def scan_ip_worker(self):
while self.searching_thread_count <= self.scan_ip_thread_num:
if not connect_control.allow_scan():
time.sleep(10)
continue
try:
time.sleep(1)
ip_int = ip_range.get_ip()
ip_str = ip_utils.ip_num_to_string(ip_int)
if self.is_bad_ip(ip_str):
continue
result = check_ip.test_gws(ip_str)
if not result:
continue
if self.add_ip(ip_str, result.handshake_time, result.domain, result.server_type):
#logging.info("add %s CN:%s type:%s time:%d gws:%d ", ip_str,
# result.domain, result.server_type, result.handshake_time, len(self.gws_ip_list))
logging.info("scan_ip add ip:%s time:%d", ip_str, result.handshake_time)
scan_ip_log.info("Add %s time:%d CN:%s type:%s", ip_str, result.handshake_time, result.domain, result.server_type)
self.remove_slowest_ip()
self.save_ip_list()
except check_ip.HoneypotError as e:
self.report_bad_ip(ip_str)
connect_control.fall_into_honeypot()
continue
except Exception as e:
logging.exception("google_ip.runJob fail:%s", e)
self.ncount_lock.acquire()
self.searching_thread_count -= 1
self.ncount_lock.release()
logging.info("scan_ip_worker exit")
def runJob(self):
while True: #not self.is_ip_enough() and self.searching_thread_count < 2:
if not connect_control.allow_connect():
break
try:
time.sleep(1)
ip_int = ip_range.get_ip()
ip_str = ip_utils.ip_num_to_string(ip_int)
if self.is_bad_ip(ip_str):
continue
result = check_ip.test_gws(ip_str)
if not result:
continue
if self.add_ip(ip_str, result.handshake_time, result.domain,
result.server_type):
#logging.info("add %s CN:%s type:%s time:%d gws:%d ", ip_str,
# result.domain, result.server_type, result.handshake_time, len(self.gws_ip_list))
logging.info("check_ip add ip:%s time:%d", ip_str,
result.handshake_time)
self.remove_slowest_ip()
self.save_ip_list()
except check_ip.HoneypotError as e:
self.report_bad_ip(ip_str)
connect_control.fall_into_honeypot()
break
except Exception as e:
logging.exception("google_ip.runJob fail:%s", e)
self.ncount_lock.acquire()
self.searching_thread_count -= 1
self.ncount_lock.release()
def verify_SSL_certificate_issuer(ssl_sock):
cert = ssl_sock.get_peer_certificate()
if not cert:
#google_ip.report_bad_ip(ssl_sock.ip)
#connect_control.fall_into_honeypot()
raise socket.error(' certificate is none')
issuer_commonname = next((v for k, v in cert.get_issuer().get_components() if k == 'CN'), '')
if not issuer_commonname.startswith('Google'):
google_ip.report_bad_ip(ssl_sock.ip)
connect_control.fall_into_honeypot()
raise socket.error(' certificate is issued by %r, not Google' % ( issuer_commonname))
def scan_ip_worker(self):
while self.searching_thread_count <= self.scan_ip_thread_num and connect_control.keep_running:
if not connect_control.allow_scan():
time.sleep(10)
continue
try:
time.sleep(1)
ip_int = ip_range.get_ip()
ip_str = ip_utils.ip_num_to_string(ip_int)
if self.is_bad_ip(ip_str):
continue
connect_control.start_connect_register()
result = check_ip.test_gws(ip_str)
connect_control.end_connect_register()
if not result:
continue
if self.add_ip(ip_str, result.handshake_time, result.domain,
result.server_type):
#logging.info("add %s CN:%s type:%s time:%d gws:%d ", ip_str,
# result.domain, result.server_type, result.handshake_time, len(self.gws_ip_list))
xlog.info("scan_ip add ip:%s time:%d", ip_str,
result.handshake_time)
scan_ip_log.info("Add %s time:%d CN:%s type:%s", ip_str,
result.handshake_time, result.domain,
result.server_type)
self.remove_slowest_ip()
self.save_ip_list()
except check_ip.HoneypotError as e:
self.report_bad_ip(ip_str)
connect_control.fall_into_honeypot()
continue
except Exception as e:
xlog.exception("google_ip.runJob fail:%s", e)
self.ncount_lock.acquire()
self.searching_thread_count -= 1
self.ncount_lock.release()
xlog.info("scan_ip_worker exit")
def check_exist_ip(self):
self.ip_lock.acquire()
tmp_ip_list = [x for x in self.gws_ip_list]
self.ip_lock.release()
for ip_str in tmp_ip_list:
if not connect_control.allow_connect():
break
if self.is_bad_ip(ip_str):
self.report_connect_fail(ip_str, force_remove=True)
continue
try:
result = check_ip.test_gws(ip_str)
except check_ip.HoneypotError as e:
self.report_bad_ip(ip_str)
connect_control.fall_into_honeypot()
break
except Exception as e:
logging.exception("check_exist_ip fail:%s", e)
if not result:
if not check_ip.network_is_ok():
logging.warn(
"check_exist_ip network is fail, check your network connection."
)
return
logging.info("check_exist_ip fail ip:%s ", ip_str)
self.report_connect_fail(ip_str)
else:
self.update_ip(ip_str, result.handshake_time)
logging.info("check_exist_ip update ip:%s server:%s time:%d",
ip_str, result.server_type, result.handshake_time)
time.sleep(1)
self.save_ip_list()
def check_exist_ip(self):
self.ip_lock.acquire()
tmp_ip_list = [x for x in self.gws_ip_list]
self.ip_lock.release()
for ip_str in tmp_ip_list:
if not connect_control.allow_connect():
break
if self.is_bad_ip(ip_str):
self.report_connect_fail(ip_str, force_remove=True)
continue
try:
result = check_ip.test_gws(ip_str)
except check_ip.HoneypotError as e:
self.report_bad_ip(ip_str)
connect_control.fall_into_honeypot()
break
except Exception as e:
logging.exception("check_exist_ip fail:%s", e)
if not result:
if not self.network_is_ok():
logging.warn("check_exist_ip network is fail, check your network connection.")
return
logging.info("check_exist_ip fail ip:%s ", ip_str)
self.report_connect_fail(ip_str)
else:
self.update_ip(ip_str, result.handshake_time)
logging.info("check_exist_ip update ip:%s server:%s time:%d", ip_str, result.server_type, result.handshake_time)
time.sleep(1)
self.save_ip_list()