Class: Wmap::HostTracker

Inherits:

Object

• Object
• Wmap::HostTracker

Includes:

Singleton, Utils

Defined in:

lib/wmap/host_tracker.rb,
lib/wmap/host_tracker/primary_host.rb

Overview

Class to handle the local host data repository file where lists of known hosts from discovery and past assessment efforts are stored

Direct Known Subclasses

PrimaryHost

Defined Under Namespace

Classes: PrimaryHost

Constant Summary

Constants included from Utils::UrlMagic

Utils::UrlMagic::Max_http_timeout, Utils::UrlMagic::User_agent

Constants included from Utils::DomainRoot

Utils::DomainRoot::File_ccsld, Utils::DomainRoot::File_cctld, Utils::DomainRoot::File_gtld, Utils::DomainRoot::File_tld

Instance Attribute Summary

• #alias ⇒ Object readonly

  Returns the value of attribute alias.

• #data_dir ⇒ Object

  Returns the value of attribute data_dir.

• #hosts_file ⇒ Object

  Returns the value of attribute hosts_file.

• #known_hosts ⇒ Object

  Returns the value of attribute known_hosts.

• #max_parallel ⇒ Object

  Returns the value of attribute max_parallel.

• #verbose ⇒ Object

  Returns the value of attribute verbose.

Instance Method Summary

• #add(host) ⇒ Object

  Setter to add host entry to the cache once at a time.

• #bulk_add(list, num = @max_parallel) ⇒ Object (also: #adds)

  Setter to add host entry to the local hosts in batch (from an array).

• #bulk_delete(list) ⇒ Object (also: #dels)

  ‘setter’ to delete host entry to the cache in batch (from an array).

• #count ⇒ Object

  Count numbers of entries in the local host repository.

• #delete(host) ⇒ Object

  ‘setter’ to remove entry from the local hosts one at a time.

• #dump_sub_domains ⇒ Object (also: #get_sub_domains)

  Extract a list of sub-domains from the local host repository @known_hosts.

• #file_add(file) ⇒ Object

  ‘setter’ to add host entry to the local hosts in batch (from a file).

• #file_delete(file) ⇒ Object

  Setter to delete host entries in the local hosts in batch (from a file).

• #get_a_records ⇒ Object (also: #dump_a_records)

  Extract hostname without the root domain part from the @known_hosts.

• #get_root_domains ⇒ Object (also: #dump_root_domains)

  Extract known root domains from the local host repository @known_hosts.

• #host_aliases(host) ⇒ Object (also: #aliases)

  Search local host repository and return a list of aliases for the host.

• #host_known?(host) ⇒ Boolean (also: #is_known?)

  Check if the specific host within @known_hosts table.

• #initialize(params = {}) ⇒ HostTracker constructor

  Instance default variables.

• #ip_known?(ip) ⇒ Boolean (also: #has_a_record?)

  Check if the specific IP within @known_hosts table.

• #load_known_hosts_from_file(f_hosts = @hosts_file) ⇒ Object

  Setter to load the known hosts from the local hosts file into a class instance.

• #local_host_2_ip(host) ⇒ Object

  Perform DNS lookup on the local host repository.

• #local_ip_2_host(ip) ⇒ Object

  Perform reverse DNS lookup on the local host repository.

• #print_host(host) ⇒ Object (also: #print)

  Print summary report on the cache.

• #print_known_hosts ⇒ Object (also: #print_all)

  Print summary report on the cache.

• #refresh(host) ⇒ Object

  Setter to refresh the entry from the cache one at a time.

• #refresh_all ⇒ Object

  Refresh all the entries in the local hosts by querying the Internet.

• #save_known_hosts_to_file!(f_hosts = @hosts_file) ⇒ Object (also: #save!)

  Save the current local hosts hash table into a (random) data repository file.

• #search(pattern) ⇒ Object (also: #find)

  Search potential matching sites from the host store by using simple regular expression.

• #sub_domain_known?(domain) ⇒ Boolean

  Based on the current host store, to determine if an entry is a known sub-domain.

• #top_hostname(num) ⇒ Object

  Top hostname - sort out most common host-name in the host store in descendant order.

Methods included from Utils

#cidr_2_ips, #file_2_hash, #file_2_list, #get_nameserver, #get_nameservers, #host_2_ip, #host_2_ips, #is_cidr?, #is_fqdn?, #is_ip?, #list_2_file, #reverse_dns_lookup, #sort_ips, #valid_dns_record?, #zone_transferable?

Methods included from Utils::Logger

#wlog

Methods included from Utils::UrlMagic

#create_absolute_url_from_base, #create_absolute_url_from_context, #host_2_url, #is_site?, #is_ssl?, #is_url?, #landing_location, #make_absolute, #normalize_url, #open_page, #redirect_location, #response_code, #response_headers, #url_2_host, #url_2_path, #url_2_port, #url_2_site, #urls_on_same_domain?

Methods included from Utils::DomainRoot

#get_domain_root, #get_domain_root_by_ccsld, #get_domain_root_by_cctld, #get_domain_root_by_tlds, #get_sub_domain, #is_domain_root?, #print_ccsld, #print_cctld, #print_gtld

Constructor Details

#initialize(params = {}) ⇒ HostTracker

Instance default variables

# File 'lib/wmap/host_tracker.rb', line 21

def initialize (params = {})
  @verbose=params.fetch(:verbose, false)
  @data_dir=params.fetch(:data_dir, File.dirname(__FILE__)+'/../../data/')
  Dir.mkdir(@data_dir) unless Dir.exist?(@data_dir)
  # Set default instance variables
  @hosts_file=params.fetch(:hosts_file, @data_dir + 'hosts')
  @max_parallel=params.fetch(:max_parallel, 40)
  # Initialize the instance variables
  File.write(@hosts_file, "") unless File.exist?(@hosts_file)
  load_known_hosts_from_file(@hosts_file)
end

Instance Attribute Details

#alias ⇒ Object (readonly)

Returns the value of attribute alias.

# File 'lib/wmap/host_tracker.rb', line 18

def alias
  @alias
end

#data_dir ⇒ Object

Returns the value of attribute data_dir.

# File 'lib/wmap/host_tracker.rb', line 17

def data_dir
  @data_dir
end

#hosts_file ⇒ Object

Returns the value of attribute hosts_file.

# File 'lib/wmap/host_tracker.rb', line 17

def hosts_file
  @hosts_file
end

#known_hosts ⇒ Object

Returns the value of attribute known_hosts.

# File 'lib/wmap/host_tracker.rb', line 17

def known_hosts
  @known_hosts
end

#max_parallel ⇒ Object

Returns the value of attribute max_parallel.

# File 'lib/wmap/host_tracker.rb', line 17

def max_parallel
  @max_parallel
end

#verbose ⇒ Object

Returns the value of attribute verbose.

# File 'lib/wmap/host_tracker.rb', line 17

def verbose
  @verbose
end

Instance Method Details

#add(host) ⇒ Object

Setter to add host entry to the cache once at a time

# File 'lib/wmap/host_tracker.rb', line 100

def add(host)
  puts "Add entry to the local host repository: #{host}"
  host=host.strip.downcase unless host.nil?
  unless @known_hosts.key?(host)
    ip=host_2_ip(host)
    record=Hash.new
    if is_ip?(ip)
      # filter host to known domains only
      root=get_domain_root(host)
      puts "Domain root: #{root}" if @verbose
      domain_tracker=Wmap::DomainTracker.instance
      domain_tracker.data_dir=@data_dir
      domain_tracker.domains_file = domain_tracker.data_dir + "domains"
      domain_tracker.load_domains_from_file
      if domain_tracker.domain_known?(root)
        domain_tracker=nil
        record[host]=ip
        record[ip]=host
        puts "Host data repository entry loaded: #{host} <=> #{ip}"
        # Replace instance with the class variable to avoid potential race condition under parallel engine
        # add additional logic to update the sub-domain table as well, 02/10/2014
        sub=get_sub_domain(host)
        if sub!=root
          tracker=Wmap::DomainTracker::SubDomain.instance
          tracker.data_dir=@data_dir
          tracker.sub_domains_file = tracker.data_dir + "sub_domains"
          tracker.known_internet_sub_domains=tracker.load_domains_from_file(tracker.sub_domains_file)
          unless tracker.domain_known?(sub)
            tracker.add(sub)
            tracker.save!
          end
          tracker=nil
        end
        @known_hosts.merge!(record)
        return record
      else
        domain_tracker=nil
        puts "Error - host #{host} has an untrusted internet root domain: #{root}\nPlease update the trusted domain seeds file first if necessary."
      end
    else
      puts "Problem resolve host #{host} - unknown IP: #{ip}"
    end
  else
    puts "Host is already exist. Skip: #{host}"
  end
rescue => ee
  puts "Exception on method #{__method__}: #{ee}" if @verbose
end

#bulk_add(list, num = @max_parallel) ⇒ Object Also known as: adds

Setter to add host entry to the local hosts in batch (from an array)

# File 'lib/wmap/host_tracker.rb', line 150

def bulk_add(list, num=@max_parallel)
  puts "Add entries to the local host repository: #{list}"
  results=Hash.new
  if list.size > 0
    puts "Start parallel host update processing on:\n #{list}" if @verbose
    Parallel.map(list, :in_processes => num) { |target|
      add(target)
    }.each do |process|
      if process.nil?
        next
      elsif process.empty?
        #do nothing
      else
        results.merge!(process)
      end
    end
    @known_hosts.merge!(results)
    puts "Done loading entries."
    return results
  else
    puts "Error: empty list - no entry is loaded. Please check your input list and try again."
  end
  return results
rescue => ee
  puts "Exception on method #{__method__}: #{ee}"
end

#bulk_delete(list) ⇒ Object Also known as: dels

‘setter’ to delete host entry to the cache in batch (from an array)

# File 'lib/wmap/host_tracker.rb', line 205

def bulk_delete(list)
  puts "Delete entries to the local host repository from:\n #{list}"
  hosts=list
  changes=Array.new
  if hosts.size > 0
    hosts.map do |x|
      host=delete(x)
      changes.push(host) unless host.nil?
    end
    puts "Done deleting hosts."
    return changes
  else
    puts "Error: empty list - no entry is loaded. Please check your list and try again."
  end
rescue => ee
  puts "Exception on method #{__method__}: #{ee}"
end

#count ⇒ Object

Count numbers of entries in the local host repository

# File 'lib/wmap/host_tracker.rb', line 85

def count
  puts "Counting number of entries in the local host repository ..."
  cnt=0
  @known_hosts.keys.map do |key|
    unless is_ip?(key)
      cnt=cnt+1
    end
  end
  puts "Current number of entries: #{cnt}"
  return cnt
rescue => ee
  puts "Exception on method #{__method__}: #{ee}"
end

#delete(host) ⇒ Object

‘setter’ to remove entry from the local hosts one at a time

# File 'lib/wmap/host_tracker.rb', line 190

def delete(host)
  puts "Remove entry from the local host repository: #{host} "
  host=host.strip.downcase
  if @known_hosts.key?(host)
    @known_hosts.delete(host)
    puts "Entry cleared."
    return host
  else
    puts "Entry not fund. Skip: #{host}"
  end
rescue => ee
  puts "Exception on method #{__method__}: #{ee}"
end

#dump_sub_domains ⇒ Object Also known as: get_sub_domains

Extract a list of sub-domains from the local host repository @known_hosts

# File 'lib/wmap/host_tracker.rb', line 404

def dump_sub_domains
  puts "Dump out all active sub domains from the local hosts." if @verbose
  subs=Array.new
  @known_hosts.keys.each do |hostname|
    next if is_ip?(hostname)
    hostname = hostname.strip
    sub = get_subdomain(hostname)
    subs.push(sub) unless sub.nil?
  end
  subs.uniq!.sort! unless subs.empty?
  puts "Found sub domains: #{subs}" if @verbose
  return subs
rescue Exception => ee
  puts "Exception on method #{__method__}: #{ee}"
  return subs
end

#file_add(file) ⇒ Object

‘setter’ to add host entry to the local hosts in batch (from a file)

# File 'lib/wmap/host_tracker.rb', line 179

def file_add(file)
  puts "Add entries to the local host repository from file: #{file}"
  raise "File non-exist. Please check your file path and name again: #{file}" unless File.exist?(file)
  hosts=file_2_list(file)
  changes=bulk_add(hosts)
  return changes
rescue => ee
  puts "Exception on method #{__method__}: #{ee}"
end

#file_delete(file) ⇒ Object

Setter to delete host entries in the local hosts in batch (from a file)

# File 'lib/wmap/host_tracker.rb', line 225

def file_delete(file)
  puts "Delete the local host repository entries from file: #{file}"
  raise "File non-exist. Please check your file path and name again: #{file}" unless File.exist?(file)
  hosts=file_2_list(file)
  changes=bulk_delete(hosts)
  puts "Delete done."
  return changes
rescue => ee
  puts "Exception on method #{__method__}: #{ee}"
end

#get_a_records ⇒ Object Also known as: dump_a_records

Extract hostname without the root domain part from the @known_hosts. Data can be used for statistics study.

# File 'lib/wmap/host_tracker.rb', line 305

def get_a_records
  puts "Dump out all known A records from the local hosts."
  records=Array.new
  (@known_hosts.keys-["",nil]).map do |hostname|
    next if is_ip?(hostname)
    hostname = hostname.strip
    root = get_domain_root(hostname)
    record = hostname.sub('.'+root,'')
    records.push(record) unless record.nil?
  end
  records.sort!
  return records
rescue => ee
  puts "Exception on method #{__method__}: #{ee}"
end

#get_root_domains ⇒ Object Also known as: dump_root_domains

Extract known root domains from the local host repository @known_hosts

# File 'lib/wmap/host_tracker.rb', line 288

def get_root_domains
  puts "Dump out all active root domains from the cache."
  zones=Array.new
  (@known_hosts.keys-["",nil]).map do |hostname|
    next if is_ip?(hostname)
    hostname = hostname.strip
    zone = get_domain_root(hostname)
    zones.push(zone) unless zone.nil?
  end
  zones.uniq!.sort!
  return zones
rescue => ee
  puts "Exception on method #{__method__}: #{ee}"
end

#host_aliases(host) ⇒ Object Also known as: aliases

Search local host repository and return a list of aliases for the host

# File 'lib/wmap/host_tracker.rb', line 450

def host_aliases (host)
  puts "Search aliases in the local hosts data repository for host: #{host}" if @verbose
  host.strip!
  raise "Unknown method input: #{host} We expect a FQDN host-name string from you. " unless is_fqdn?(host)
  aliases=Array.new
  if @known_hosts.key?(host)
    ip=local_host_2_ip(host)
    @known_hosts.keys.map do |key|
      my_ip=local_host_2_ip(key)
      if ip == my_ip
        aliases.push(key)
      end
    end
  else
    raise "Unknown host-name in the local hosts data repository: #{host}"
  end
  return aliases-[host]
rescue Exception => ee
  puts "Exception on method #{__method__}: #{ee}"
  return nil
end

#host_known?(host) ⇒ Boolean Also known as: is_known?

Check if the specific host within @known_hosts table

Returns:

• (Boolean)

# File 'lib/wmap/host_tracker.rb', line 363

def host_known? (host)
  host=host.strip.downcase unless host.nil?
  return false if @known_hosts==nil
  return @known_hosts.key?(host.strip)
rescue => ee
  if @verbose
    puts "Host Lookup Error: #{ee}"
  end
  return false
end

#ip_known?(ip) ⇒ Boolean Also known as: has_a_record?

Check if the specific IP within @known_hosts table

Returns:

• (Boolean)

# File 'lib/wmap/host_tracker.rb', line 351

def ip_known? (ip)
  known = false
  ip=ip.strip unless ip.nil?
  return false if @known_hosts==nil
  return @known_hosts.key?(ip.strip)
rescue => ee
  puts "IP Lookup Error: #{ee}" if @verbose
  return false
end

#load_known_hosts_from_file(f_hosts = @hosts_file) ⇒ Object

Setter to load the known hosts from the local hosts file into a class instance

# File 'lib/wmap/host_tracker.rb', line 34

def load_known_hosts_from_file (f_hosts=@hosts_file)
  puts "Loading local hosts from file: #{f_hosts} ..." if @verbose
  @known_hosts=Hash.new
  @alias = Hash.new
  File.write(f_hosts, "") unless File.exist?(f_hosts)
  f=File.open(f_hosts, 'r')
  f.each do |line|
    next unless line =~ /\d+\.\d+\.\d+\.\d+/
    entry=line.chomp.split(%r{\t+|\s+|\,})
    key=entry[0].downcase
    value=entry[1]
    puts "Loading key value pair: #{key} - #{value}" if @verbose
    @known_hosts[key] = Hash.new unless @known_hosts.key?(key)
    @known_hosts[key]= value
    # For reverse host lookup
    @known_hosts[value] = Hash.new unless @known_hosts.key?(value)
    @known_hosts[value] = key
    # Count the number of alias for the recorded IP
    if @alias.key?(value)
      @alias[value]+=1
    else
      @alias[value]=1
    end
  end
  f.close
  return @known_hosts
rescue => ee
  puts "Exception on method #{__method__}: #{ee}"
  return known_hosts
end

#local_host_2_ip(host) ⇒ Object

Perform DNS lookup on the local host repository. Not to confuse with the DNS lookup from the Internet

# File 'lib/wmap/host_tracker.rb', line 390

def local_host_2_ip (host)
  puts "DNS lookup from the local host repository" if @verbose
  host=host.strip unless host.nil?
  if @known_hosts.key?(host)
    return @known_hosts[host]
  else
    return nil
  end
rescue => ee
  puts "Exception on method #{__method__}: #{ee}"
  return nil
end

#local_ip_2_host(ip) ⇒ Object

Perform reverse DNS lookup on the local host repository. Not to confuse with the reverse DNS lookup from the Internet

# File 'lib/wmap/host_tracker.rb', line 376

def local_ip_2_host (ip)
  puts "Reverse DNS lookup from the local host repository" if @verbose
  ip=ip.strip unless ip.nil?
  if @known_hosts.key?(ip)
    return @known_hosts[ip]
  else
    return nil
  end
rescue => ee
  puts "Exception on method #{__method__}: #{ee}"
  return nil
end

#print_host(host) ⇒ Object Also known as: print

Print summary report on the cache

# File 'lib/wmap/host_tracker.rb', line 335

def print_host(host)
  puts "Local host store entry for #{host}"
  host.strip!
  raise "Invalid input: #{host}" unless is_fqdn?(host)
  if @known_hosts.key?(host)
    value=@known_hosts[host]
    puts "#{host}\t#{value}"
  else
    puts "Unknown host in the local store: #{host}"
  end
rescue => ee
  puts "Exception on method #{__method__}: #{ee}"
end

#print_known_hosts ⇒ Object Also known as: print_all

Print summary report on the cache

# File 'lib/wmap/host_tracker.rb', line 323

def print_known_hosts
  puts "\nSummary of local hosts Table:"
  puts "Total entries: #{@known_hosts.size}"
  (@known_hosts.keys.sort-["",nil]).each do |key|
    value=@known_hosts[key]
    puts "#{key}\t#{value}" if is_fqdn?(key)
  end
  puts "End of the summary"
end

#refresh(host) ⇒ Object

Setter to refresh the entry from the cache one at a time

# File 'lib/wmap/host_tracker.rb', line 237

def refresh(host)
  puts "Refresh the local host repository for host: #{host} "
  host=host.strip.downcase
  if @known_hosts.key?(host)
    old_ip=@known_hosts[host]
    new_ip=host_2_ip(host)
    if is_ip?(new_ip)
      if old_ip==new_ip
        puts "No change for the host entry: #{host}\t#{old_ip}"
        return nil
      else
        @known_hosts[host]=new_ip
        @known_hosts[new_ip]=host
        puts "Entry refreshed: #{host}\t#{@known_hosts[host]}"
        return host
      end
    else
      puts "Host can no longer be resolved in the Internet. Entry removed: #{host}\t#{@known_hosts[host]}"
      @known_hosts.delete(host)
      return host
    end
  else
    puts "Error entry non exist: #{host}"
  end
rescue => ee
  puts "Exception on method #{__method__}: #{ee}"
end

#refresh_all ⇒ Object

Refresh all the entries in the local hosts by querying the Internet

# File 'lib/wmap/host_tracker.rb', line 266

def refresh_all
  puts "Refresh all the entries in the local host repository in one shot."
  changes=Hash.new
  hosts=@known_hosts.keys
  @known_hosts=Hash.new
  changes=bulk_add(hosts)
  @known_hosts.merge!(changes)
  #@known_hosts.keys.map do |key|
  #  unless is_ip?(key)
  #    host=refresh(key)
  #    changes.push(host) unless host.nil?
  #  end
  #end
  puts "\n#{changes.size} Entries Refreshed:" if changes.size>0
  #changes.map { |x| puts x }
  puts "Done refreshing the local hosts."
  return changes
rescue => ee
  puts "Exception on method #{__method__}: #{ee}"
end

#save_known_hosts_to_file!(f_hosts = @hosts_file) ⇒ Object Also known as: save!

Save the current local hosts hash table into a (random) data repository file

# File 'lib/wmap/host_tracker.rb', line 66

def save_known_hosts_to_file!(f_hosts=@hosts_file)
  puts "Saving the local host repository from memory to file: #{f_hosts} ..."
  timestamp=Time.now
  f=File.open(f_hosts, 'w')
  f.write "# local hosts file created by the #{self.class} class #{__method__} method at: #{timestamp}"
  @known_hosts.keys.sort.map do |key|
    unless key =~ /\d+\.\d+\.\d+\.\d+/
      f.write "\n#{key}\t#{@known_hosts[key]}"
    end
  end
  f.write "\n"
  f.close
  puts "local host repository is successfully saved to: #{f_hosts}"
#rescue => ee
# puts "Exception on method #{__method__}: #{ee}"
end

#search(pattern) ⇒ Object Also known as: find

Search potential matching sites from the host store by using simple regular expression. Note that any upper-case char in the search string will be automatically converted into lower case

# File 'lib/wmap/host_tracker.rb', line 433

def search (pattern)
  puts "Search host store based on the regular expression: #{pattern}" if @verbose
  pattern=pattern.strip.downcase
  results=Array.new
  @known_hosts.keys.map do |key|
    if key =~ /#{pattern}/i
      results.push(key)
    end
  end
  return results
rescue Exception => ee
  puts "Exception on method #{__method__}: #{ee}"
  return nil
end

#sub_domain_known?(domain) ⇒ Boolean

Based on the current host store, to determine if an entry is a known sub-domain

Returns:

• (Boolean)

# File 'lib/wmap/host_tracker.rb', line 423

def sub_domain_known?(domain)
  puts "Validate sub-domain: #{domain}" if @verbose
  domain=domain.strip.downcase
  subs=dump_sub_domains
  return subs.include?(domain)
rescue Exception => ee
  puts "Exception on method #{__method__}: #{ee}"
end

#top_hostname(num) ⇒ Object

Top hostname - sort out most common host-name in the host store in descendant order

# File 'lib/wmap/host_tracker.rb', line 474

def top_hostname (num)
  puts "Sort the host store for the most common hostname. " if @verbose
  h=Hash.new
  host_store=Hash.new
  top=Array.new
  # Build a host table from the host file
  f=File.open(@hosts_file, 'r')
  f.each do |line|
    next unless line =~ /\d+\.\d+\.\d+\.\d+/
    # skip the domain roots in the host list
    next if is_domain_root?(line.chomp)
    entry=line.chomp.split(%r{\t+|\s+|\,})
    key=entry[0].downcase
    value=entry[1]
    puts "Loading key value pair: #{key} - #{value}" if @verbose
    host_store[key] = Hash.new unless known_hosts.key?(key)
    host_store[key]= value
  end
  f.close
  host_store.keys.map do |key|
    host=key.split('.')
    if h.key?(host[0])
      h[host[0]]+=1
    else
      h[host[0]]=1
    end
  end
  result = h.keys.sort { |a,b| h[b] <=> h[a] } # Sort by value descendantly
  num = result.size if result.size < num
  for i in 0...num
    top.push(result[i])
  end
  return top
rescue Exception => ee
  puts "Exception on method #{__method__}: #{ee}"
  return nil
end