Advertisement
Ghostriax-Atrocity

RBL.cpp

Apr 11th, 2015
227
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.79 KB | None | 0 0
  1. #include "stdafx.h"
  2. #include "RBL.h"
  3.  
  4. //bl.spamcop.net, recent.spam.dnsbl.sorbs.net zombie.dnsbl.sorbs.net
  5.  
  6. bool RBL::check(const char* ip)
  7. {
  8. if(!ip || 0 == strlen(ip) || INADDR_NONE == inet_addr(ip))
  9. return false;
  10.  
  11. // Get the RBL info
  12. RBLINFO* rbl = NULL;
  13. get_RBL_info(rbl);
  14.  
  15. // Build the lookup domain
  16. std::string lookupDomain;
  17. build_request_domain(ip, rbl->domain, lookupDomain);
  18.  
  19. // Do the lookup
  20. IP4_ADDRESS resultIP = 0;
  21. if(!lookup(lookupDomain.c_str(), &resultIP))
  22. return false;
  23.  
  24. // Iterate over types to find if one matches
  25. for(unsigned int i = 0; i < rbl->numberOfTypes; i++)
  26. {
  27. if(rbl->types[i].ip == resultIP)
  28. {
  29. printf("Bad! You're a %s\n", rbl->types[i].type);
  30. return true;
  31. }
  32. }
  33.  
  34. return false;
  35. }
  36.  
  37. void RBL::get_RBL_info(RBLINFO* info)
  38. {
  39. IP2TYPE spamhausTypes[] = {
  40. {"ROSKO and known Spammers", inet_addr("127.0.0.2")},
  41. {"ROSKO and known Spammers", inet_addr("127.0.0.3")},
  42. {"3rd party exploits", inet_addr("127.0.0.4")},
  43. {"3rd party exploits", inet_addr("127.0.0.5")},
  44. {"3rd party exploits", inet_addr("127.0.0.6")},
  45. {"3rd party exploits", inet_addr("127.0.0.7")},
  46. {"Dynamic IP", inet_addr("127.0.0.10")},
  47. {"Dynamic IP", inet_addr("127.0.0.11")},
  48. };
  49. static RBLINFO spamhaus = {spamhausTypes, _countof(spamhausTypes), "zen.spamhaus.org"};
  50.  
  51. info = &spamhaus;
  52. }
  53.  
  54.  
  55. bool RBL::lookup(const char* name, PIP4_ADDRESS result)
  56. {
  57. if(!name || !result)
  58. return false;
  59.  
  60. /* Set dns server to query.
  61. It is important to not use the users DNS servers - some ISPs hijack non existing domains.
  62. That could be misinterpreted. */
  63. IP4_ARRAY serverList = {1, inet_addr("8.8.8.8")};
  64.  
  65. PDNS_RECORD pDnsRecord = NULL;
  66. DNS_STATUS status = DnsQuery_A(name, DNS_TYPE_A, DNS_QUERY_STANDARD, &serverList, &pDnsRecord, NULL);
  67.  
  68. // status == 9003 would mean no assosciated IP thus not in the RBL
  69. if(DNS_RCODE_NOERROR != status)
  70. {
  71. return false;
  72. }
  73.  
  74. for (PDNS_RECORD pRecord = pDnsRecord; pRecord != NULL; pRecord = pRecord->pNext)
  75. {
  76. printf("%X\n", pRecord->Data.A.IpAddress);
  77. }
  78.  
  79. // No need for anything more than one result.
  80. *result = pDnsRecord->Data.A.IpAddress;
  81.  
  82. DnsRecordListFree(pDnsRecord, DnsFreeRecordListDeep);
  83. return true;
  84. }
  85.  
  86. void RBL::build_request_domain(const std::string& ip, const std::string& end, std::string& result)
  87. {
  88. std::vector<std::string> ipParts;
  89.  
  90. string_explode(ip, ".", ipParts);
  91.  
  92. result = ipParts.at(3) + "." + ipParts.at(2) + "." + ipParts.at(1)
  93. + "." + ipParts.at(0) + "." + end;
  94. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement