1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
import socket
from src import ModuleManager, utils
URL_GEOIP = "http://ip-api.com/json/%s"
class Module(ModuleManager.BaseModule):
@utils.hook("received.command.dns", min_args=1)
def dns(self, event):
"""
:help: Get all addresses for a given hostname (IPv4/IPv6)
:usage: <hostname>
:prefix: DNS
"""
hostname = event["args_split"][0]
try:
address_info = socket.getaddrinfo(hostname, 1, 0,
socket.SOCK_DGRAM)
except socket.gaierror:
event["stderr"].write("Failed to find hostname")
return
ips = []
for _, _, _, _, address in address_info:
ips.append(address[0])
event["stdout"].write("%s: %s" % (hostname, ", ".join(ips)))
@utils.hook("received.command.geoip", min_args=1)
def geoip(self, event):
"""
:help: Get geoip data on a given IPv4/IPv6 address
:usage: <IP>
:prefix: GeoIP
"""
page = utils.http.get_url(URL_GEOIP % event["args_split"][0],
json=True)
if page:
if page["status"] == "success":
data = page["query"]
data += " | Organisation: %s" % page["org"]
data += " | City: %s" % page["city"]
data += " | Region: %s (%s)" % (page["regionName"],
page["countryCode"])
data += " | ISP: %s" % page["isp"]
data += " | Lon/Lat: %s/%s" % (page["lon"],
page["lat"])
data += " | Timezone: %s" % page["timezone"]
event["stdout"].write(data)
else:
event["stderr"].write("No geoip data found")
else:
event["stderr"].write("Failed to load results")
@utils.hook("received.command.rdns", min_args=1)
def rdns(self, event):
"""
:help: Do a reverse-DNS look up on an IPv4/IPv6 address
:usage: <IP>
:prefix: rDNS
"""
try:
hostname, alias, ips = socket.gethostbyaddr(event["args_split"][0])
except (socket.herror, socket.gaierror) as e:
event["stderr"].write(e.strerror)
return
event["stdout"].write("%s: %s" % (ips[0], hostname))
|
