Skip to content

Commit

Permalink
update naming to be more accurate
Browse files Browse the repository at this point in the history
  • Loading branch information
@MattKeeley
MattKeeley committed Aug 11, 2024
1 parent de684b8 commit 95dee5b
Show file tree
Hide file tree
Showing 4 changed files with 22 additions and 22 deletions.
4 changes: 2 additions & 2 deletions modules/report.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ def printer(**kwargs):
dns_server = kwargs.get('DNS_SERVER')
spf_record = kwargs.get('SPF')
spf_all = kwargs.get('SPF_MULTIPLE_ALLS')
spf_includes = kwargs.get('SPF_NUM_INCLUDES')
spf_dns_query_count = kwargs.get('SPF_NUM_DNS_QUERIES')
dmarc_record = kwargs.get('DMARC')
p = kwargs.get('DMARC_POLICY')
pct = kwargs.get('DMARC_PCT')
Expand All @@ -64,7 +64,7 @@ def printer(**kwargs):
output_message("[?]", "SPF record contains multiple `All` items.", "warning")
else:
output_message("[*]", f"SPF all record: {spf_all}", "info")
output_message("[*]", f"SPF include count: {spf_includes}" if spf_includes <= 10 else f"Too many SPF include lookups {spf_includes}.", "info")
output_message("[*]", f"SPF DNS query count: {spf_dns_query_count}" if spf_dns_query_count <= 10 else f"Too many SPF DNS query lookups {spf_dns_query_count}.", "info")
else:
output_message("[?]", "No SPF record found.", "warning")

Expand Down
24 changes: 12 additions & 12 deletions modules/spf.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,13 @@ def __init__(self, domain, dns_server=None):
self.dns_server = dns_server
self.spf_record = self.get_spf_record()
self.all_mechanism = None
self.num_includes = 0
self.too_many_includes = False
self.spf_dns_query_count = 0
self.too_many_dns_queries = False

if self.spf_record:
self.all_mechanism = self.get_spf_all_string()
self.num_includes = self.get_spf_includes()
self.too_many_includes = self.num_includes > 10
self.spf_dns_query_count = self.get_spf_dns_queries()
self.too_many_dns_queries = self.spf_dns_query_count > 10

def get_spf_record(self, domain=None):
"""Fetches the SPF record for the specified domain."""
Expand Down Expand Up @@ -58,9 +58,9 @@ def get_spf_all_string(self):

return None

def get_spf_includes(self):
"""Returns the number of includes, redirects, and other mechanisms in the SPF record for a given domain."""
def count_includes(spf_record):
def get_spf_dns_queries(self):
"""Returns the number of dns queries, redirects, and other mechanisms in the SPF record for a given domain."""
def count_dns_queries(spf_record):
count = 0
for item in spf_record.split():
if item.startswith("include:") or item.startswith("redirect="):
Expand All @@ -71,13 +71,13 @@ def count_includes(spf_record):

count += 1
try:
# Recursively fetch and count includes or redirects in the SPF record of the referenced domain
# Recursively fetch and count dns queries or redirects in the SPF record of the referenced domain
answers = dns.resolver.resolve(url, 'TXT')
for rdata in answers:
for txt_string in rdata.strings:
txt_record = txt_string.decode('utf-8')
if txt_record.startswith('v=spf1'):
count += count_includes(txt_record)
count += count_dns_queries(txt_record)
except Exception:
pass

Expand All @@ -89,10 +89,10 @@ def count_includes(spf_record):

return count

return count_includes(self.spf_record)
return count_dns_queries(self.spf_record)

def __str__(self):
return (f"SPF Record: {self.spf_record}\n"
f"All Mechanism: {self.all_mechanism}\n"
f"Number of Includes: {self.num_includes}\n"
f"Too Many Includes: {self.too_many_includes}")
f"DNS Query Count: {self.spf_dns_query_count}\n"
f"Too Many DNS Queries: {self.too_many_dns_queries}")
6 changes: 3 additions & 3 deletions modules/spoofing.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,13 @@
import tldextract

class Spoofing:
def __init__(self, domain, p, aspf, spf_record, spf_all, spf_includes, sp, pct):
def __init__(self, domain, p, aspf, spf_record, spf_all, spf_dns_queries, sp, pct):
self.domain = domain
self.p = p
self.aspf = aspf
self.spf_record = spf_record
self.spf_all = spf_all
self.spf_includes = spf_includes
self.spf_dns_queries = spf_dns_queries
self.sp = sp
self.pct = pct
self.domain_type = self.get_domain_type()
Expand All @@ -31,7 +31,7 @@ def is_spoofable(self):
return 0
else:
return 8
elif self.spf_includes > 10 and self.p is None:
elif self.spf_dns_queries > 10 and self.p is None:
return 0
elif self.spf_all == "2many":
if self.p == "none":
Expand Down
10 changes: 5 additions & 5 deletions spoofy.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,8 @@ def process_domain(domain):

spf_record = spf.spf_record
spf_all = spf.all_mechanism
spf_num_includes = spf.num_includes
spf_too_many_includes = spf.too_many_includes
spf_dns_query_count = spf.spf_dns_query_count
spf_too_many_dns_queries = spf.too_many_dns_queries

dmarc_record = dmarc.dmarc_record
dmarc_p = dmarc.policy
Expand All @@ -33,7 +33,7 @@ def process_domain(domain):
bimi_location = bimi_info.location
bimi_authority = bimi_info.authority

spoofing_info = Spoofing(domain, dmarc_p, dmarc_aspf, spf_record, spf_all, spf_num_includes, dmarc_sp, dmarc_pct)
spoofing_info = Spoofing(domain, dmarc_p, dmarc_aspf, spf_record, spf_all, spf_dns_query_count, dmarc_sp, dmarc_pct)

domain_type = spoofing_info.domain_type
spoofing_possible = spoofing_info.spoofing_possible
Expand All @@ -45,8 +45,8 @@ def process_domain(domain):
'DNS_SERVER': dns_info.dns_server,
'SPF': spf_record,
'SPF_MULTIPLE_ALLS': spf_all,
'SPF_NUM_INCLUDES': spf_num_includes,
'SPF_TOO_MANY_INCLUDES': spf_too_many_includes,
'SPF_NUM_DNS_QUERIES': spf_dns_query_count,
'SPF_TOO_MANY_DNS_QUERIES': spf_too_many_dns_queries,
'DMARC': dmarc_record,
'DMARC_POLICY': dmarc_p,
'DMARC_PCT': dmarc_pct,
Expand Down

0 comments on commit 95dee5b

Please sign in to comment.