Added the dns/reverse_lookup worker (closes #10).

lib/ronin/recon/builtin.rb

@@ -19,6 +19,7 @@
 #
 
 require 'ronin/recon/builtin/dns/lookup'
+require 'ronin/recon/builtin/dns/reverse_lookup'
 require 'ronin/recon/builtin/dns/mailservers'
 require 'ronin/recon/builtin/dns/nameservers'
 require 'ronin/recon/builtin/dns/subdomain_enum'

lib/ronin/recon/builtin/dns/reverse_lookup.rb

@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+#
+# ronin-recon - A micro-framework and tool for performing reconnaissance.
+#
+# Copyright (c) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
+#
+# ronin-recon is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-recon is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with ronin-recon.  If not, see <https://www.gnu.org/licenses/>.
+#
+
+require 'ronin/recon/dns_worker'
+
+module Ronin
+  module Recon
+    module DNS
+      #
+      # Performs reverse DNS lookup on an IP address and finds it's host name.
+      #
+      class ReverseLookup < DNSWorker
+
+        register 'dns/reverse_lookup'
+
+        summary 'Reverse looks up an IP address'
+        description <<~DESC
+          Reverse looks up an IP address and return the host names associated
+          with the IP address.
+        DESC
+
+        accepts IP
+        outputs Host
+
+        #
+        # Reverse DNS looks up an IP address and finds it's host name.
+        #
+        # @param [Values::IP] ip
+        #
+        # @yield [host]
+        #
+        # @yieldparam [Values::Host] host
+        #
+        def process(ip)
+          unless ip.host
+            # NOTE: only query IP addresses not associated with a hostname
+            dns_get_ptr_names(ip.address).each do |host_name|
+              yield Host.new(host_name.chomp('.'))
+            end
+          end
+        end
+
+      end
+    end
+  end
+end

lib/ronin/recon/worker_set.rb

@@ -83,6 +83,7 @@ def self.[](*worker_ids)
       # @api private
       DEFAULT_SET = %w[
         dns/lookup
+        dns/reverse_lookup
         dns/mailservers
         dns/nameservers
         dns/subdomain_enum

spec/builtin/dns/reverse_lookup_spec.rb

@@ -0,0 +1,49 @@
+require 'spec_helper'
+require 'ronin/recon/builtin/dns/reverse_lookup'
+
+describe Ronin::Recon::DNS::ReverseLookup do
+  describe "#process", :network do
+    context "when there the IP address has a PTR record back to a host name" do
+      let(:ip)   { Ronin::Recon::Values::IP.new('1.1.1.1') }
+      let(:host) { Ronin::Recon::Values::Host.new('one.one.one.one') }
+
+      it "must yield a Host value" do
+        yielded_values = []
+
+        Async do
+          subject.process(ip) do |value|
+            yielded_values << value
+          end
+        end
+
+        expect(yielded_values).to eq([host])
+      end
+
+      context "but the IP value is already has a #host" do
+        let(:ip) do
+          Ronin::Recon::Values::IP.new('1.1.1.1', host: 'one.one.one.one')
+        end
+
+        it "must not yield any values" do
+          expect { |b|
+            Async do
+              subject.process(ip,&b)
+            end
+          }.not_to yield_control
+        end
+      end
+    end
+
+    context "but the IP address has no PTR records" do
+      let(:ip) { Ronin::Recon::Values::IP.new('93.184.216.34') }
+
+      it "must not yield anything" do
+        expect { |b|
+          Async do
+            subject.process(ip,&b)
+          end
+        }.not_to yield_control
+      end
+    end
+  end
+end