[ SEA-GHOST MINI SHELL]

Path : /proc/2/root/proc/3/cwd/var/lib/zabbix/
FILE UPLOADER :
Current File : //proc/2/root/proc/3/cwd/var/lib/zabbix/dnsrecords_check.py

#!/usr/bin/env python
"""Copyright (c) 2005 Scott Kitterman, spf2@kitterman.com
This module is free software, and you may redistribute it and/or modify
it under the same terms as Python itself, so long as this copyright message
and disclaimer are retained in their original form.

IN NO EVENT SHALL THE AUTHOR BE LIABLE TO ANY PARTY FOR DIRECT, INDIRECT,
SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OF
THIS CODE, EVEN IF THE AUTHOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGE.

THE AUTHOR SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE.  THE CODE PROVIDED HEREUNDER IS ON AN "AS IS" BASIS,
AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.

For more information about SPF, a tool against email forgery, see
        http://spf.pobox.com/"""
import sys
import cgi
import cgitb; cgitb.enable()
import spf
import socket
import DNS
import string
import subprocess
#import shlex

DNS.DiscoverNameServers()

form = cgi.FieldStorage()            # parse form data
formdomain = 'example.com'
if form.has_key("domain"):
    formdomain = form["domain"].value
domaintuple = spf.split_email(formdomain, '')
domain = domaintuple[1]

checktype = sys.argv[2]
if checktype == 'dkim':
    cmd='dig default._domainkey.{} txt +short'.format(sys.argv[1])
    proc=subprocess.Popen(cmd,shell = True,stdout=subprocess.PIPE)
    record,err=proc.communicate()
    if record[1:8] != 'v=DKIM1':
        print "ERROR: DKIM records must start with v=DKIM1, this does not appear to be a valid DKIM record."
        print(record[1:-2])
    elif record:
        print(record[1:-2])
elif checktype == 'dmarc':
    cmd='dig _dmarc.{} txt +short'.format(sys.argv[1])
    proc=subprocess.Popen(cmd,shell = True,stdout=subprocess.PIPE)
    record,err=proc.communicate()
    if record[1:9] != 'v=DMARC1':
        print "ERROR:  records must start with v=DMARC1, this does not appear to be a valid DMARC record."
        print(record[1:-2])
    elif record:
        print(record[1:-2])

elif checktype == 'spf':
    cmd='dig {0} txt +short | grep v=spf'.format(sys.argv[1])
    proc=subprocess.Popen(cmd,shell = True,stdout=subprocess.PIPE)
    record,err=proc.communicate()
    record = record[1:-2]
    #record = sys.argv[1]
    if record[:7] != 'v=spf1 ' and record != 'v=spf1':
        print "ERROR: SPF records must start with v=spf1, this does not appear to be a valid SPF record."
        print(record[1:-2])
        record = ""
    if record:
    #   print 'evaluating ', record, '...'
        if record.endswith('-all'):
            target = 'fail'
        elif record.endswith('~all'):
            target = 'softfail'
        elif record.endswith('?all'):
            target = 'neutral'
        elif record.endswith('all') or record.endswith('+all'):
            target = 'pass'
        else:
            target = 'neutral'
        i = '8.8.8.8'
        s = 'postmaster@' + domain
        h = domain
        g = spf.query(i, s, h,local=None,receiver=None,strict=2)
        q = g.check(record)
        if q[0] == target:
            print 'OK: SPF record passed validation test with pySPF (Python SPF library)!'
        elif q[0] == 'temperror':
            print "ERROR: TempError", q[2], ""
        elif q[0] == 'permerror':
            print "ERROR: PermError", q[2], ""
        elif target == 'redirected':
            print "OK: Redirected to another SPF record.  Processed without error using pySPF (Python SPF library)!"
        else:
            print "ERROR: record processed without error, but the result of the test was, ", q[0],". The explanation returned was, ", q[2], ""
    else:
        print "ERROR: No valid SPF record identified"
else:
    print "ERROR: No valid type of check"


SEA-GHOST - SHELL CODING BY SEA-GHOST