2019-05-25 20:40:06 +00:00
|
|
|
#--depends-on commands
|
|
|
|
|
|
2019-06-28 22:16:05 +00:00
|
|
|
import re, socket, typing
|
2018-10-04 09:18:44 +00:00
|
|
|
from src import ModuleManager, utils
|
2019-06-25 13:32:51 +00:00
|
|
|
import dns.resolver
|
2018-10-04 09:18:44 +00:00
|
|
|
|
|
|
|
|
URL_GEOIP = "http://ip-api.com/json/%s"
|
2021-10-18 01:53:25 +00:00
|
|
|
URL_IPINFO = "https://ipinfo.io/%s/json"
|
2018-11-15 15:41:55 +00:00
|
|
|
REGEX_IPv6 = r"(?:(?:[a-f0-9]{1,4}:){2,}|[a-f0-9:]*::)[a-f0-9:]*"
|
|
|
|
|
REGEX_IPv4 = r"(?:\d{1,3}\.){3}\d{1,3}"
|
2019-08-13 12:48:03 +00:00
|
|
|
REGEX_IP = re.compile("%s|%s" % (REGEX_IPv4, REGEX_IPv6), re.I)
|
2018-10-04 09:18:44 +00:00
|
|
|
|
2019-09-04 13:27:10 +00:00
|
|
|
def _parse(value):
|
|
|
|
|
if utils.is_ip(value):
|
|
|
|
|
return value
|
|
|
|
|
return None
|
2019-06-25 13:32:51 +00:00
|
|
|
|
2019-09-02 13:33:12 +00:00
|
|
|
@utils.export("botset", utils.BoolSetting("configurable-nameservers",
|
|
|
|
|
"Whether or not users can configure their own nameservers"))
|
2019-09-04 13:27:10 +00:00
|
|
|
@utils.export("serverset", utils.FunctionSetting(_parse, "dns-nameserver",
|
2019-06-28 22:16:05 +00:00
|
|
|
"Set DNS nameserver", example="8.8.8.8"))
|
2019-09-04 13:27:10 +00:00
|
|
|
@utils.export("channelset", utils.FunctionSetting(_parse, "dns-nameserver",
|
2019-09-02 13:23:51 +00:00
|
|
|
"Set DNS nameserver", example="8.8.8.8"))
|
2018-10-04 09:18:44 +00:00
|
|
|
class Module(ModuleManager.BaseModule):
|
2021-10-18 01:42:15 +00:00
|
|
|
def _get_ip(self, event):
|
|
|
|
|
ip = event["args_split"][0] if event["args"] else ""
|
|
|
|
|
if not ip:
|
|
|
|
|
line = event["target"].buffer.find(REGEX_IP)
|
|
|
|
|
if line:
|
|
|
|
|
ip = line.match
|
|
|
|
|
if not ip:
|
|
|
|
|
raise utils.EventError("No IP provided")
|
|
|
|
|
return ip
|
|
|
|
|
|
2021-10-18 01:53:25 +00:00
|
|
|
def _ipinfo_get(self, url):
|
|
|
|
|
access_token = self.bot.config.get("ipinfo-token", None)
|
|
|
|
|
headers = {}
|
|
|
|
|
if not access_token == None:
|
|
|
|
|
headers["Authorization"] = "Bearer %s" % access_token
|
|
|
|
|
request = utils.http.Request(url, headers=headers)
|
|
|
|
|
return utils.http.request(request)
|
|
|
|
|
|
2021-05-16 16:04:02 +00:00
|
|
|
@utils.hook("received.command.dig", alias_of="dns")
|
2018-10-04 09:18:44 +00:00
|
|
|
@utils.hook("received.command.dns", min_args=1)
|
|
|
|
|
def dns(self, event):
|
|
|
|
|
"""
|
|
|
|
|
:help: Get all addresses for a given hostname (IPv4/IPv6)
|
2019-06-25 13:32:51 +00:00
|
|
|
:usage: <hostname> [type [type ...]]
|
2018-10-04 10:04:24 +00:00
|
|
|
:prefix: DNS
|
2018-10-04 09:18:44 +00:00
|
|
|
"""
|
2019-07-16 15:52:41 +00:00
|
|
|
args = event["args_split"][:]
|
2019-09-02 13:33:12 +00:00
|
|
|
nameserver = None
|
|
|
|
|
if self.bot.get_setting("configurable-nameservers", True):
|
2019-09-15 20:31:31 +00:00
|
|
|
nameserver = event["target"].get_setting("dns-nameserver",
|
2019-09-02 13:33:12 +00:00
|
|
|
event["server"].get_setting("dns-nameserver", None))
|
|
|
|
|
for i, arg in enumerate(args):
|
|
|
|
|
if arg[0] == "@":
|
|
|
|
|
nameserver = args.pop(i)[1:]
|
|
|
|
|
break
|
2019-06-25 13:32:51 +00:00
|
|
|
|
2019-07-16 15:52:41 +00:00
|
|
|
hostname = args[0]
|
2019-06-25 13:50:30 +00:00
|
|
|
|
2019-07-16 15:52:41 +00:00
|
|
|
record_types = args[1:]
|
2019-06-25 13:50:30 +00:00
|
|
|
if not record_types:
|
|
|
|
|
record_types = ["A?", "AAAA?"]
|
2019-06-25 13:32:51 +00:00
|
|
|
|
|
|
|
|
if not nameserver == None:
|
|
|
|
|
resolver = dns.resolver.Resolver(configure=False)
|
|
|
|
|
resolver.nameservers = [nameserver]
|
|
|
|
|
else:
|
|
|
|
|
resolver = dns.resolver
|
|
|
|
|
|
|
|
|
|
results = []
|
2018-10-16 14:09:58 +00:00
|
|
|
|
2019-06-25 13:32:51 +00:00
|
|
|
for record_type in record_types:
|
2019-08-02 16:42:57 +00:00
|
|
|
record_type_strip = record_type.rstrip("?").upper()
|
2019-06-25 13:32:51 +00:00
|
|
|
try:
|
2020-09-14 13:52:54 +00:00
|
|
|
query_result = resolver.resolve(hostname, record_type_strip,
|
2019-07-16 15:58:40 +00:00
|
|
|
lifetime=4)
|
2019-06-25 13:32:51 +00:00
|
|
|
query_results = [q.to_text() for q in query_result]
|
2019-08-12 14:49:28 +00:00
|
|
|
results.append([record_type_strip, query_result.rrset.ttl,
|
|
|
|
|
query_results])
|
2019-06-25 13:32:51 +00:00
|
|
|
except dns.resolver.NXDOMAIN:
|
|
|
|
|
raise utils.EventError("Domain not found")
|
|
|
|
|
except dns.resolver.NoAnswer:
|
|
|
|
|
if not record_type.endswith("?"):
|
|
|
|
|
raise utils.EventError("Domain does not have a '%s' record"
|
2019-06-25 13:57:03 +00:00
|
|
|
% record_type_strip)
|
|
|
|
|
except dns.rdatatype.UnknownRdatatype:
|
|
|
|
|
raise utils.EventError("Unknown record type '%s'"
|
|
|
|
|
% record_type_strip)
|
2019-07-09 11:18:34 +00:00
|
|
|
except dns.exception.DNSException:
|
|
|
|
|
message = "Failed to get DNS records"
|
|
|
|
|
self.log.warn(message, exc_info=True)
|
|
|
|
|
raise utils.EventError(message)
|
2018-10-04 09:18:44 +00:00
|
|
|
|
2019-08-12 14:49:28 +00:00
|
|
|
results_str = ["%s (TTL %s): %s" %
|
|
|
|
|
(t, ttl, ", ".join(r)) for t, ttl, r in results]
|
2019-06-25 13:32:51 +00:00
|
|
|
event["stdout"].write("(%s) %s" % (hostname, " | ".join(results_str)))
|
2018-10-04 09:18:44 +00:00
|
|
|
|
2021-10-18 01:42:15 +00:00
|
|
|
@utils.hook("received.command.geoip")
|
2018-10-04 09:18:44 +00:00
|
|
|
def geoip(self, event):
|
|
|
|
|
"""
|
2021-10-18 01:42:15 +00:00
|
|
|
:help: Get GeoIP data on a given IPv4/IPv6 address
|
2018-10-04 09:18:44 +00:00
|
|
|
:usage: <IP>
|
2018-10-04 10:04:24 +00:00
|
|
|
:prefix: GeoIP
|
2018-10-04 09:18:44 +00:00
|
|
|
"""
|
2021-10-18 01:42:15 +00:00
|
|
|
ip = self._get_ip(event)
|
|
|
|
|
|
|
|
|
|
page = utils.http.request(URL_GEOIP % ip).json()
|
2018-10-04 09:18:44 +00:00
|
|
|
if page:
|
2019-11-26 13:41:40 +00:00
|
|
|
if page["status"] == "success":
|
2021-10-18 22:18:05 +00:00
|
|
|
hostname = None
|
2021-10-18 01:27:46 +00:00
|
|
|
try:
|
|
|
|
|
hostname, alias, ips = socket.gethostbyaddr(page["query"])
|
|
|
|
|
except (socket.herror, socket.gaierror):
|
|
|
|
|
pass
|
|
|
|
|
|
2019-11-26 13:41:40 +00:00
|
|
|
data = page["query"]
|
2021-10-18 01:53:25 +00:00
|
|
|
data += " (%s)" % hostname if hostname else ""
|
2019-11-26 13:41:40 +00:00
|
|
|
data += " | Organisation: %s" % page["org"]
|
|
|
|
|
data += " | City: %s" % page["city"]
|
|
|
|
|
data += " | Region: %s (%s)" % (
|
|
|
|
|
page["regionName"], page["countryCode"])
|
2021-10-18 01:27:46 +00:00
|
|
|
data += " | ISP: %s (%s)" % (page["isp"], page["as"])
|
2019-11-26 13:41:40 +00:00
|
|
|
data += " | Lon/Lat: %s/%s" % (page["lon"], page["lat"])
|
|
|
|
|
data += " | Timezone: %s" % page["timezone"]
|
2018-10-04 09:18:44 +00:00
|
|
|
event["stdout"].write(data)
|
|
|
|
|
else:
|
2021-10-18 01:27:46 +00:00
|
|
|
event["stderr"].write("No GeoIP data found")
|
2018-10-04 09:18:44 +00:00
|
|
|
else:
|
2019-11-18 12:06:59 +00:00
|
|
|
raise utils.EventResultsError()
|
2018-10-04 09:18:44 +00:00
|
|
|
|
2021-10-18 01:53:25 +00:00
|
|
|
@utils.hook("received.command.ipinfo")
|
|
|
|
|
def ipinfo(self, event):
|
|
|
|
|
"""
|
|
|
|
|
:help: Get IPinfo.io data on a given IPv4/IPv6 address
|
|
|
|
|
:usage: <IP>
|
|
|
|
|
:prefix: IPinfo
|
|
|
|
|
"""
|
|
|
|
|
ip = self._get_ip(event)
|
|
|
|
|
|
|
|
|
|
page = self._ipinfo_get(URL_IPINFO % ip).json()
|
|
|
|
|
if page:
|
2021-10-18 02:12:19 +00:00
|
|
|
if page.get("error", False):
|
|
|
|
|
if isinstance(page["error"], (list, dict)):
|
|
|
|
|
event["stderr"].write(page["error"]["message"])
|
|
|
|
|
else:
|
|
|
|
|
event["stderr"].write(page["error"])
|
|
|
|
|
elif page.get("ip", False):
|
|
|
|
|
bogon = page.get("bogon", False)
|
2021-10-18 01:53:25 +00:00
|
|
|
hostname = page.get("hostname", None)
|
2021-10-18 02:12:19 +00:00
|
|
|
if not hostname and not bogon:
|
2021-10-18 01:53:25 +00:00
|
|
|
try:
|
|
|
|
|
hostname, alias, ips = socket.gethostbyaddr(page["ip"])
|
|
|
|
|
except (socket.herror, socket.gaierror):
|
|
|
|
|
pass
|
|
|
|
|
|
2021-10-18 22:18:05 +00:00
|
|
|
data = page["ip"]
|
2021-10-18 02:12:19 +00:00
|
|
|
if bogon:
|
|
|
|
|
data += " (Bogon)"
|
|
|
|
|
else:
|
|
|
|
|
data += " (%s)" % hostname if hostname else ""
|
|
|
|
|
data += " (Anycast)" if page.get("anycast", False) == True else ""
|
2021-10-18 22:18:05 +00:00
|
|
|
if page.get("country", False):
|
|
|
|
|
data += " | City: %s" % page["city"]
|
|
|
|
|
data += " | Region: %s (%s)" % (page["region"], page["country"])
|
|
|
|
|
data += " | ISP: %s" % page.get("org", "Unknown")
|
|
|
|
|
data += " | Lon/Lat: %s" % page["loc"]
|
|
|
|
|
data += " | Timezone: %s" % page["timezone"]
|
2021-10-18 01:53:25 +00:00
|
|
|
event["stdout"].write(data)
|
|
|
|
|
else:
|
2021-10-18 02:12:19 +00:00
|
|
|
event["stderr"].write("Unsupported endpoint")
|
2021-10-18 01:53:25 +00:00
|
|
|
else:
|
|
|
|
|
raise utils.EventResultsError()
|
|
|
|
|
|
2018-10-04 11:15:15 +00:00
|
|
|
@utils.hook("received.command.rdns")
|
2018-10-04 09:18:44 +00:00
|
|
|
def rdns(self, event):
|
|
|
|
|
"""
|
|
|
|
|
:help: Do a reverse-DNS look up on an IPv4/IPv6 address
|
|
|
|
|
:usage: <IP>
|
2018-10-04 10:04:24 +00:00
|
|
|
:prefix: rDNS
|
2018-10-04 09:18:44 +00:00
|
|
|
"""
|
2021-10-18 01:42:15 +00:00
|
|
|
ip = self._get_ip(event)
|
2018-10-04 11:15:15 +00:00
|
|
|
|
2018-10-04 09:18:44 +00:00
|
|
|
try:
|
2018-10-04 11:15:15 +00:00
|
|
|
hostname, alias, ips = socket.gethostbyaddr(ip)
|
2018-10-04 09:29:22 +00:00
|
|
|
except (socket.herror, socket.gaierror) as e:
|
2018-10-16 14:09:58 +00:00
|
|
|
raise utils.EventError(e.strerror)
|
2018-10-04 12:19:59 +00:00
|
|
|
event["stdout"].write("(%s) %s" % (ips[0], hostname))
|
