From 4d6a8a71a777882cd0a10bac82d84c1adca55701 Mon Sep 17 00:00:00 2001
From: mzack <marco.rivoli.nvh@gmail.com>
Date: Wed, 2 Feb 2022 07:54:15 +0100
Subject: [PATCH] Adding support for DNS CAA query

---
 integration_tests/dns/caa.yaml    | 22 ++++++++++++++++++++++
 v2/cmd/integration-test/dns.go    | 17 +++++++++++++++++
 v2/pkg/protocols/dns/dns.go       |  2 ++
 v2/pkg/protocols/dns/dns_types.go |  3 +++
 4 files changed, 44 insertions(+)
 create mode 100644 integration_tests/dns/caa.yaml

diff --git a/integration_tests/dns/caa.yaml b/integration_tests/dns/caa.yaml
new file mode 100644
index 000000000..9a2ffc987
--- /dev/null
+++ b/integration_tests/dns/caa.yaml
@@ -0,0 +1,22 @@
+id: caa-fingerprinting
+
+info:
+  name: CAA Fingerprint
+  author: pdteam
+  severity: info
+  tags: dns,caa
+
+dns:
+  - name: "{{FQDN}}"
+    type: CAA
+
+    matchers:
+      - type: word
+        words:
+          - "IN\tCAA"
+
+    extractors:
+      - type: regex
+        group: 1
+        regex:
+          - "IN\tCAA\t(.+)"
\ No newline at end of file
diff --git a/v2/cmd/integration-test/dns.go b/v2/cmd/integration-test/dns.go
index 8e3b7213a..e0068fa90 100644
--- a/v2/cmd/integration-test/dns.go
+++ b/v2/cmd/integration-test/dns.go
@@ -7,6 +7,7 @@ import (
 var dnsTestCases = map[string]testutils.TestCase{
 	"dns/basic.yaml": &dnsBasic{},
 	"dns/ptr.yaml":   &dnsPtr{},
+	"dns/caa.yaml":   &dnsCAA{},
 }
 
 type dnsBasic struct{}
@@ -40,3 +41,19 @@ func (h *dnsPtr) Execute(filePath string) error {
 	}
 	return expectResultsCount(results, 1)
 }
+
+type dnsCAA struct{}
+
+// Execute executes a test case and returns an error if occurred
+func (h *dnsCAA) Execute(filePath string) error {
+	var routerErr error
+
+	results, err := testutils.RunNucleiTemplateAndGetResults(filePath, "google.com", debug)
+	if err != nil {
+		return err
+	}
+	if routerErr != nil {
+		return routerErr
+	}
+	return expectResultsCount(results, 1)
+}
diff --git a/v2/pkg/protocols/dns/dns.go b/v2/pkg/protocols/dns/dns.go
index 31adee9e7..279e6eea6 100644
--- a/v2/pkg/protocols/dns/dns.go
+++ b/v2/pkg/protocols/dns/dns.go
@@ -234,6 +234,8 @@ func questionTypeToInt(questionType string) uint16 {
 		question = dns.TypeDS
 	case "AAAA":
 		question = dns.TypeAAAA
+	case "CAA":
+		question = dns.TypeCAA
 	}
 	return question
 }
diff --git a/v2/pkg/protocols/dns/dns_types.go b/v2/pkg/protocols/dns/dns_types.go
index dc0a22d2c..34c8b7e16 100644
--- a/v2/pkg/protocols/dns/dns_types.go
+++ b/v2/pkg/protocols/dns/dns_types.go
@@ -31,6 +31,8 @@ const (
 	TXT
 	// name:AAAA
 	AAAA
+	// name:CAA
+	CAA
 	limit
 )
 
@@ -45,6 +47,7 @@ var DNSRequestTypeMapping = map[DNSRequestType]string{
 	MX:    "MX",
 	TXT:   "TXT",
 	AAAA:  "AAAA",
+	CAA:   "CAA",
 }
 
 // GetSupportedDNSRequestTypes returns list of supported types