def get_whois_info(thing, ti_type):
# ipwhois
# {'asn': '15169', 'asn_date': '1992-12-01', 'asn_registry': 'arin', 'asn_country_code': 'US', 'asn_description': 'GOOGLE
# - Google LLC, US', 'asn_cidr': '8.8.8.0/24'}
# whois
# {'country': US, 'org': 'Google LLC', 'registrar': ''}
res = []
try:
if ti_type == 'ip':
# ip_res = IPASN(Net('8.8.8.8')).lookup()
ip_res = IPASN(Net(thing)).lookup()
res.append(
str(ip_res['asn_country_code']).replace(
',', args.comma_replacer))
res.append(
str(ip_res['asn_description']).replace(',',
args.comma_replacer))
res.append('')
res.append(str(ip_res['asn']).replace(',', args.comma_replacer))
res.append(str(ip_res['asn_date']))
res.append('')
else:
# ip_res = whois.whois('google.com')
ip_res = whois.whois(thing)
res.append(
str(ip_res['country']).replace(',', args.comma_replacer))
res.append(str(ip_res['org']).replace(',', args.comma_replacer))
res.append(
str(ip_res['registrar']).replace(',', args.comma_replacer))
res.append('')
res.append(str(ip_res['creation_date'][0]))
res.append(str(ip_res['updated_date'][0]))
except Exception as e:
pass
return res
def test__WhoisLookup(self):
data_dir = path.abspath(path.join(path.dirname(__file__), '..'))
with io.open(str(data_dir) + '/whois.json', 'r') as data_file:
data = json.load(data_file)
for key, val in data.items():
log.debug('Testing: {0}'.format(key))
net = Net(key)
obj = Whois(net)
try:
self.assertIsInstance(
obj.lookup(
asn_data=val['asn_data'],
get_referral=True,
inc_raw=True,
ignore_referral_errors=True
),
dict
)
except WhoisLookupError:
pass
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
def test_lookup(self):
data_dir = path.dirname(__file__)
with io.open(str(data_dir) + '/asn.json', 'r') as \
data_file:
data = json.load(data_file)
for key, val in data.items():
log.debug('Testing: {0}'.format(key))
net = Net(key)
obj = IPASN(net)
try:
self.assertIsInstance(obj.lookup(), dict)
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
def test_lookup(self):
data_dir = path.abspath(path.join(path.dirname(__file__), '..'))
with io.open(str(data_dir) + '/jpnic.json', 'r') as data_jpnic:
data = json.load(data_jpnic)
with io.open(str(data_dir) + '/krnic.json', 'r') as data_krnic:
data.update(json.load(data_krnic))
for key, val in data.items():
log.debug('Testing: {0}'.format(key))
net = Net(key)
obj = NIRWhois(net)
try:
self.assertIsInstance(
obj.lookup(
nir=val['nir'],
),
dict
)
except HTTPLookupError:
pass
except AssertionError as e:
raise e
except Exception as e:
self.fail('Unexpected exception raised: {0}'.format(e))
def ip_asn_lookup(ip: str) -> Dict:
net = Net(ip)
obj = IPASN(net)
results = obj.lookup()
return results
def ASN(oneIP):
str1 = str(oneIP)
net = Net(str1)
obj = IPASN(net)
print('Im looking up ' + str1)
res = yield obj.lookup()
def get_asn(ip_address):
net = Net(ip_address)
obj = IPASN(net)
asn_details = obj.lookup()
return asn_details
def pull_ipwhois_asn(target):
net = Net(target)
eye = IPASN(net)
asn_results = json.dumps(eye.lookup(inc_raw=True), indent=4)
save_output(str(target), asn_results)
print(f'{asn_results}')
def __get_asn_origin(self, ip):
asn = IPASN(Net(ip)).lookup()
return asn.get('asn')
for line in fh:
is_start = re.match('.*0000000:.*',line)
is_second = re.match('.*0000020:.*',line)
is_third = re.match('.*0000040:.*',line)
if is_start:
str_temp = line.split(':')[1].replace(' ','')[36:]
raw_packet = str_temp.replace('\n','')
#print(raw_packet)
if is_second:
str_temp = line.split(':')[1].replace(' ','')
raw_packet = raw_packet+str_temp.replace('\n','')
#print(raw_packet)
if is_third:
str_temp = line.split(':')[1].replace(' ','')
raw_packet = raw_packet+str_temp.replace('\n','')
decode_packet(raw_packet)
raw_packet = ''
#identify the unique items (converting list to set)
src_ip_set = set(src_ip_list)
print ("Total IPs {}".format(len(src_ip_set)))
#do a whois lookup and print the details.
for ip in src_ip_set:
net= Net(ip)
obj = IPASN(net)
results = obj.lookup()
#pprint(results)
#print(results['asn'])
print(" {}: ASN{} -> {}".format(ip,results['asn'],count_ip(src_ip_list,ip)))
#print("ASN Description {}".format(results['asn_description']))
def test_ip_version(self):
result = Net('74.125.225.229')
self.assertEqual(result.version, 4)
result = Net('2001:4860:4860::8888')
self.assertEqual(result.version, 6)
def server_info(self, shodan_key):
sho_api = shodan.Shodan(shodan_key)
asn_temp = []
time2 = time.time()
ips = self.stash.get_column('whois', 'ip')
for ip in ips:
sql = []
try:
net = Net(ip)
obj = IPASN(net)
info = obj.lookup()
except Exception as e:
info = ''
self.log.error(e)
# shodan magic stuff
# lap time
time1 = time.time()
try:
lap = time1 - time2
if lap < 1:
sleep_time = (1 - lap)
self.log.info(f'Sleeping {sleep_time}s waiting for shodan')
time.sleep(sleep_time)
host = sho_api.host(ip)
except shodan.APIError as e:
self.log.error(e)
host = ''
# lap time
time2 = time.time()
# fill up asn_info
if info:
asn = info["asn"]
self.log.findings(f'ASN {asn} found for IP {ip}')
if host:
# shodan found stuff
sqlq = 'INSERT INTO server_info( ip, asn, organization, coordinate, isp ) VALUES(?, ?, ?, ?, ?)'
sqlv = (ip, asn, host["org"],
f'{host["latitude"]},{host["longitude"]}',
host["isp"])
sql.append([sqlq, sqlv])
for p in host["data"]:
sqlq = 'INSERT INTO services( ip, port, service ) VALUES(?, ?, ?)'
sqlv = (ip, p["port"], p["data"])
sql.append([sqlq, sqlv])
self.log.findings(f'Port {p["port"]} open at {ip}')
else:
self.log.warning('No shodan data')
sql.append([
'INSERT INTO server_info( ip, asn ) VALUES( ?, ? )',
(ip, asn)
])
if asn not in asn_temp:
asn_temp.append(asn)
sqlq = 'INSERT INTO asn_info( asn, country, registry, cidr, description, registration_date) VALUES( ?, ?, ?, ?, ?, ? )'
sqlv = (asn, info["asn_country_code"],
info["asn_registry"], info["asn_cidr"],
info["asn_description"], info["asn_date"])
sql.append([sqlq, sqlv])
for q in sql:
self.stash.sql_execcc(q[0], q[1])
def get_whois(ipaddr):
net = Net(ipaddr)
obj = IPASN(net)
results = obj.lookup()['asn']
return results
script_args = parser.parse_args()
RST_FILES = {
'ASN.rst': {
'OUTPUT_IP_ASN_BASIC': {
'content': ('::\n\n'
' >>>> from ipwhois.net import Net\n'
' >>>> from ipwhois.asn import IPASN\n'
' >>>> from pprint import pprint\n\n'
' >>>> net = Net(\'2001:43f8:7b0::\')\n'
' >>>> obj = IPASN(net)\n'
' >>>> results = obj.lookup()\n'
' >>>> pprint(results)\n\n'
' {0}'),
'queries': {
'0': lambda: IPASN(Net('2001:43f8:7b0::')).lookup(),
}
},
'OUTPUT_ASN_ORIGIN_BASIC': {
'content': ('::\n\n'
' >>>> from ipwhois.net import Net\n'
' >>>> from ipwhois.asn import ASNOrigin\n'
' >>>> from pprint import pprint\n\n'
' >>>> net = Net(\'2001:43f8:7b0::\')\n'
' >>>> obj = ASNOrigin(net)\n'
' >>>> results = obj.lookup(asn=\'AS37578\')\n'
' >>>> pprint(results)\n\n'
' {0}'),
'queries': {
'0':
lambda: ASNOrigin(Net('2001:43f8:7b0::')).lookup(asn='AS37578'
def main():
search = "drexel"
homoglyph_search = homoglyph(search)
insertion_search = insertion(search)
omission_search = omission(search)
transposition_search = transposition(search)
vowel_swap_search = vowel_swap(search)
addition_search = addition(search)
repetition_search = repetition(search)
replacement_search = replacement(search)
bitsquatting_search = bitsquatting(search)
hyphenation_search = hyphenation(search)
subdomain_search = subdomain(search)
search_all = bitsquatting_search+hyphenation_search+subdomain_search+homoglyph_search+insertion_search+omission_search+transposition_search+vowel_swap_search+addition_search+repetition_search+replacement_search
search_all.append(search)
print("Amount of search terms: " + str(len(search_all)))
for i in range(0,7):
dates = (date.today() - timedelta(days=i+1))
dates = dates.strftime('%Y-%m-%d')
print(dates)
donwnload_nrd(dates)
DOMAINS = []
ITEMS = []
NAMES = []
f = open(dates + '.txt','r')
for row in f:
NAMES.append(row.strip('\r\n'))
A = ahocorasick.Automaton()
for idx, key in enumerate(search_all):
A.add_word(key, (idx, key))
A.make_automaton()
for item in A.iter("".join(NAMES)):
ITEMS.append(item)
for name in NAMES:
for item in ITEMS:
ite = re.findall("'([^']*)'", str(item))
for it in ite:
if it in name:
DOMAINS.append(name.strip('\r\n'))
for domain in DOMAINS:
print("Domain Name Found: " + domain)
try:
w_res = whois.whois(domain)
name = w_res.name
created = w_res.creation_date
email = w_res.emails
registar = w_res.registrar
expiry = w_res.expiration_date
ip = socket.gethostbyname(domain)
net = Net(ip)
obj = IPASN(net)
y = obj.lookup()
if 'asn_registry' in y:
asnRegistry=y.get('asn_registry')
if 'asn' in y:
asnNum=y.get('asn')
if 'asn_cidr' in y:
asnCIDR=y.get('asn_cidr')
if 'asn_country_code' in y:
asnCountry=y.get('asn_country_code')
if 'asn_description' in y:
asnDesc=y.get('asn_description')
notes = ' '
with open(r'C:\\Users\\domains.csv', 'a', newline='') as csvfile:
fieldnames = ['Domain', 'IP', 'Created Date', 'Expiry Date', 'WHOIS Name', 'WHOIS Email', 'WHOIS Register', 'ASN Registry', 'ASN #', 'ASN CIDR', 'ASN Country', 'ASN Description', 'Notes']
writer = csv.DictWriter(csvfile, fieldnames=fieldnames)
writer.writerow({'Domain':domain, 'IP':ip, 'Created Date':created, 'Expiry Date':expiry, 'WHOIS Name':name, 'WHOIS Email':email, 'WHOIS Register':registar, 'ASN Registry':asnRegistry, 'ASN #':asnNum, 'ASN CIDR':asnCIDR, 'ASN Country':asnCountry, 'ASN Description':asnDesc, 'Notes':notes})
except:
pass
def ipAnalyzer():
csvData = [[
'Ip', 'Country_code', 'Country', 'City', 'Time_zone', 'Longitude',
'Latitude', 'asn', 'asn_description'
]]
# with open('FinalResults.csv', 'w') as csvFile:
# writer = csv.writer(csvFile)
# writer.writerows(csvData)
# csvFile.close()
with open(
r'C:\Users\nmega\PycharmProjects\untitled\realTimeResults\FirstResults.csv'
) as csvfile:
ff = reader = csv.DictReader(csvfile)
for row in ff:
try:
ip = row['IpClinet']
net = Net(ip)
obj = IPASN(net)
results = obj.lookup()
reader = geolite2.reader()
temp = reader.get(ip)
#print(temp)
country = temp.get('registered_country').get('names').get('en')
country_iso_code = temp.get('registered_country').get(
'iso_code')
city = temp.get('city').get('names').get('en')
time_zone = temp.get('location').get('time_zone')
lon = temp.get('location').get('longitude')
lat = temp.get('location').get('latitude')
asn = results.get('asn')
asn_description = results.get('asn_description')
appendix = [
ip, country_iso_code, country, city, time_zone, lon, lat,
asn, asn_description
]
#print(appendix)
#print(ip," ",country_iso_code," ",country," ",city," ",time_zone," ",lon," ",lat)
csvData.append(appendix)
except Exception as e:
try:
country = temp.get('country').get('names').get('en')
country_iso_code = temp.get('country').get('iso_code')
city = 'No Data'
time_zone = 'No Data'
lon = temp.get('location').get('longitude')
lat = temp.get('location').get('latitude')
appendix = [
ip, country_iso_code, country, city, time_zone, lon,
lat, asn, asn_description
]
csvData.append(appendix)
except:
continue
continue
#print(appendix[0])
with open(
r'C:\Users\nmega\PycharmProjects\untitled\realTimeResults\FinalResults.csv',
'w',
newline='',
encoding='utf-8') as csvFile:
try:
writer = csv.writer(csvFile)
writer.writerows(csvData)
except:
print("error in", csvData)
csvFile.close()
def __get_asn_nets(self, ip):
asn_origin = self.__get_asn_origin(ip)
origin = ASNOrigin(Net(ip))
lookup = origin.lookup(asn='AS{}'.format(asn_origin),
asn_methods=['whois'])
return lookup.get('nets')
def enterSingleIp(net):
net = Net(net)
obj = IPASN(net)
res = obj.lookup()
return res
def test__get_nets_radb(self):
net = Net('74.125.225.229')
obj = ASNOrigin(net)
# No exception raised, but should provide code coverage for multiple
# network scenarios and CIDR invalid IP ValueError.
multi_net_response = ('\n\nroute: 66.249.64.0/20'
'\ndescr: Google'
'\norigin: AS15169'
'\nnotify: [email protected]'
'\nmnt-by: MAINT-AS15169'
'\nchanged: [email protected] 20110301'
'\nsource: RADB'
'\n\nroute: 66.249.80.0/20'
'\ndescr: Google'
'\norigin: AS15169'
'\nnotify: [email protected]'
'\nmnt-by: MAINT-AS15169'
'\nchanged: [email protected] 20110301'
'\nsource: RADB'
'\n\n')
obj.get_nets_radb(multi_net_response)
self.assertEqual(obj.get_nets_radb(multi_net_response, is_http=True),
[{
'cidr': '66.249.64.0/20',
'description': None,
'maintainer': None,
'updated': None,
'source': None,
'start': 2,
'end': 29
}, {
'cidr': '66.249.80.0/20',
'description': None,
'maintainer': None,
'updated': None,
'source': None,
'start': 175,
'end': 202
}])
net = Net('2001:43f8:7b0::')
obj = ASNOrigin(net)
multi_net_response = (
'\n\nroute6: 2001:43f8:7b0::/48'
'\ndescr: KIXP Nairobi Management Network'
'\norigin: AS37578'
'\norg: ORG-TA38-AFRINIC'
'\nmnt-by: TESPOK-MNT'
'\nchanged: ***@isoc.org 20160721'
'\nsource: AFRINIC'
'\n\n')
self.assertEquals(obj.get_nets_radb(multi_net_response),
[{
'updated': None,
'maintainer': None,
'description': None,
'start': 2,
'source': None,
'end': 36,
'cidr': '2001:43f8:7b0::/48'
}])
def asn(ip):
ip = Net(ip)
obj = IPASN(ip)
res = obj.lookup()
return res
def __get_asn_cidr(self, ip):
asn = IPASN(Net(ip)).lookup()
return asn.get('asn_cidr')
def test_timeout(self):
result = Net('74.125.225.229')
self.assertIsInstance(result.timeout, int)
async def _iplocalise(self, ctx, ipaddress, iptype=""):
realipaddress = ipaddress
"""Getting headers."""
if ipaddress.startswith("http://"):
if ipaddress[-1:] == '/':
ipaddress = ipaddress[:-1]
ipaddress = ipaddress.split("http://")[1]
if ipaddress.startswith("https://"):
if ipaddress[-1:] == '/':
ipaddress = ipaddress[:-1]
ipaddress = ipaddress.split("https://")[1]
if (iptype in ["ipv6", "v6", "-6"]):
try:
ipaddress = socket.getaddrinfo(ipaddress, None,
socket.AF_INET6)[1][4][0]
except:
await ctx.send(
"Erreur, cette adresse n'est pas disponible en IPv6.")
return
elif (iptype in ["ipv4", "v4", "-4"]):
try:
ipaddress = socket.getaddrinfo(ipaddress, None,
socket.AF_INET)[1][4][0]
except:
await ctx.send(
"Erreur, cette adresse n'est pas disponible en IPv4.")
return
else:
try:
ipaddress = socket.getaddrinfo(ipaddress, None)[1][4][0]
except:
await ctx.send("Erreur, cette adresse n'est pas disponible.")
return
iploading = await ctx.send("_Récupération des informations..._")
lib_result = True
try:
net = Net(ipaddress)
obj = IPASN(net)
ipinfo = obj.lookup()
except ipwhois.exceptions.IPDefinedError:
await ctx.send(
"Cette IP est reservée à un usage local selon la RFC 1918. Impossible d'avoir des informations supplémentaires à son propos."
)
await iploading.delete()
return
except ipwhois.exceptions.ASNRegistryError:
lib_result = False
try:
iphostname = socket.gethostbyaddr(ipaddress)[0]
except:
iphostname = "N/A"
# IPINFO api
api_result = True
try:
with open('ipinfoio.key') as k:
access_token = k.read().replace("\n", "")
handler = ipinfoio.getHandler(access_token)
details = handler.getDetails(ipaddress)
except Exception:
print("Can't open ipinfoio.key")
api_result = False
try:
embed = discord.Embed(
title=f"Informations pour ``{realipaddress} ({ipaddress})``",
color=0x5858d7)
if (api_result):
asn = details.org.split(" ")[0]
embed.add_field(
name="Appartient à :",
value=f"[{details.org}](https://bgp.he.net/{asn})")
elif (lib_result):
embed.add_field(
name="Appartient à :",
value=
f"{ipinfo['asn_description']} ([AS{ipinfo['asn']}](https://bgp.he.net/{ipinfo['asn']}))",
inline=False)
if (lib_result):
embed.add_field(name="RIR :",
value=f"{ipinfo['asn_registry']}",
inline=True)
if (api_result):
embed.add_field(
name="Région :",
value=
f"{details.city} - {details.region} ({details.country})")
elif (lib_result):
embed.add_field(name="Région :",
value=f"{ipinfo['asn_country_code']}")
embed.add_field(name="Nom de l'hôte :", value=f"{iphostname}")
# Adding country flag
if (api_result):
embed.set_thumbnail(
url=
f"https://www.countryflags.io/{details.country}/shiny/64.png"
)
elif (lib_result):
embed.set_thumbnail(
url=
f"https://www.countryflags.io/{ipinfo['asn_country_code']}/shiny/64.png"
)
await ctx.send(embed=embed)
except:
await ctx.send(
content=
f"Erreur, impossible d'avoir des informations sur l'adresse IP ``{realipaddress}``"
)
await iploading.delete()
RST_FILES = {
'ASN.rst': {
'OUTPUT_IP_ASN_BASIC': {
'content': (
'::\n\n'
' >>>> from ipwhois.net import Net\n'
' >>>> from ipwhois.asn import IPASN\n'
' >>>> from pprint import pprint\n\n'
' >>>> net = Net(\'2001:43f8:7b0::\')\n'
' >>>> obj = IPASN(net)\n'
' >>>> results = obj.lookup()\n'
' >>>> pprint(results)\n\n'
' {0}'
),
'queries': {
'0': lambda: IPASN(Net('2001:43f8:7b0::')).lookup(),
}
},
'OUTPUT_ASN_ORIGIN_BASIC': {
'content': (
'::\n\n'
' >>>> from ipwhois.net import Net\n'
' >>>> from ipwhois.asn import ASNOrigin\n'
' >>>> from pprint import pprint\n\n'
' >>>> net = Net(\'2001:43f8:7b0::\')\n'
' >>>> obj = ASNOrigin(net)\n'
' >>>> results = obj.lookup(asn=\'AS37578\')\n'
' >>>> pprint(results)\n\n'
' {0}'
),
'queries': {
def __ip2cidr_lookup(self, ip):
try:
net = Net(ip)
return IPASN(net).lookup()
except:
LOG.warning(f"ip2cidr exception {sys.exc_info()[0]}")
