smilbandit/spf-info.py

## spf-info.py
#!/usr/bin/env python
# Usage
# spf-info.py [domain]

import dns.resolver
import socket
from ipwhois import IPWhois
from pprint import pprint
import json

#Remove these two lines if something seems wrong
#odd warnings coming from the dns library
import warnings
warnings.filterwarnings("ignore")

lookup = 0
ip = {}

def check(domain,pad):
  global lookup, ip
  lookup += 1
  print(('   ' * pad) + domain)
  answers = dns.resolver.query(domain, 'TXT')
  for rdata in answers:
    r = rdata.to_text().replace('"','')
    if ('v=spf1' in r):
      print(('   ' * pad) + r)
      print('   ' * pad)
      s = r.split(' ')
      for x in s:
        #print('---- ' + x[:8])
        if(x[:4] == 'ip4:' or x[:4] == 'ip6:'):
          ip[x] = domain
        if(x[:8] == 'include:'):
          check(x.replace('include:',''),pad+1)

def who(i,v):
  print(i + ' -> ' + v)
  i = i.replace('ip4:','').replace('ip6:','')
  p = i.split('/')
  obj = IPWhois(p[0])
  results = obj.lookup_rdap(depth=1)
  #uncomment to get full rdap. https://www.arin.net/resources/rdap.html
  #print('full         : ' + json.dumps(results))
  print('Network Name : ' + results['network']['name'])
  print('ASN Desc     : ' + results['asn_description'])
  first = next(iter(results['objects'].values()))
  print('Contact Name : ' + first['contact']['name'])
  print('')


if __name__ == '__main__':
  from sys import argv
  if len(argv) > 1:
    domain = argv[1]
  else:
    domain = "google.com"
  print('SPF Chain')
  check(domain,0)
  print('Total lookups: ' + str(lookup))
  print('')
  print('IP Ownership Info')
  for key, value in ip.items():
    who(key,value)
	#!/usr/bin/env python
	# Usage
	# spf-info.py [domain]

	import dns.resolver
	import socket
	from ipwhois import IPWhois
	from pprint import pprint
	import json

	#Remove these two lines if something seems wrong
	#odd warnings coming from the dns library
	import warnings
	warnings.filterwarnings("ignore")

	lookup = 0
	ip = {}

	def check(domain,pad):
	global lookup, ip
	lookup += 1
	print((' ' * pad) + domain)
	answers = dns.resolver.query(domain, 'TXT')
	for rdata in answers:
	r = rdata.to_text().replace('"','')
	if ('v=spf1' in r):
	print((' ' * pad) + r)
	print(' ' * pad)
	s = r.split(' ')
	for x in s:
	#print('---- ' + x[:8])
	if(x[:4] == 'ip4:' or x[:4] == 'ip6:'):
	ip[x] = domain
	if(x[:8] == 'include:'):
	check(x.replace('include:',''),pad+1)

	def who(i,v):
	print(i + ' -> ' + v)
	i = i.replace('ip4:','').replace('ip6:','')
	p = i.split('/')
	obj = IPWhois(p[0])
	results = obj.lookup_rdap(depth=1)
	#uncomment to get full rdap. https://www.arin.net/resources/rdap.html
	#print('full : ' + json.dumps(results))
	print('Network Name : ' + results['network']['name'])
	print('ASN Desc : ' + results['asn_description'])
	first = next(iter(results['objects'].values()))
	print('Contact Name : ' + first['contact']['name'])
	print('')


	if __name__ == '__main__':
	from sys import argv
	if len(argv) > 1:
	domain = argv[1]
	else:
	domain = "google.com"
	print('SPF Chain')
	check(domain,0)
	print('Total lookups: ' + str(lookup))
	print('')
	print('IP Ownership Info')
	for key, value in ip.items():
	who(key,value)