• python dig 模拟—— DGA域名判定用

    #!/usr/bin/env python

import dns.resolver, sys


def get_domain_ip(domain):
    """Get the DNS record, if any, for the given domain."""
    dns_records = list()
    try:
        # get the dns resolutions for this domain
        dns_results = dns.resolver.query(domain)
        dns_records = [ip.address for ip in dns_results]
    except dns.resolver.NXDOMAIN as e:
        print "the domain does not exist so dns resolutions remain empty. domain:", domain
    except dns.resolver.NoAnswer as e:
        print "the resolver is not answering so dns resolutions remain empty, domain:", domain
    return dns_records



hostname = sys.argv[1]
print "Recursive name lookup (simulates dig)..."

n=hostname
try:
  while True:
    for rdata in dns.resolver.query(n, 'CNAME') :
      print n, "cname is", rdata
      n=rdata.target
except:
  print get_domain_ip(n)

    例如:

     python dig_ip.py 8264.com
    Recursive name lookup (simulates dig)...
    8264.com cname is qaz2d84guo7uz5q2.gfnormal01at.com.
    [u'121.29.18.91'] =>IP地址

    python dig_ip.py www.baidu.com
    Recursive name lookup (simulates dig)...
    www.baidu.com cname is www.a.shifen.com.
    www.a.shifen.com. cname is www.wshifen.com.
    [u'103.235.46.39', u'103.235.46.40'] =>IP地址

    来一个无查询结果的 DGA域名:

    python dig_ip.py s09xo3-l5domek9ck5ct3go4m.com
    Recursive name lookup (simulates dig)...
    the domain does not exist so dns resolutions remain empty. domain: s09xo3-l5domek9ck5ct3go4m.com
    []

    其中,dns.resolver.NoAnswer会在查询类别错误时候跑出此异常,例如:

    python dig_ip.py www.baidu.com
    Recursive name lookup (simulates dig)...
    www.baidu.com cname is www.a.shifen.com.
    www.a.shifen.com. cname is www.wshifen.com.
    The DNS response does not contain an answer to the question: www.wshifen.com. IN CNAME

    最后重构下代码:

    #!/usr/bin/env python

import dns.resolver, sys


def get_domain_ip(domain):
    """Get the DNS record, if any, for the given domain."""
    dns_records = list()
    try:
        # get the dns resolutions for this domain
        dns_results = dns.resolver.query(domain)
        dns_records = [ip.address for ip in dns_results]
    except dns.resolver.NXDOMAIN as e:
        print "the domain does not exist so dns resolutions remain empty. domain:", domain
    except dns.resolver.NoAnswer as e:
        print "the resolver is not answering so dns resolutions remain empty, domain:", domain
    return dns_records



def dig_ip(n):
    try:
        while True:
            for rdata in dns.resolver.query(n, 'CNAME') :
                print n, "cname is", rdata
                n=rdata.target
    except Exception as e:
        print e
        return get_domain_ip(n)

if __name__ == "__main__":
    print "Recursive name lookup (simulates dig)..."
    print dig_ip(sys.argv[1])
  • 相关阅读:
    Android Studio --“Cannot resolve symbol” 解决办法
    js与android webview交互
    关于post与get请求参数存在特殊字符问题
    Fragment 学习笔记(1)
    Android Studio 错误集
    UVA
    UVA
    UVALive
    考试题string——线段树。
    洛谷 1552 [APIO2012]派遣
  • 原文地址:https://www.cnblogs.com/bonelee/p/8675078.html
Copyright © 2020-2023  润新知