From 95dee5b0fb976c04acdca106d76c6de73ce12b88 Mon Sep 17 00:00:00 2001 From: Matt Keeley Date: Sat, 10 Aug 2024 23:23:46 -0700 Subject: [PATCH] update naming to be more accurate --- modules/report.py | 4 ++-- modules/spf.py | 24 ++++++++++++------------ modules/spoofing.py | 6 +++--- spoofy.py | 10 +++++----- 4 files changed, 22 insertions(+), 22 deletions(-) diff --git a/modules/report.py b/modules/report.py index 17471f6..a277739 100644 --- a/modules/report.py +++ b/modules/report.py @@ -37,7 +37,7 @@ def printer(**kwargs): dns_server = kwargs.get('DNS_SERVER') spf_record = kwargs.get('SPF') spf_all = kwargs.get('SPF_MULTIPLE_ALLS') - spf_includes = kwargs.get('SPF_NUM_INCLUDES') + spf_dns_query_count = kwargs.get('SPF_NUM_DNS_QUERIES') dmarc_record = kwargs.get('DMARC') p = kwargs.get('DMARC_POLICY') pct = kwargs.get('DMARC_PCT') @@ -64,7 +64,7 @@ def printer(**kwargs): output_message("[?]", "SPF record contains multiple `All` items.", "warning") else: output_message("[*]", f"SPF all record: {spf_all}", "info") - output_message("[*]", f"SPF include count: {spf_includes}" if spf_includes <= 10 else f"Too many SPF include lookups {spf_includes}.", "info") + output_message("[*]", f"SPF DNS query count: {spf_dns_query_count}" if spf_dns_query_count <= 10 else f"Too many SPF DNS query lookups {spf_dns_query_count}.", "info") else: output_message("[?]", "No SPF record found.", "warning") diff --git a/modules/spf.py b/modules/spf.py index 9a61ffa..0c6b68c 100644 --- a/modules/spf.py +++ b/modules/spf.py @@ -9,13 +9,13 @@ def __init__(self, domain, dns_server=None): self.dns_server = dns_server self.spf_record = self.get_spf_record() self.all_mechanism = None - self.num_includes = 0 - self.too_many_includes = False + self.spf_dns_query_count = 0 + self.too_many_dns_queries = False if self.spf_record: self.all_mechanism = self.get_spf_all_string() - self.num_includes = self.get_spf_includes() - self.too_many_includes = self.num_includes > 10 + self.spf_dns_query_count = self.get_spf_dns_queries() + self.too_many_dns_queries = self.spf_dns_query_count > 10 def get_spf_record(self, domain=None): """Fetches the SPF record for the specified domain.""" @@ -58,9 +58,9 @@ def get_spf_all_string(self): return None - def get_spf_includes(self): - """Returns the number of includes, redirects, and other mechanisms in the SPF record for a given domain.""" - def count_includes(spf_record): + def get_spf_dns_queries(self): + """Returns the number of dns queries, redirects, and other mechanisms in the SPF record for a given domain.""" + def count_dns_queries(spf_record): count = 0 for item in spf_record.split(): if item.startswith("include:") or item.startswith("redirect="): @@ -71,13 +71,13 @@ def count_includes(spf_record): count += 1 try: - # Recursively fetch and count includes or redirects in the SPF record of the referenced domain + # Recursively fetch and count dns queries or redirects in the SPF record of the referenced domain answers = dns.resolver.resolve(url, 'TXT') for rdata in answers: for txt_string in rdata.strings: txt_record = txt_string.decode('utf-8') if txt_record.startswith('v=spf1'): - count += count_includes(txt_record) + count += count_dns_queries(txt_record) except Exception: pass @@ -89,10 +89,10 @@ def count_includes(spf_record): return count - return count_includes(self.spf_record) + return count_dns_queries(self.spf_record) def __str__(self): return (f"SPF Record: {self.spf_record}\n" f"All Mechanism: {self.all_mechanism}\n" - f"Number of Includes: {self.num_includes}\n" - f"Too Many Includes: {self.too_many_includes}") \ No newline at end of file + f"DNS Query Count: {self.spf_dns_query_count}\n" + f"Too Many DNS Queries: {self.too_many_dns_queries}") \ No newline at end of file diff --git a/modules/spoofing.py b/modules/spoofing.py index ce0abc5..747f310 100644 --- a/modules/spoofing.py +++ b/modules/spoofing.py @@ -3,13 +3,13 @@ import tldextract class Spoofing: - def __init__(self, domain, p, aspf, spf_record, spf_all, spf_includes, sp, pct): + def __init__(self, domain, p, aspf, spf_record, spf_all, spf_dns_queries, sp, pct): self.domain = domain self.p = p self.aspf = aspf self.spf_record = spf_record self.spf_all = spf_all - self.spf_includes = spf_includes + self.spf_dns_queries = spf_dns_queries self.sp = sp self.pct = pct self.domain_type = self.get_domain_type() @@ -31,7 +31,7 @@ def is_spoofable(self): return 0 else: return 8 - elif self.spf_includes > 10 and self.p is None: + elif self.spf_dns_queries > 10 and self.p is None: return 0 elif self.spf_all == "2many": if self.p == "none": diff --git a/spoofy.py b/spoofy.py index 6ccbbed..9e25553 100755 --- a/spoofy.py +++ b/spoofy.py @@ -17,8 +17,8 @@ def process_domain(domain): spf_record = spf.spf_record spf_all = spf.all_mechanism - spf_num_includes = spf.num_includes - spf_too_many_includes = spf.too_many_includes + spf_dns_query_count = spf.spf_dns_query_count + spf_too_many_dns_queries = spf.too_many_dns_queries dmarc_record = dmarc.dmarc_record dmarc_p = dmarc.policy @@ -33,7 +33,7 @@ def process_domain(domain): bimi_location = bimi_info.location bimi_authority = bimi_info.authority - spoofing_info = Spoofing(domain, dmarc_p, dmarc_aspf, spf_record, spf_all, spf_num_includes, dmarc_sp, dmarc_pct) + spoofing_info = Spoofing(domain, dmarc_p, dmarc_aspf, spf_record, spf_all, spf_dns_query_count, dmarc_sp, dmarc_pct) domain_type = spoofing_info.domain_type spoofing_possible = spoofing_info.spoofing_possible @@ -45,8 +45,8 @@ def process_domain(domain): 'DNS_SERVER': dns_info.dns_server, 'SPF': spf_record, 'SPF_MULTIPLE_ALLS': spf_all, - 'SPF_NUM_INCLUDES': spf_num_includes, - 'SPF_TOO_MANY_INCLUDES': spf_too_many_includes, + 'SPF_NUM_DNS_QUERIES': spf_dns_query_count, + 'SPF_TOO_MANY_DNS_QUERIES': spf_too_many_dns_queries, 'DMARC': dmarc_record, 'DMARC_POLICY': dmarc_p, 'DMARC_PCT': dmarc_pct,