yogeshojha · yogeshojha · Jun 19, 2024 · Feb 22, 2024 · Feb 22, 2024 · Feb 26, 2024
diff --git a/web/api/views.py b/web/api/views.py
@@ -2,6 +2,7 @@
 import re
 import socket
 import subprocess
+from ipaddress import IPv4Network
 
 import requests
 import validators
@@ -1084,20 +1085,22 @@ def get(self, request):
 			})
 		try:
 			logger.info(f'Resolving IP address {ip_address} ...')
-			domain, domains, ips = socket.gethostbyaddr(ip_address)
-			response = {
-				'status': True,
-				'ip_address': ip_address,
-				'domains': domains or [domain],
-				'resolves_to': domain
-			}
-		except socket.herror: # ip does not have a PTR record
-			logger.info(f'No PTR record for {ip_address}')
+			resolved_ips = []
+			for ip in IPv4Network(ip_address, False):
+				domains = []
+				ips = []
+				try:
+					(domain, domains, ips) = socket.gethostbyaddr(str(ip))
+				except socket.herror:
+					logger.info(f'No PTR record for {ip_address}')
+					domain = str(ip)
+				if domain not in domains:
+					domains.append(domain)
+				resolved_ips.append({'ip': str(ip),'domain': domain, 'domains': domains, 'ips': ips})
 			response = {
 				'status': True,
-				'ip_address': ip_address,
-				'domains': [ip_address],
-				'resolves_to': ip_address
+				'orig': ip_address,
+				'ip_address': resolved_ips,
 			}
 		except Exception as e:
 			logger.exception(e)

diff --git a/web/targetApp/templates/target/add.html b/web/targetApp/templates/target/add.html
@@ -257,18 +257,22 @@ <h6 id="selectedCsvFileName" class="text-primary"></h6>
             if (json_data['status']) {
               // #resolved_domains_div
               $("#all_domains_checkbox").show();
-              $('#resolved_domains_div').append(`<b class='text-info'>${json_data['domains'].length} domains associated with IP Address ${ip_address.value}</b></br>`);
-              $('#resolved_domains_div').append(`<b>Please select the domains to import.</b>`);
-              $('#resolved_domains_div').append(`<div id='domains_checkbox' class='mt-2 row'></div>`);
-              for (var domain in json_data['domains']) {
-                $('#domains_checkbox').append(`
-                <div class="col-xl-2 col-md-4 col-sm-6 col-12">
-                  <div class="form-check">
-                    <input type="checkbox" class="form-check-input resolved_ip_domains" name="resolved_ip_domains" id="${json_data['domains'][domain]}" value="${json_data['domains'][domain]}">
-                    <label class="form-check-label" for="${json_data['domains'][domain]}">${json_data['domains'][domain]}</label>
-                  </div>
-                </div>`
-                );
+              if(Array.isArray(json_data['ip_address'])) {
+                $('#resolved_domains_div').append(`<b class='text-info'>${json_data['ip_address'].length} domains associated with IP Address ${json_data['orig']}</b></br>`);
+                $('#resolved_domains_div').append(`<b>Please select the domains to import.</b>`);
+                $('#resolved_domains_div').append(`<div id='domains_checkbox' class='mt-2 row'></div>`);
+                json_data['ip_address'].forEach((ip_info, index, array) => {
+                  for (var domain in ip_info['domains']) {
+                    $('#domains_checkbox').append(`
+                    <div class="col-xl-2 col-md-4 col-sm-6 col-12">
+                      <div class="form-check">
+                        <input type="checkbox" class="form-check-input resolved_ip_domains" name="resolved_ip_domains" id="${ip_info['domains'][domain]}" value="${ip_info['domains'][domain]}">
+                        <label class="form-check-label" for="${ip_info['domains'][domain]}">${ip_info['domains'][domain]}</label>
+                      </div>
+                    </div>`
+                    );
+                  }
+                })
               }
               swal.close();
               // resolved_ip_domains if any is checked, then only enable add button

diff --git a/web/targetApp/views.py b/web/targetApp/views.py
@@ -92,8 +92,8 @@ def add_target(request, slug):
                         domains.append(target)
 
                     elif is_range:
-                        ips = get_ips_from_cidr_range(target)
-                        for ip_address in ips:
+                        _ips = get_ips_from_cidr_range(target)
+                        for ip_address in _ips:
                             ips.append(ip_address)
                             domains.append(ip_address)
                     else:
@@ -203,6 +203,35 @@ def add_target(request, slug):
                                 description=description,
                                 insert_date=timezone.now())
                             added_target_count += 1
+            elif ip_target:
+                # add ip's from "resolve and add ip address" tab
+                resolved_ips = [ip.rstrip() for ip in request.POST.getlist('resolved_ip_domains') if ip]
+                for ip in resolved_ips:
+                    is_domain = bool(validators.domain(ip))
+                    is_ip = bool(validators.ipv4(ip)) or bool(validators.ipv6(ip))
+                    description = request.POST.get('targetDescription', '')
+                    h1_team_handle = request.POST.get('targetH1TeamHandle')
+                    if not Domain.objects.filter(name=ip).exists():
+                        domain, created = Domain.objects.get_or_create(
+                            name=ip,
+                            description=description,
+                            h1_team_handle=h1_team_handle,
+                            project=project,
+                            ip_address_cidr=ip if is_ip else None)
+                        domain.insert_date = timezone.now()
+                        domain.save()
+                        added_target_count += 1
+                        if created:
+                            logger.info(f'Added new domain {domain.name}')
+                        if is_ip:
+                            ip_data = get_ip_info(ip)
+                            ip, created = IpAddress.objects.get_or_create(address=ip)
+                            ip.reverse_pointer = ip_data.reverse_pointer
+                            ip.is_private = ip_data.is_private
+                            ip.version = ip_data.version
+                            ip.save()
+                            if created:
+                                logger.info(f'Added new IP {ip}')
 
         except Exception as e:
             logger.exception(e)
@@ -554,6 +583,6 @@ def get_ip_info(ip_address):
 
 def get_ips_from_cidr_range(target):
     try:
-        return [str(ip) for ip in ipaddress.IPv4Network(target)]
+        return [str(ip) for ip in ipaddress.IPv4Network(target, False)]
     except Exception as e:
         logger.error(f'{target} is not a valid CIDR range. Skipping.')