This function looks for SPF record information in the domain and adds the hosts found to the main dictionary
(domain)
| 988 | |
| 989 | |
| 990 | def check_SPF_record(domain): |
| 991 | """ |
| 992 | This function looks for SPF record information in the domain and adds the hosts found to the main dictionary |
| 993 | """ |
| 994 | global debug |
| 995 | global domain_data |
| 996 | global common_hostnames |
| 997 | global check_spf |
| 998 | global output_file |
| 999 | global output_file_handler |
| 1000 | reverseDNS={} |
| 1001 | |
| 1002 | if check_spf: |
| 1003 | |
| 1004 | try: |
| 1005 | print('\n\tChecking SPF record...') |
| 1006 | if output_file!="": |
| 1007 | output_file_handler.writelines('\n\tChecking SPF record...\n') |
| 1008 | |
| 1009 | temp_spf = dns.resolver.resolve(domain, 'TXT') |
| 1010 | |
| 1011 | # For each spf record... |
| 1012 | for spf_record in temp_spf: |
| 1013 | |
| 1014 | if 'v=spf' in spf_record.to_text(): |
| 1015 | # We found a SPF record |
| 1016 | if debug: |
| 1017 | print(f'\t\t> SPf record found: {spf_record.to_text()}') |
| 1018 | |
| 1019 | hosttype={} |
| 1020 | ip_registry=[] |
| 1021 | |
| 1022 | # Split it in parts |
| 1023 | spf_record_splitted=spf_record.to_text().split() |
| 1024 | |
| 1025 | # For each part of the spf record |
| 1026 | for part in spf_record_splitted: |
| 1027 | # Look for hostnames |
| 1028 | if 'a:' in part: |
| 1029 | # Extract new ip4 ips |
| 1030 | hostname=part.split('a:')[1].split('.')[0] |
| 1031 | logging.error('\t\tNew hostname found: {0}'.format(hostname)) |
| 1032 | if output_file!="": |
| 1033 | output_file_handler.writelines('\t\tNew hostname found: {0}\n'.format(hostname)) |
| 1034 | # We found a hostname |
| 1035 | common_hostnames.append(hostname) |
| 1036 | |
| 1037 | # Look for includes |
| 1038 | if 'include' in part: |
| 1039 | # Extract new ip4 ips |
| 1040 | spf_domain=part.split('include:')[1] |
| 1041 | if debug: |
| 1042 | logging.debug('\t\t> Included domain in SPF: {0}'.format(spf_domain)) |
| 1043 | check_SPF_record(spf_domain) |
| 1044 | # Look for ip version 4 and 6 addresses |
| 1045 | if 'ip' in part: |
| 1046 | # Extract new ip4 ips |
| 1047 | try: |
no test coverage detected