def _analyzer(self, data):
if "Answer" in data:
net = Net(data["Answer"])
obj = IPASN(net)
data["ASN"] = obj.lookup()["asn"]
return data
def myfunc(self): with open(Output,"a",newline='') as out: writer = csv.writer(out) if self[3] in dict_from_csv.keys(): #pos=np.where(FamousDNS["ip"]==self[3]) #as_pub=FamousDNS.iloc[pos[0][0],0] ASN_dest= dict_from_csv[self[3]] Type= 'Public' #writer.writerow((self['prb_id'],self['timestamp'],self['resultset.result.rt'],self['dst_addr'],self['country_code'],self['asn_v4'],ASN_dest,Type)) elif (ipaddress.ip_address(self[3]).is_private): ASN_dest = self[6] Type= 'Private' #writer.writerow((self['prb_id'],self['timestamp'],self['resultset.result.rt'],self['dst_addr'],self['country_code'],self['asn_v4'],ASN_dest,Type)) else: try: net = Net(self[3]) obj = IPASN(net) results = obj.lookup(retry_count=0,asn_methods=['whois']) as_unkn= results['asn'] ASN_dest= as_unkn #self['ASN_dest']= as_unkn Type= 'UnknownPublic' #print(self['Type']) #writer.writerow((self['prb_id'],self['timestamp'],self['resultset.result.rt'],self['dst_addr'],self['country_code'],self['asn_v4'],self['ASN_dest'],self['Type'])) except: asnn=float(self[6]) ASN_dest = asnn Type = 'Private' writer.writerow((self[0],self[1],self[2],self[3],self[5],self[6],ASN_dest,Type)) out.close()
def get_as(self, ip_address):
net = Net(ip_address, allow_permutations=True)
obj = IPASN(net)
results = obj.lookup(inc_raw=True)
#results['added'] = ASNOrigin(net).lookup(asn=results['asn'])
#pprint(results)
return results
def IP2CIDR(ip):
from ipwhois.net import Net
from ipwhois.asn import IPASN
net = Net(ip)
obj = IPASN(net)
results = obj.lookup()
return results
def get_asn(ipaddr):
net = Net(ipaddr)
obj = IPASN(net)
AsnInfo = obj.lookup()
if AsnInfo is None:
return 0
else:
return AsnInfo
def ASN(oneIP):
"""
function to get one single IP to help us look at its ASN.
"""
str1 = str(oneIP)
net = Net(str1)
obj = IPASN(net)
print('Im looking up '+str1)
res = yield obj.lookup()
def test_parse_fields_http(self):
data = {
'nets': {
'net': {
'orgRef': {
'@handle': 'APNIC'
}
}
}
}
net = Net('1.2.3.4')
ipasn = IPASN(net)
try:
self.assertIsInstance(ipasn.parse_fields_http(response=data),
dict)
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
data['nets']['net']['orgRef']['@handle'] = 'RIPE'
try:
self.assertIsInstance(ipasn.parse_fields_http(response=data),
dict)
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
data['nets']['net']['orgRef']['@handle'] = 'DNIC'
try:
self.assertIsInstance(ipasn.parse_fields_http(response=data),
dict)
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
data['nets']['net']['orgRef']['@handle'] = 'INVALID'
try:
self.assertRaises(ASNRegistryError, ipasn.parse_fields_http,
response=data)
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
data = ''
try:
self.assertRaises(ASNRegistryError, ipasn.parse_fields_http,
response=data)
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
def test_parse_fields_http(self):
data = {
'nets': {
'net': {
'orgRef': {
'@handle': 'APNIC'
}
}
}
}
net = Net('1.2.3.4')
ipasn = IPASN(net)
try:
self.assertIsInstance(ipasn.parse_fields_http(response=data),
dict)
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
data['nets']['net']['orgRef']['@handle'] = 'RIPE'
try:
self.assertIsInstance(ipasn.parse_fields_http(response=data),
dict)
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
data['nets']['net']['orgRef']['@handle'] = 'DNIC'
try:
self.assertIsInstance(ipasn.parse_fields_http(response=data),
dict)
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
data['nets']['net']['orgRef']['@handle'] = 'INVALID'
try:
self.assertRaises(ASNRegistryError, ipasn.parse_fields_http,
response=data)
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
data = ''
try:
self.assertRaises(ASNRegistryError, ipasn.parse_fields_http,
response=data)
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
def asn_from_ip(self, ip_address):
"""
Check the IP against the IP 2 ASN service provided by the
Team Cymru IP to ASN Mapping Service
https://ipwhois.readthedocs.io/en/latest/ASN.html#asn-origin-lookups
"""
network = Net(ip_address)
obj = IPASN(network)
res = obj.lookup()
return res["asn"]
def run(self):
try:
with warnings.catch_warnings():
warnings.filterwarnings("ignore", category=UserWarning)
net = Net(socket.gethostbyname(self.address))
obj = IPASN(net)
results = obj.lookup()
except:
results = None
return results
def locate_asn_info(ip):
"""
@IP: 147.229.2.90
"""
try:
net = Net(ip)
ipasn = IPASN(net)
results = ipasn.lookup()
except Exception:
return None
else:
return results
def test_lookup_asn(self):
net = Net('74.125.225.229')
ipasn = IPASN(net)
try:
self.assertIsInstance(ipasn.lookup(), dict)
except HTTPLookupError:
pass
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
def GetASN(self, IPaddress):
'''Retrieve AS Number of an IP address'''
try:
if IPaddress:
net = Net(IPaddress)
obj = IPASN(net)
res = obj.lookup()
IPasn = json.dumps(res["asn"])
else:
IPasn = None
return IPasn
except:
err = sys.exc_info()
print("[!!!] Problem with NetInfo Class: " + str(err))
def lookup(self, ipaddr):
val = self._conn.get(ipaddr)
if val:
return json.loads(val)
try:
net = Net(ipaddr)
obj = IPASN(net)
result = obj.lookup()
except Exception as e:
result = {"asn":"private"}
self._conn.setnx(ipaddr, json.dumps(result))
return result
def addressLocation(self):
if self.results is None:
try:
ip = socket.gethostbyname(self.parseResults.hostname)
net = Net(ip)
obj = IPASN(net)
self.results = obj.lookup()
country = self.results['asn_country_code']
return country
except:
return 0
else:
country = self.results['asn_country_code']
return country
def myfunc(self):
import pandas as pd
import csv
import sys
import numpy as np
from csv import DictReader
from datetime import datetime
import ipaddress
from aslookup import get_as_data
import pyasn
from ipwhois import IPWhois
import multiprocessing as mp
from joblib import Parallel, delayed
from tqdm import tqdm
import ipinfo
from ipwhois.net import Net
from ipwhois.asn import IPASN
with open(Output, "a", newline='') as out:
writer = csv.writer(out)
if self[3] in dict_from_csv.keys():
#pos=np.where(FamousDNS["ip"]==self[3])
#as_pub=FamousDNS.iloc[pos[0][0],0]
ASN_dest = dict_from_csv[self[3]]
Type = 'Public'
#writer.writerow((self['prb_id'],self['timestamp'],self['resultset.result.rt'],self['dst_addr'],self['country_code'],self['asn_v4'],ASN_dest,Type))
elif (ipaddress.ip_address(self[3]).is_private):
ASN_dest = self[6]
Type = 'Private'
#writer.writerow((self['prb_id'],self['timestamp'],self['resultset.result.rt'],self['dst_addr'],self['country_code'],self['asn_v4'],ASN_dest,Type))
else:
try:
net = Net(self[3])
obj = IPASN(net)
results = obj.lookup(retry_count=0, asn_methods=['whois'])
as_unkn = results['asn']
ASN_dest = as_unkn
#self['ASN_dest']= as_unkn
Type = 'UnknownPublic'
#print(self['Type'])
#writer.writerow((self['prb_id'],self['timestamp'],self['resultset.result.rt'],self['dst_addr'],self['country_code'],self['asn_v4'],self['ASN_dest'],self['Type']))
except:
asnn = float(self[6])
ASN_dest = asnn
Type = 'Private'
writer.writerow((self[0], self[1], self[2], self[3], self[5], self[6],
ASN_dest, Type))
out.close()
def addressRegistry(self):
if self.results is None:
try:
ip = socket.gethostbyname(self.parseResults.hostname)
net = Net(ip)
obj = IPASN(net)
self.results = obj.lookup()
registry = self.results['asn_registry']
return registry
except:
return 0
else:
registry = self.results['asn_registry']
return registry
def get_whois(ip):
try:
whois = IPASN(Net(ip)).lookup(retry_count=0, asn_methods=['whois'])
except Exception:
whois = None
return whois
def test_parse_fields_dns(self):
data = '"15169 | 74.125.225.0/24 | US | arin | 2007-03-13"'
net = Net('74.125.225.229')
ipasn = IPASN(net)
try:
self.assertIsInstance(ipasn.parse_fields_dns(data), dict)
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
data = '"15169 | 74.125.225.0/24 | US | random | 2007-03-13"'
self.assertRaises(ASNRegistryError, ipasn.parse_fields_dns, data)
data = ''
self.assertRaises(ASNParseError, ipasn.parse_fields_dns, data)
def test_parse_fields_dns(self):
data = '"15169 | 74.125.225.0/24 | US | arin | 2007-03-13"'
net = Net('74.125.225.229')
ipasn = IPASN(net)
try:
self.assertIsInstance(ipasn.parse_fields_dns(data), dict)
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
data = '"15169 | 74.125.225.0/24 | US | random | 2007-03-13"'
self.assertRaises(ASNRegistryError, ipasn.parse_fields_dns, data)
data = ''
self.assertRaises(ASNParseError, ipasn.parse_fields_dns, data)
def dateRegistered(self):
if self.results is None:
try:
ip = socket.gethostbyname(self.parseResults.hostname)
net = Net(ip)
obj = IPASN(net)
self.results = obj.lookup()
today = datetime.today()
date_registered = datetime.strptime(self.results['asn_date'],
'%Y-%m-%d')
return (today - date_registered).days
except:
return 0
else:
today = datetime.today()
date_registered = datetime.strptime(self.results['asn_date'],
'%Y-%m-%d')
return (today - date_registered).days
def test_parse_fields_whois(self):
data = ('15169 | 74.125.225.229 | 74.125.225.0/24 | US | arin'
' | 2007-03-13 | GOOGLE - Google Inc., US')
net = Net('74.125.225.229')
ipasn = IPASN(net)
try:
self.assertIsInstance(ipasn.parse_fields_whois(data), dict)
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
data = ('15169 | 74.125.225.229 | 74.125.225.0/24 | US | rdm'
' | 2007-03-13 | GOOGLE - Google Inc., US')
self.assertRaises(ASNRegistryError, ipasn.parse_fields_whois, data)
data = '15169 | 74.125.225.229 | 74.125.225.0/24 | US'
self.assertRaises(ASNParseError, ipasn.parse_fields_whois, data)
def test_parse_fields_whois(self):
data = ('15169 | 74.125.225.229 | 74.125.225.0/24 | US | arin'
' | 2007-03-13 | GOOGLE - Google Inc., US')
net = Net('74.125.225.229')
ipasn = IPASN(net)
try:
self.assertIsInstance(ipasn.parse_fields_whois(data), dict)
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
data = ('15169 | 74.125.225.229 | 74.125.225.0/24 | US | rdm'
' | 2007-03-13 | GOOGLE - Google Inc., US')
self.assertRaises(ASNRegistryError, ipasn.parse_fields_whois, data)
data = '15169 | 74.125.225.229 | 74.125.225.0/24 | US'
self.assertRaises(ASNParseError, ipasn.parse_fields_whois, data)
def crawling(self):
ip_list = self._get_ip_list()
ip_result = []
for ip in ip_list:
if ip:
net = Net(ip)
obj = IPASN(net)
result = {'ip': ip}
result.update(obj.lookup())
result['asn_date'] = datetime.strptime(result['asn_date'],
'%Y-%m-%d')
ip_result.append(result)
if len(ip_result) % 100 == 0:
self._output_database(ip_result)
ip_result = []
self._output_database(ip_result)
def run(hostname, list_of_NS, ipv6):
listASN = []
try:
for x in list_of_NS:
ip_address = helpers.getTheIPofAServer(x, ipv6,
DESCRIPTION())["result"]
if isinstance(
helpers.getTheIPofAServer(x, ipv6,
DESCRIPTION())["result"], bool):
return helpers.getTheIPofAServer(x, ipv6, DESCRIPTION())
# Getting IPs of nameservers
net = Net(ip_address)
obj = IPASN(net)
# Getting dictionary with AS info for specific IP
results = obj.lookup()
# Extracts only ASN from dictionary and adds them to a list
listASN.append(results.get('asn'))
except Exception as err:
return {
"description": DESCRIPTION(),
"result": False,
"details": str(err) + f": could not resolve IP of nameserver {x}"
}
# Checks if nameservers ar located in at least 2 different Autonomous Systems
if len(set(listASN)) < 2:
return {
"description": DESCRIPTION(),
"result": False,
"details":
"All nameservers are located in the same Autonomous System"
}
else:
return {
"description":
DESCRIPTION(),
"result":
True,
"details":
f"Nameserver are located at {len(set(listASN))} different Autonumous Systems"
}
def test_lookup(self):
data_dir = path.dirname(__file__)
with io.open(str(data_dir) + '/asn.json', 'r') as \
data_file:
data = json.load(data_file)
for key, val in data.items():
log.debug('Testing: {0}'.format(key))
net = Net(key)
obj = IPASN(net)
try:
self.assertIsInstance(obj.lookup(), dict)
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
def get_whois_info(thing, ti_type):
# ipwhois
# {'asn': '15169', 'asn_date': '1992-12-01', 'asn_registry': 'arin', 'asn_country_code': 'US', 'asn_description': 'GOOGLE
# - Google LLC, US', 'asn_cidr': '8.8.8.0/24'}
# whois
# {'country': US, 'org': 'Google LLC', 'registrar': ''}
res = []
try:
if ti_type == 'ip':
# ip_res = IPASN(Net('8.8.8.8')).lookup()
ip_res = IPASN(Net(thing)).lookup()
res.append(
str(ip_res['asn_country_code']).replace(
',', args.comma_replacer))
res.append(
str(ip_res['asn_description']).replace(',',
args.comma_replacer))
res.append('')
res.append(str(ip_res['asn']).replace(',', args.comma_replacer))
res.append(str(ip_res['asn_date']))
res.append('')
else:
# ip_res = whois.whois('google.com')
ip_res = whois.whois(thing)
res.append(
str(ip_res['country']).replace(',', args.comma_replacer))
res.append(str(ip_res['org']).replace(',', args.comma_replacer))
res.append(
str(ip_res['registrar']).replace(',', args.comma_replacer))
res.append('')
res.append(str(ip_res['creation_date'][0]))
res.append(str(ip_res['updated_date'][0]))
except Exception as e:
pass
return res
def test__TestIPASNLookup(self):
net = Net('74.125.225.229')
ipasn = IPASN(net)
try:
self.assertIsInstance(ipasn.lookup(inc_raw=True), dict)
except (HTTPLookupError, ASNRegistryError):
pass
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
net = Net(address='74.125.225.229',
timeout=0,
allow_permutations=False)
ipasn = IPASN(net)
self.assertRaises(ASNRegistryError, ipasn.lookup)
net = Net(address='74.125.225.229', timeout=0, allow_permutations=True)
ipasn = IPASN(net)
self.assertRaises(HTTPLookupError, ipasn.lookup,
**dict(asn_alts=['http']))
RST_FILES = {
'ASN.rst': {
'OUTPUT_IP_ASN_BASIC': {
'content': (
'::\n\n'
' >>>> from ipwhois.net import Net\n'
' >>>> from ipwhois.asn import IPASN\n'
' >>>> from pprint import pprint\n\n'
' >>>> net = Net(\'2001:43f8:7b0::\')\n'
' >>>> obj = IPASN(net)\n'
' >>>> results = obj.lookup()\n'
' >>>> pprint(results)\n\n'
' {0}'
),
'queries': {
'0': lambda: IPASN(Net('2001:43f8:7b0::')).lookup(),
}
},
'OUTPUT_ASN_ORIGIN_BASIC': {
'content': (
'::\n\n'
' >>>> from ipwhois.net import Net\n'
' >>>> from ipwhois.asn import ASNOrigin\n'
' >>>> from pprint import pprint\n\n'
' >>>> net = Net(\'2001:43f8:7b0::\')\n'
' >>>> obj = ASNOrigin(net)\n'
' >>>> results = obj.lookup(asn=\'AS37578\')\n'
' >>>> pprint(results)\n\n'
' {0}'
),
'queries': {
def ASN(oneIP):
str1 = str(oneIP)
net = Net(str1)
obj = IPASN(net)
print('Im looking up ' + str1)
res = yield obj.lookup()
def enterSingleIp(net):
net = Net(net)
obj = IPASN(net)
res = obj.lookup()
return res
def server_info(self, shodan_key):
sho_api = shodan.Shodan(shodan_key)
asn_temp = []
time2 = time.time()
ips = self.stash.get_column('whois', 'ip')
for ip in ips:
sql = []
try:
net = Net(ip)
obj = IPASN(net)
info = obj.lookup()
except Exception as e:
info = ''
self.log.error(e)
# shodan magic stuff
# lap time
time1 = time.time()
try:
lap = time1 - time2
if lap < 1:
sleep_time = (1 - lap)
self.log.info(f'Sleeping {sleep_time}s waiting for shodan')
time.sleep(sleep_time)
host = sho_api.host(ip)
except shodan.APIError as e:
self.log.error(e)
host = ''
# lap time
time2 = time.time()
# fill up asn_info
if info:
asn = info["asn"]
self.log.findings(f'ASN {asn} found for IP {ip}')
if host:
# shodan found stuff
sqlq = 'INSERT INTO server_info( ip, asn, organization, coordinate, isp ) VALUES(?, ?, ?, ?, ?)'
sqlv = (ip, asn, host["org"],
f'{host["latitude"]},{host["longitude"]}',
host["isp"])
sql.append([sqlq, sqlv])
for p in host["data"]:
sqlq = 'INSERT INTO services( ip, port, service ) VALUES(?, ?, ?)'
sqlv = (ip, p["port"], p["data"])
sql.append([sqlq, sqlv])
self.log.findings(f'Port {p["port"]} open at {ip}')
else:
self.log.warning('No shodan data')
sql.append([
'INSERT INTO server_info( ip, asn ) VALUES( ?, ? )',
(ip, asn)
])
if asn not in asn_temp:
asn_temp.append(asn)
sqlq = 'INSERT INTO asn_info( asn, country, registry, cidr, description, registration_date) VALUES( ?, ?, ?, ?, ?, ? )'
sqlv = (asn, info["asn_country_code"],
info["asn_registry"], info["asn_cidr"],
info["asn_description"], info["asn_date"])
sql.append([sqlq, sqlv])
for q in sql:
self.stash.sql_execcc(q[0], q[1])
def test_lookup(self):
net = Net('74.125.225.229')
ipasn = IPASN(net)
try:
self.assertIsInstance(ipasn.lookup(inc_raw=True), dict)
except ASNRegistryError:
pass
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
self.assertRaises(ValueError, ipasn.lookup,
**dict(asn_methods=['asd']))
ipasn.lookup(asn_methods=['dns', 'whois', 'http'])
ipasn.lookup(asn_methods=['http'])
net = Net(address='74.125.225.229',
timeout=0,
allow_permutations=False)
ipasn = IPASN(net)
self.assertRaises(ASNRegistryError, ipasn.lookup)
net = Net(address='74.125.225.229', timeout=0, allow_permutations=True)
ipasn = IPASN(net)
self.assertRaises(ASNRegistryError, ipasn.lookup,
**dict(asn_alts=['http']))
