class PassiveDNS::Provider::PassiveTotal
Queries PassiveTotal's passive DNS database
Attributes
debug[RW]
:debug enables verbose logging to standard output
Public Class Methods
config_section_name()
click to toggle source
Sets the configuration section name to “passivetotal”
# File lib/passivedns/client/provider/passivetotal.rb, line 18 def self.config_section_name "passivetotal" end
name()
click to toggle source
Sets the modules self-reported name to “PassiveTotal”
# File lib/passivedns/client/provider/passivetotal.rb, line 14 def self.name "PassiveTotal" end
new(options={})
click to toggle source
or
options = {
:debug => true, "USERNAME" => "tom@example.com" "APIKEY" => "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
}
then
PassiveDNS::Provider::PassiveTotal.new(options)
# File lib/passivedns/client/provider/passivetotal.rb, line 55 def initialize(options={}) @debug = options[:debug] || false @timeout = options[:timeout] || 20 @username = options["USERNAME"] || raise("#{self.class.name} requires a USERNAME") @apikey = options["APIKEY"] || raise("#{self.class.name} requires an APIKEY") @url = options["URL"] || "https://api.passivetotal.org/v2/dns/passive" end
option_letter()
click to toggle source
Sets the command line database argument to “p”
# File lib/passivedns/client/provider/passivetotal.rb, line 22 def self.option_letter "p" end
Public Instance Methods
lookup(label, limit=nil)
click to toggle source
Takes a label (either a domain or an IP address) and returns an array of PassiveDNS::PDNSResult
instances with the answers to the query
# File lib/passivedns/client/provider/passivetotal.rb, line 65 def lookup(label, limit=nil) $stderr.puts "DEBUG: #{self.class.name}.lookup(#{label})" if @debug Timeout::timeout(@timeout) { url = @url+"?query=#{label}" $stderr.puts "DEBUG: #{self.class.name} url = #{url}" if @debug url = URI.parse url http = Net::HTTP.new(url.host, url.port) http.use_ssl = (url.scheme == 'https') http.verify_mode = OpenSSL::SSL::VERIFY_NONE http.verify_depth = 5 request = Net::HTTP::Get.new(url.request_uri) request.basic_auth(@username, @apikey) request.add_field("User-Agent", "Ruby/#{RUBY_VERSION} passivedns-client rubygem v#{PassiveDNS::Client::VERSION}") #request.set_form_data({"api_key" => @apikey, "query" => label}) t1 = Time.now response = http.request(request) t2 = Time.now recs = parse_json(response.body, label, t2-t1) if limit recs[0,limit] else recs end } rescue Timeout::Error $stderr.puts "#{self.class.name} lookup timed out: #{label}" end
Private Instance Methods
parse_json(page,query,response_time=0)
click to toggle source
parses the response of passivetotals's JSON reply to generate an array of PDNSResult
# File lib/passivedns/client/provider/passivetotal.rb, line 96 def parse_json(page,query,response_time=0) res = [] data = JSON.parse(page) pp data if data['message'] raise "#{self.class.name} Error: #{data['message']}" end query = data['queryValue'] if data['results'] data['results'].each do |row| first_seen = (row['firstSeen'] == "None") ? nil : Time.parse(row['firstSeen']+" +0000") last_seen = (row['lastSeen'] == "None") ? nil : Time.parse(row['lastSeen']+" +0000") value = row['resolve'] source = row['source'].join(",") res << PDNSResult.new(self.class.name+"/"+source,response_time, query, value, "A", 0, first_seen, last_seen, 'yellow') end end res rescue Exception => e $stderr.puts "#{self.class.name} Exception: #{e}" raise e end