Source

Recon-ng / modules / recon / hosts / enum / http / web / malwaredomain.py

Full commit
import framework
# unique to module
import re

class Module(framework.module):

    def __init__(self, params):
        framework.module.__init__(self, params)
        self.register_option('domain', self.goptions['domain']['value'], 'yes', self.goptions['domain']['desc'])
        self.info = {
                     'Name': 'Malware Domain Lookup',
                     'Author': 'Micah Hoffman (@WebBreacher)',
                     'Description': 'Checks malwaredomainlist.com to determine if malware has been detected on the given domain.',
                     'Comments': []
                     }
   
    def module_run(self):
        domain = self.options['domain']['value']

        url = 'http://www.malwaredomainlist.com/mdl.php?search=%s&colsearch=Domain&quantity=All' % (domain)
        self.verbose('URL: %s' % url)
        resp = self.request(url)

        # Get the malicious domain results
        entries = re.findall(r'<td><nobr>(.*?)_.*?<.+?td><td>(.+?)</td><td>(.*?)</td><td>.*?</td><td>(.*?)</td><td>', resp.text.replace('<wbr>', ''))
        
        if entries:
            tdata = []
            tdata.append(['Page', 'Date', 'IP', 'Issue'])
            for line in entries:
                tdata.append([line[1], line[0], line[2], line[3]])
            self.table(tdata, True)
        else:
            self.output('No entries found.')