diff --git a/modules/dns.py b/modules/dns.py deleted file mode 100644 index 65f357e0..00000000 --- a/modules/dns.py +++ /dev/null @@ -1,23 +0,0 @@ -import socket -from src import ModuleManager, utils - -class Module(ModuleManager.BaseModule): - _name = "DNS" - - @utils.hook("received.command.dns", min_args=1) - def dns(self, event): - """ - :help: Get all addresses for a given hostname (IPv4/IPv6) - :usage: - """ - hostname = event["args_split"][0] - try: - address_info = socket.getaddrinfo(hostname, 1, 0, - socket.SOCK_DGRAM) - except socket.gaierror: - event["stderr"].write("Failed to find hostname") - return - ips = [] - for _, _, _, _, address in address_info: - ips.append(address[0]) - event["stdout"].write("%s: %s" % (hostname, ", ".join(ips))) diff --git a/modules/geoip.py b/modules/geoip.py deleted file mode 100644 index fed27083..00000000 --- a/modules/geoip.py +++ /dev/null @@ -1,31 +0,0 @@ -from src import ModuleManager, utils - -URL_GEOIP = "http://ip-api.com/json/%s" - -class Module(ModuleManager.BaseModule): - _name = "GeoIP" - - @utils.hook("received.command.geoip", min_args=1) - def geoip(self, event): - """ - :help: Get geoip data on a given IPv4/IPv6 address - :usage: - """ - page = utils.http.get_url(URL_GEOIP % event["args_split"][0], - json=True) - if page: - if page["status"] == "success": - data = page["query"] - data += " | Organisation: %s" % page["org"] - data += " | City: %s" % page["city"] - data += " | Region: %s (%s)" % (page["regionName"], - page["countryCode"]) - data += " | ISP: %s" % page["isp"] - data += " | Lon/Lat: %s/%s" % (page["lon"], - page["lat"]) - data += " | Timezone: %s" % page["timezone"] - event["stdout"].write(data) - else: - event["stderr"].write("No geoip data found") - else: - event["stderr"].write("Failed to load results") diff --git a/modules/ip_addresses.py b/modules/ip_addresses.py new file mode 100644 index 00000000..ca8421a3 --- /dev/null +++ b/modules/ip_addresses.py @@ -0,0 +1,68 @@ +import socket +from src import ModuleManager, utils + +URL_GEOIP = "http://ip-api.com/json/%s" + +class Module(ModuleManager.BaseModule): + @utils.hook("received.command.dns", min_args=1) + def dns(self, event): + """ + :help: Get all addresses for a given hostname (IPv4/IPv6) + :usage: + """ + event["stdout"].set_prefix("DNS") + event["stderr"].set_prefix("DNS") + hostname = event["args_split"][0] + try: + address_info = socket.getaddrinfo(hostname, 1, 0, + socket.SOCK_DGRAM) + except socket.gaierror: + event["stderr"].write("Failed to find hostname") + return + ips = [] + for _, _, _, _, address in address_info: + ips.append(address[0]) + event["stdout"].write("%s: %s" % (hostname, ", ".join(ips))) + + + @utils.hook("received.command.geoip", min_args=1) + def geoip(self, event): + """ + :help: Get geoip data on a given IPv4/IPv6 address + :usage: + """ + page = utils.http.get_url(URL_GEOIP % event["args_split"][0], + json=True) + event["stdout"].set_prefix("GeoIP") + event["stderr"].set_prefix("GeoIP") + if page: + if page["status"] == "success": + data = page["query"] + data += " | Organisation: %s" % page["org"] + data += " | City: %s" % page["city"] + data += " | Region: %s (%s)" % (page["regionName"], + page["countryCode"]) + data += " | ISP: %s" % page["isp"] + data += " | Lon/Lat: %s/%s" % (page["lon"], + page["lat"]) + data += " | Timezone: %s" % page["timezone"] + event["stdout"].write(data) + else: + event["stderr"].write("No geoip data found") + else: + event["stderr"].write("Failed to load results") + + @utils.hook("received.command.rdns", min_args=1) + def rdns(self, event): + """ + :help: Do a reverse-DNS look up on an IPv4/IPv6 address + :usage: + """ + event["stdout"].set_prefix("rDNS") + event["stderr"].set_prefix("rDNS") + try: + hostname, alias, ips = socket.gethostbyaddr(event["args_split"][0]) + except socket.herror as e: + event["stderr"].write(str(e)) + return + event["stdout"].write("%s: %s" % (ips[0], hostname))