79
91
|
# parses the response of passivetotals's JSON reply to generate an array of PDNSResult
|
|
80
92
|
def parse_json(page,query,response_time=0)
|
|
81
93
|
res = []
|
|
94
|
+
puts page
|
|
82
95
|
data = JSON.parse(page)
|
|
96
|
+
query = data['raw_query']
|
|
83
97
|
if data['results']
|
|
84
|
-
|
|
85
|
-
data['results']['resolutions'].each do |row|
|
|
98
|
+
data['results']['records'].each do |row|
|
|
86
99
|
first_seen = (row['firstSeen'] == "None") ? nil : Time.parse(row['firstSeen']+" +0000")
|
|
87
100
|
last_seen = (row['lastSeen'] == "None") ? nil : Time.parse(row['lastSeen']+" +0000")
|
|
88
|
-
value = row['
|
|
101
|
+
value = row['resolve']
|
|
89
102
|
source = row['source'].join(",")
|
|
90
103
|
res << PDNSResult.new(self.class.name+"/"+source,response_time,
|
|
91
104
|
query, value, "A", 0, first_seen, last_seen)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: passivedns-client
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.1.
|
|
4
|
+
version: 2.1.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- chrislee35
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-
|
|
11
|
+
date: 2015-06-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: json
|