class Yawast::Scanner::Plugins::DNS::CAA

Public Class Methods

caa_info(uri) click to toggle source
# File lib/scanner/plugins/dns/caa.rb, line 12
def self.caa_info(uri)
  # force DNS resolver to something that works
  # this is done to ensure that ISP resolvers don't get in the way
  # at some point, should probably do something else, but works for now
  @res = Resolver.new({nameserver: ['8.8.8.8']})

  # setup a list of domains already checked, so we can skip them
  @checked = []

  # setup a counter, so we can see if we actually got anything
  @records = 0

  domain = uri.host.to_s

  chase_domain domain

  if @records.zero?
    Yawast::Shared::Output.log_hash 'vulnerabilities',
                                    'missing_caa_records',
                                    {vulnerable: true, record_count: 0}

    puts
    Yawast::Utilities.puts_vuln 'DNS CAA: No records found.'
  else
    Yawast::Shared::Output.log_hash 'vulnerabilities',
                                    'missing_caa_records',
                                    {vulnerable: false, record_count: @records}
  end
end
chase_domain(domain) click to toggle source
# File lib/scanner/plugins/dns/caa.rb, line 42
def self.chase_domain(domain)
  while domain != ''
    begin
      # check to see if we've already ran into this one
      return if @checked.include? domain
      @checked.push domain

      # first, see if this is a CNAME. we do this explicitly because
      # some resolvers flatten in an odd way that prevents just checking
      # for the CAA record directly
      cname = get_cname_record(domain)
      if !cname.nil?
        Yawast::Utilities.puts_info "\t\tCAA (#{domain}): CNAME Found: -> #{cname}"
        Yawast::Shared::Output.log_value 'dns', 'caa', domain, "CNAME: #{cname}"

        chase_domain cname.to_s
      else
        print_caa_record domain
      end
    rescue => e # rubocop:disable Style/RescueStandardError
      Yawast::Utilities.puts_error "\t\tCAA (#{domain}): #{e.message}"
    end

    # strip the leading element off the domain
    domain = domain.partition('.').last
  end
end
get_cname_record(domain) click to toggle source
# File lib/scanner/plugins/dns/caa.rb, line 70
def self.get_cname_record(domain)
  ans = @res.query(domain, 'CNAME')

  if !ans.answer[0].nil?
    return ans.answer[0].rdata
  else
    return nil
  end
end
print_caa_record(domain) click to toggle source