Tuesday, May 06, 2014

FDNS 3.0

I think this will be final improvement. 

I did notice that the fdns2.2.py can only connect to whois.arin.net on port 43 (whois). It doesn't perform the follow up on the whois referring by arin.net.

With the new code, it should:

  • Resolve DNS name to IP address
  • Perform the reverse DNS based on the IP addess (above).
  • Perform whois DB checking based on the IP address (above), and shows the OrgName(netname).

import os, sys, re, socket, argparse
import json
name = who = ""
def whois_orgname(ipaddr):
        #data = []
        orgname = netname = desrc = ''
        whoisinfo = os.popen('whois %s' % ipaddr, 'r').readlines()
        ee = json.dumps(whoisinfo)
        dd = json.loads(ee)
        for line in dd:
            p1 = re.match('(orgname):\s*(.*)', line, re.I)
            p2 = re.match('(netname):\s*(.*)', line, re.I)
            #p3 = re.match('(descr):\s*(.*)', line, re.I)
            if p1 != None:
                orgname = p1.group(2)
            if p2 != None:
                netname = p2.group(2)
            #if p3 != None:
            #    descr = p3.group(2)
    except Exception, e:
        orgnetname = orgname + "(" + netname + ")"
        return orgnetname
if __name__ == "__main__":
    parser = argparse.ArgumentParser(description='Fast DNS Resolver for domain list', version='%(prog)s 3.0')
    parser.add_argument('-w', '--whois', dest='whois', action='store_true', default=True, help='whois')
    parser.add_argument('-R', dest='rdns', action='store_true', default=False, help='reverse dns')
    parser.add_argument('infile', nargs='+', type=str, help='list of input files')
    args = parser.parse_args()
    domains = []
    for f in args.infile:
        with open(f, 'rt') as data:
            for line in data.readlines():
    for domain in domains:
            host =  socket.gethostbyname(domain)
        except Exception, e:
            host = "-"
            if args.rdns or args.whois:
                if args.rdns:
                        name, alias, addresslist = socket.gethostbyaddr(host)
                    except Exception, e:
                        name = "-" # reverse dns name
                if args.whois:
                        who = whois_orgname(host)
                    except Exception, e:
                        who = "-" # whois owner
                print "%s:%s:%s:%s" %(domain, host, name, who)
                print "%s:%s" % (domain, host)