6 replies to this topic

[rogdog]

Please find a small Func and test utiltiy for doing reverse DNS lookups on a network

Here is some history behind the FUNC

I recently had a requirement at work incorporate a reverse dns lookup scanner into one of my Autoit programs.

My first attempt was to use the UDF Function _TCPIpToName(ipaddress). This would work fine if there was a valid reply from the network but would take aprox 4.5 seconds per ip address if the FUNC timed out. This was way to slow as I had hundreds of potential ip addresses to scan. I needed to find a better way.

Looking through the forums I found a useful post (http://www.autoitscript.com/forum/index.php?showtopic=63353) by forum member Fox2. This FUNC used the Windows command prompt PING utility and with a little tweaking, I managed to get the timeout to be much shorter than the UDF func above. This prompted me to experiment a bit further and I eventually managed to write a simillar function using the windows command prompt tool NSLOOKUP. The NSLOOKUP tool doesn't need to PING the network devices before resolving the names so it is quicker and produces less network traffic. Also, not all network devices are Pingable so NSLOOKUP should have a better hit rate.

Anyway, here is my simple _ReverseDNS Func using NSLOOKUP

New Version: Posted 8th August 2012
Added StderrRead command as suggested in Knollo's code (post #6)

Func _ReverseDNS($IPAddress)
Local $NSLookupCmd,$ResponseText,$X1,$X2
$IPAddress = StringStripWS($IPAddress,3)
$NSLookupCmd = Run(@ComSpec & " /c nslookup "& $IPAddress, "", @SW_HIDE, $STDOUT_CHILD+$STDERR_CHILD)
While 1
StderrRead($NSLookupCmd)
If @error Then ExitLoop
WEnd
$ResponseText = StdoutRead($NSLookupCmd)
If @error Then Return
$x1 = StringInStr($ResponseText, "Name:")
$x2 = StringInStr($ResponseText, "Address",0,-1)
If $x1 > 0 and $x2 > 0 Then Return StringStripWS(StringMid($ResponseText, $x1 + 6, $x2 - $x1 - 6),3)
Return "Unknown"
EndFunc

Edited by rogdog, 08 August 2012 - 02:11 PM.

[taurus905]

Hello rogdog,
I wanted to thank you for writing and sharing your _ReverseDNS function and the example gui. I was going to write something very similar this evening. I did a search in the forum for "nslookup" and found your thread.

I needed my script for tomorrow morning, so you can imagine how happy I was not to have to spend my evening writing what you had already completed. Now I can eat and get to bed at a decent hour.

Thanks again for exhibiting the kind of unselfishness that makes AutoIt the best scripting language anywhere. I am sure other good people of this forum will also share their ideas in order to spark even more useful ideas for future scripting tasks.

I also appreciated how you posted an example gui which quickly and easily demonstrated how the function worked without too much trouble.

I too maintain a large number of servers and would love to know what other scripting ideas you have explored. I have written a Powershell script that uses WMI and an AutoIt gui. But I have encountered some problems with WMI which re-registering the DLLs in the wbem directory did not always solve, so I am looking for more reliable simple methods. Back to basics. Command-line stuff.

Thanks again and keep up the good work.
taurus905

[rogdog]

Thank you for your kind words. It is very rewarding when people go out of there way to thank others for there efforts.

I am glad you found my scripts useful. I am using the _RevserseDNS() func everyday in an scheduled script that I have for gathering various information form my network. Some of the smallest functions can be the most useful !.


My scheduled script mainly uses SNMP rather than WMI to scan network devices (switches,routers,etc) rather than servers. I run the script once a day to determine what nodes (servers,printers,etc) are connected to the network. I saw a bit of wmi code the other day which may help you posted by ptrex

http://www.autoitscript.com/forum/index.php?showtopic=70759

[ptrex]

@taurus905

I have written a Powershell script that uses WMI and an AutoIt gui.

I am interested to see how you did that.

regards

ptrex

[pegaze01]

Hello rogdog

I am interesting to have a look on your code but it seems to have problems or it is coded on your original post
Is it a way to protect it or a server trouble.

Any other way to read it ?

regards

Edited by pegaze01, 25 April 2012 - 05:38 PM.

[knollo]

i know this post is some days old,

the code above will not work in all cases because the io stream isnt treated right.

this one is working better

#include <Constants.au3>
Func _nslookup($ip)
Local $nsl_string_content[2],$RG=0,$LG=0,$nsl=""
Local $nsl_string=Run(@ComSpec & " /c nslookup "&$ip, "", @SW_HIDE,$STDERR_CHILD + $STDOUT_CHILD)
while 1
$nsl_string_err=StderrRead($nsl_string)
if @error Then ExitLoop
WEnd
While 1
$nsl_string_content[0]=StdoutRead($nsl_string)
if @error or $nsl_string_content[0]="" Then ExitLoop
$nsl_string_content[1]=$nsl_string_content[0]
WEnd
$LG=StringInStr($nsl_string_content[1],"Name:",1,1)
$RG=StringInStr($nsl_string_content[1],Chr(13),1,1,$LG+5)
If $LG>0 and $RG>0 then
$nsl=StringStripCR(StringStripWS(StringMid($nsl_string_content[1],$LG+5,$RG-$LG-5),8))
EndIf
Return $nsl
EndFunc

Edited by knollo, 04 September 2012 - 08:47 AM.

[rogdog]

Hello rogdog

I am interesting to have a look on your code but it seems to have problems or it is coded on your original post
Is it a way to protect it or a server trouble.

Any other way to read it ?

regards

This has now been fixed. For some reason my code in the OP had been corrupted !!