def look(iplist): time.sleep(2) # delays for 2 seconds c = Client() # creates an instance of the Client class try: # print 'here before != None' # print iplist # if ips != None: if iplist != None: print 'here after !=None' print iplist time.sleep(2) # r = c.lookupmany_dict('8.8.8.8') r = c.lookupmany_dict( iplist ) # leverages the lookupmany_dict() function to pass in a list of IPs for ip in iplist: # Iterates over the ips in the list to use a key value in the dictionary from lookupman_dict() time.sleep(2) # delays for 2 seconds print " ip here " + ip net = r[ip].prefix owner = r[ip].owner cc = r[ ip].cc # gets the networking information from the dictionary # print net line = '%-20s # - %15s (%s) - %s' % ( net, ip, cc, owner) # formats the line to print cleanly print line except: pass
def look(iplist): c=Client() # creates an instance of the Client class try: r = c.lookupmany_dict(iplist) # leverages the lookupmany_dict() function to pass in a list of IPs for ip in iplist: # Iterates over the ips in the list to use a key value in the returned dictionary from lookupman_dict() net = r[ip].prefix; owner = r[ip].owner; cc = r[ip].cc # gets the networking information from the dictionary line = '%-20s # - %15s (%s) - %s' % (ip,net,cc,owner) # formats the line to print cleanly print line except:pass
def look(iplost): c=Client() # create instance of client class try: if ips != None: r = c.lookupmany_dict(iplist) # uses lookupmany_dict() function to pass in a list of IPs for ip in iplist: net = r[ip].prefix; owner = r[ip].owner; cc = r[ip].cc # gets network info from dict line = '%-20s # - %15s (%s) - %s' % (net,ip,cc,owner) # formats the line to print print line except:pass
def look(ip_list): c = Client() try: r = c.lookupmany_dict(ip_list) for ip in ip_list: pt = r[ip].prefix + " ------> " + r[ip].ip + "\n" + \ r[ip].cc + "\t" + r[ip].owner print pt + "\n" + "-"*60 except Exception as e: print e pass
def look(iplist): c = Client() # creates an instance of the Client class try: if ips != None: r = c.lookupmany_dict(iplist) # leverages the lookupmany_dict() function to pass in a list of IPs for ip in iplist: # Iterates over the ips in the list to use a key value in the dictionary from lookupman_dict() net = r[ip].prefix; owner = r[ip].owner; cc = r[ip].cc # gets the networking information from the dictionary line = '%-20s # - %15s (%s) - %s' % (net, ip, cc, owner) # formats the line to print cleanly print line except:pass
def net_lookup(ips): try: c=Client() ips = list(set(ips)) # uniq IPs r = c.lookupmany_dict(ips) for ip in ips: net = r[ip].prefix; owner = r[ip].owner; cc = r[ip].cc line = '%-20s # - %15s (%s) - %s' % (ip,net,cc,owner) print line except Exception as e: print e
def net_lookup(ips): try: c = Client() ips = list(set(ips)) # uniq IPs r = c.lookupmany_dict(ips) for ip in ips: net = r[ip].prefix owner = r[ip].owner cc = r[ip].cc line = '%-20s # - %15s (%s) - %s' % (ip, net, cc, owner) print line except Exception as e: print e
def net_lookup(ips, results_file): try: c = Client() ips = list(set(ips)) # uniq IPs r = c.lookupmany_dict(ips) cidrs = [] for ip in ips: cidrs.append(r[ip].prefix) cidrs = list(set(cidrs)) # uniq CIDRs cidr_results = ", ".join(cidrs) print "[+] Found Results in CIDRs: " + cidr_results if results_file: results_file.write("[+] Found Results in CIDRs: " + cidr_results + "\n") except Exception as e: print e
def build_ip_db(unique_ips): ''' Builds up a db of ip addresses that were in the server logs. unique_ips: set of ip's that were seen in the server logs Returns: the ip db with 'isp_name', 'latitude and 'longitude' ''' c = Client() ip_db = shelve.open(opj(data_dir, 'ip.db')) # NOTE again, this might get too big and blow everything up unique_ips = [ip for ip in unique_ips if ip not in ip_db] # if we have stuff in ip.db already from a previous run ips_fetching = 'Fetching info for this many IPs: {}'.format(len(unique_ips)) print ips_fetching logging.info(ips_fetching) for subset_of_unique_ips in split_list_into_chunks(unique_ips, 10000): # only do 10,000 ip's at a time for ip_addr, ip_info_dict in c.lookupmany_dict(subset_of_unique_ips).iteritems(): lat, lon = get_lat_and_long(ip_addr) # NOTE maybe take this out so the shelve doesn't ballon too big ip_db[ip_addr] = {'isp_name': ip_info_dict.owner, # 'organization': ??? -- would probably need to pull out from whois, but slow and messy 'latitude': lat, 'longitude': lon} return ip_db
#!/usr/bin/python from cymruwhois import Client import sys #log file location hard coded, change to suit environment logfile = open('/var/log/honeypot/honeyd.log','r') source = [] for line in logfile: source.append(line.split(' ')[3]) src_country = [] src_count = [] c = Client() results = c.lookupmany_dict( set(source) ) for res in results: country = results[res].cc try: pos = src_country.index( country ) src_count[pos] += 1 except: src_country.append( country ) src_count.append( 1 ) for i in range( 0, ( len( src_country ) - 1 ) ): sys.stdout.write( "%s:\t%i\n" %( src_country[i], src_count[i] ) )