Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

API & Integration, DevOps,NetOps,SecOps

Reply

Check if DNS authoritative zones have been disabled

New Member
Posts: 1
1735     0

Hi,

I wrote a python script that via API disables a list of DNS autoritative zones; in order to double check if the disable operation was successfull, I would like to know how to retrieve the disable field for a list of zones (either given the fqdn or the _ref) via API

thanks in advance

R

Re: Check if DNS authoritative zones have been disabled

[ Edited ]
Superuser
Posts: 81
1736     0

Hello Robert,

 

I've attcahed a python script for your use-case, down below. Please note that I've specified the WAPI version to be 2.10.1 & you may need to adjust that if your NIOS version doesn't support this version. 

 

IMPORTANT NOTE : I haven't scaled this to refine the runtime complexity. If you have N number of domains to be checked, this code would login atleast N number of times to the grid before giving you the result. That definitely means a higher time-complexity & shall hit the concurrent login sessions to the grid. You may fix this by getting the results from the grid in one shot as a single JSON content(pull everything for /zone_auth onetime & then search the contents based on the entries inside your checkfile). I wrote this quickly & didn't consider this aspect then. I'll post a modified version later as possible. Ignore this note in case if this is more like a one-time use-case & the number of domains in your check list is low. 

 

"""Script to inspect "Disable" flag of specific set of domains added under a List file file(no need to specify path if in same location, else specify the path+filename) as shown below
   
   List content example -->
   
   example.com
   alman.com
   infoblox.com
   
   example of listname to be entered-->
   
   domainlist.txt
   /home/alman/Desktop/pys/domainlist.txt
"""

import requests
import urllib3
import json

urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

resultsToClient=[]

list_name=input("\nEnter the name of the List file :")
type(list_name)
gm_ip= input("Enter Grid master IP :")
type(gm_ip)
gm_user=input("Enter user name :")
type(gm_user)
gm_password=input("Enter password :")
type(gm_password)
print("\n\nChecking for *Active* domains from the list...\n")

fileB=open(list_name, 'r')
readFqdns=fileB.readlines()
count = 0
urL = 'https://'+gm_ip+'/wapi/v2.10.1/zone_auth?_return_fields=fqdn,disable&fqdn='
for line in readFqdns:
    count += 1
    reqResponse= requests.get(urL+line.strip(), auth=(gm_user, gm_password), verify=False)
    #print("The result : " + str(reqResponse.content))
    writable_value=reqResponse.content
    response_native = json.loads(writable_value)
    for resp in response_native:
      if resp.get('disable') == False:
        help_value= resp.get("fqdn")
        resultsToClient.append(str(help_value))

print("Inspection complete & the *Active* domains from the list are as follows(If any):- \n")

for active_domain in resultsToClient:
    print(active_domain.strip())

Hope this helps!

 

Best regards,

 

Showing results for 
Search instead for 
Did you mean: 

Recommended for You