def scan():
foundone = False
while foundone == False:
if len(sys.argv) > 1:
ip = sys.argv[1]
foundone = True
else:
validated = False
while validated == False:
ip = str(random.randint(0, 255)) + "." + str(
random.randint(0, 255)) + "." + str(random.randint(
0, 255)) + "." + str(random.randint(0, 255))
address = ip.split(".")
block = address[0] + "." + address[1] + "." + address[
2] + ".0/24"
try:
ipwhois.IPWhois(ip)
validated = True
except Exception:
pass
print("Using ip range: " + block)
nm = nmap.PortScanner()
nm.scan(block, arguments='-F')
nm.command_line()
nm.scaninfo()
nm.all_hosts()
results = nm.csv().splitlines()
hostgrouped = []
for a in range(0, len(results)):
resultsplit = results[a].split(';')
if resultsplit[0] != 'host':
if resultsplit[0] not in hostgrouped:
hostgrouped.append(resultsplit[0])
hostgrouped.append([])
hostgrouped.append([])
hostgrouped[hostgrouped.index(resultsplit[0]) + 1].append(
results[a])
for a in range(0, len(hostgrouped), 3):
ipw = ipwhois.IPWhois(hostgrouped[a])
result = ipw.lookup_rdap()
hostgrouped[a + 2].append(result)
if len(hostgrouped) > 0:
print("")
for a in range(0, len(hostgrouped), 3):
print(str(hostgrouped[a]))
print("\n".join(hostgrouped[a + 1]))
print(str(hostgrouped[a + 2]))
print("----------")
print(block + " done.")
a = input("Find more [Y/n]? ") or "y"
if ("n" in a or "N" in a):
foundone = True
else:
print(block + " no active hosts found.\n")
def start():
site = (str(sys.argv[1]))
result = dns.resolver.query(site, 'A')
a = (ipwhois.IPWhois(
result[0].to_text()).lookup_whois()["nets"][0]["description"])
if "Cloudflare" in a:
b = open("result.txt", "w")
b.write("")
b.close()
subdom = [
'ftp', 'cpanel', 'webmail', 'localhost', 'local', 'mysql', 'forum',
'driect-connect', 'blog', 'vb', 'forums', 'home', 'direct',
'forums', 'mail', 'access', 'admin', 'administrator', 'email',
'downloads', 'ssh', 'owa', 'bbs', 'webmin', 'paralel', 'parallels',
'www0', 'www', 'www1', 'www2', 'www3', 'www4', 'www5', 'shop',
'api', 'blogs', 'test', 'mx1', 'cdn', 'mysql', 'mail1', 'secure',
'server', 'ns1', 'ns2', 'smtp', 'vpn', 'm', 'mail2', 'postal',
'support', 'web', 'dev'
]
if site == "":
try:
sys.exit()
except:
return
for sub in subdom:
try:
hosts = str(sub) + "." + str(site)
bypass = socket.gethostbyname(str(hosts))
result = dns.resolver.query(hosts, 'A')
check = (ipwhois.IPWhois(result[0].to_text()).lookup_whois()
["nets"][0]["description"])
check_num = 0
if "Cloudflare" in check:
check_num += 1
if check_num == 2:
b = open("result.txt", "w")
b.write("We could not bypass CloudFlare for you")
b.close()
break
else:
a = " CloudFlare Bypass " + bypass + ' | ' + hosts + "\n"
b = open("result.txt", "a")
b.write(a)
b.close()
except Exception:
pass
else:
b = open("result.txt", "w")
b.write("This site does not support CloudFlare")
b.close()
def getwhoisdict(IPAddr):
'''
getting whois Dict
'''
obj = ipwhois.IPWhois(IPAddr)
res = obj.lookup_rdap(asn_methods=["whois"])
return res
def netblock(addresses):
"""
Find the netblocks that our IP addresses belong to.
Before doing a whois lookup for the netblock see if the IP address is
already in our current netblocks.
"""
for ip in set([a[1] for a in addresses]):
found = False
for block in records['netblocks']:
if ip in block[0]:
found = True
break
if found is False:
resp = None
try:
resp = ipwhois.IPWhois(ip).lookup()
except ipwhois.exceptions.IPDefinedError:
continue
for net in resp['nets']:
name = net['name']
for c in net['cidr'].split(', '):
records['netblocks'].append((netaddr.IPNetwork(c), name))
def getageOfDomain(self):
"""Get age of domain. If it is less than 10 years old, it returns 0"""
# This one is working...
retVal = 0
try:
parsed_uri = urlparse(self.url)
domainURL = '{uri.netloc}'.format(uri=parsed_uri)
ip = socket.gethostbyname(domainURL)
ipwhodis = ipwhois.IPWhois(ip)
results = ipwhodis.lookup_whois()
for item in results['nets']:
createdDate = item['created']
createdDate = item['created']
match = re.search(r'\d{4}-\d{2}-\d{2}', createdDate)
createDate = datetime.strptime(match.group(), '%Y-%m-%d').date()
#createDate = datetime.strftime(date, '%Y-%m-%d')
currentDate = datetime.now().date()
dateDiff = currentDate - createDate
dateDiffInYears = (dateDiff.days +
dateDiff.seconds / 86400) / 365.2425
# print("diff in years: ",dateDiffInYears)
if dateDiffInYears >= 10:
retVal = 1
else:
retVal = -1
except:
printFormat("exc", "getageOfDomain", "Unknown Error")
self.phishScore['getageOfDomain'] = retVal
return retVal
def domainRegistrationLength(self):
# This one is now working. Completely removed initiate whoisdoc method. normal pywhois did not work;
# utilized IPWHOIS for next effort.
retVal = 0
try:
parsed_uri = urlparse(self.url)
domainURL = '{uri.netloc}'.format(uri=parsed_uri)
ip = socket.gethostbyname(domainURL)
ipwhodis = ipwhois.IPWhois(ip)
results = ipwhodis.lookup_whois()
for item in results['nets']:
createdDate = item['updated']
match = re.search(r'\d{4}-\d{2}-\d{2}', createdDate)
createDate = datetime.strptime(match.group(), '%Y-%m-%d').date()
#createDate = datetime.strftime(date, '%Y-%m-%d')
currentDate = datetime.now().date()
dateDiff = currentDate - createDate
dateDiffInYears = (dateDiff.days +
dateDiff.seconds / 86400) / 365.2425
if dateDiffInYears <= 0.5:
retVal = 1
else:
retVal = -1
except:
printFormat(
"exc", "domainRegistrationLength",
"Error occured with domainRegistrationLength:{}".format(
self.url))
self.phishScore['domainRegistrationLength'] = retVal
return retVal
def run(self):
ip_list = []
for d in self.subdomains.keys():
if not self.subdomains[d]["ip"]:
try:
self.subdomains[d]["ip"] = socket.gethostbyname(subdomain)
except Exception as e:
self.subdomains[d]["ip"] == "0.0.0.0"
continue
if self.subdomains[d]["ip"] not in ip_list and self.subdomains[d][
"ip"] != "0.0.0.0":
# If the IP address is shown as 0.0.0.0 then it could not be resolved.
ip_list.append(self.subdomains[d]["ip"])
#Now go over the list and resolve all the IPs
for i in ip_list:
try:
ip = ipwhois.IPWhois(i).lookup_whois()
for d in self.subdomains.keys():
if self.subdomains[d]["ip"] == d:
self.subdomains[d]["network"] = {
"description": ip["asn_description"],
"cidr": ip["asn_cidr"],
"country": ip["asn_country_code"]
}
except ipwhois.exceptions.IPDefinedError:
''' Private IP? '''
self.subdomains[d]["private"] = True
except:
continue
return self.subdomains
def lookup(ip):
try:
socket.gethostbyaddr(ip)
except socket.herror:
return None
obj = ipwhois.IPWhois(ip)
return obj.lookup_whois()
def iplookup(ipaddr):
try:
info = ipwhois.IPWhois(ipaddr).lookup_whois()
except Exception as e:
return {
'country': 'Unknown',
'isp': 'Unknown',
'asn_cidr': 'Private-Use Networks',
'asn_description': 'Private-Use Networks'
}
# city = info['nets'][0]['city']?info['nets'][0]['city']:""
city = (info['nets'][0]['city'] if (info['nets'][0]['city']) else "")
country = countries.get(alpha_2=info['nets'][0]['country'])
if city:
countryname = country.name + '/' + city
else:
countryname = country.name
if info['nets'][0]['description']:
temp = info['nets'][0]['description'].splitlines()
ipinfo = {
'country': countryname,
'isp': temp[0],
'asn_cidr': info['asn_cidr'],
'asn_description': info['asn_description']
}
else:
ipinfo = {
'country': countryname,
'isp': 'Not Found',
'asn_cidr': info['asn_cidr'],
'asn_description': info['asn_description']
}
return ipinfo
def getasn(self,asset):
#gets ASN data using ipwhois module and RDAP lookup
try:
whois = ipwhois.IPWhois(asset['ip'])
asdata = whois.lookup_rdap(depth=1, retry_count=3, rate_limit_timeout=1, asn_methods=['dns', 'whois', 'http'])
asn = asdata['asn']
asndesc = asdata['asn_description']
try:
name = asdata['network']['name']
cidr = asdata['network']['cidr']
except:
try:
name = asdata['nets'][len(asdata['nets']-1)]['name']
cidr = asdata['nets'][len(asdata['nets']-1)]['cidr']
except:
name = 'Not Found'
cidr = asdata['adn_cidr']
pass
pass
self.datadict[asset['subdomain']+asset['ip']].update({'asn':asn, 'asn_description':asndesc, 'asn_netblock':cidr, 'asn_netname':name})
except KeyboardInterrupt:
raise
except Exception as e:
#print('\nError in getasn:')
#print(e)
#sys.exit(2)
pass
def process(self):
# early out if the osint depth is reached
if (int(self.getVectorDepth()) <= int(self.config['max_osint_depth'])):
# load any targets we are interested in
self.getTargets()
# loop over each target
for t in self.targets:
# verify we have not tested this host before
if not self.seentarget(t):
# add the to the already seen list
self.addseentarget(t)
# make outfile
temp_file = self.config[
"proofsDir"] + self.shortName + "_" + t + "_" + Utils.getRandStr(
10)
obj = ipwhois.IPWhois(t)
result = obj.lookup_rdap()
cidr = result['network']['cidr']
if cidr:
net = IPNetwork(cidr)
added = False
for ip in list(net):
if not str(ip) in self.targets:
kb.add("osint/host/" + str(ip))
added = True
if added:
self.fire("newHost")
Utils.writeFile(str(result), temp_file)
return
def lookup_ips():
input_file = Path.cwd() / 'resources' / 'results.txt'
with open(input_file, 'r') as f:
ips = f.read().split('\n')
entities = dict()
for i, ip in enumerate(ips[0:100]):
try:
ip_info = ipwhois.IPWhois(ip).lookup_rdap()
if 'asn_description' in ip_info:
entities[ip_info.get('asn_description')] = ip_info
else:
entities[ip] = ip_info
except Exception as e:
logger.error(f'Unable to lookup IP {ip} because of error: {e}')
logger.info(f'finished ip {i}/6000')
output_file = Path.cwd() / 'resources' / 'output.json'
with open(output_file, 'w') as f:
json.dump(entities, f)
def main(args):
ip_pattern = re.compile(r"\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b")
trace, flag = get_trace(args.address)
if flag:
print('The destination node was reached')
else:
print('Failed to reach the destination node')
data = []
for s in trace:
ip = re.findall(ip_pattern, s)
if len(ip) != 0:
data.append(ip[0])
ip_list = data[1:]
result = []
for ip in ip_list:
try:
info = ipwhois.IPWhois(ip).lookup_whois()
net = info['nets'][0]
provider = net['description'].replace(
'\n', ' ') if net['description'] is not None else '*'
tmp = ASInfo(ip, info['asn'], net['country'], provider)
result.append(tmp)
except ipwhois.IPDefinedError:
result.append(ASInfo(ip, '*', '*', '*'))
write_all(result)
def get_ip_dict(self, ip, method='whois'):
''' Get the ip lookup dictionary '''
if not ipwhois:
raise ImportError(
'Cannot look up ips. You do not have the ipwhois package installed!'
)
assert method in ['whois',
'rdap'], 'Method must either be rdap or whois'
ipwho = ipwhois.IPWhois(ip)
self.ipmethod = method
ipdict = None
if method == 'whois':
try:
ipdict = ipwho.lookup_whois()
except Exception as e:
print('Could not lookup ip {0}: {1}'.format(ip, e))
elif method == 'rdap':
try:
ipdict = ipwho.lookup_rdap()
except Exception as e:
print('Could not lookup ip {0}: {1}'.format(ip, e))
return ipdict
def get_ip_whois(ip_addr):
try:
obj = ipwhois.IPWhois(ip_addr)
result = obj.lookup_rdap(depth=1)
except ipwhois.exceptions.IPDefinedError:
result = None
return result
def whois_lookup(ip_address):
nets = []
err = None
try:
whois = ipwhois.IPWhois(ip_address).lookup_whois(retry_count=0)
countries = ipwhois.utils.get_countries()
nets = whois['nets']
for net in nets:
net['country'] = countries.get(net['country'])
if net['postal_code']:
net['postal_code'] = net['postal_code'].replace('-', ' ')
except ValueError as e:
err = 'Invalid IP address provided: %s.' % ip_address
except ipwhois.exceptions.IPDefinedError as e:
err = '%s' % e
except ipwhois.exceptions.ASNRegistryError as e:
err = '%s' % e
except Exception as e:
err = 'Error: %s' % e
host = ''
try:
host = ipwhois.Net(ip_address).get_host(retry_count=0)[0]
except Exception as e:
host = 'Not available'
whois_info = {"host": host, "nets": nets}
if err:
whois_info['error'] = err
return whois_info
def get_whois_data(self):
try:
import ipwhois
except ImportError:
print 'The ipwhois library is not install. pip install ipwhois'
return False
# is the ip in the cache
try:
self.desc = whois_cache[self.dst_ip]
except KeyError:
# Is not, so just ask for it
try:
obj = ipwhois.IPWhois(self.dst_ip)
data = obj.lookup()
try:
self.desc = data['nets'][0]['description'].strip().replace('\n',' ') + ',' + data['nets'][0]['country']
except AttributeError:
# There is no description field
self.desc = ""
except ipwhois.IPDefinedError as e:
if 'Multicast' in e:
self.desc = 'Multicast'
self.desc = 'Private Use'
except ipwhois.ipwhois.WhoisLookupError:
print 'Error looking the whois of {}'.format(self.dst_ip)
# continue with the work
except ValueError:
# Not a real IP, maybe a MAC
pass
except IndexError:
# Some problem with the whois info. Continue
pass
# Store in the cache
whois_cache[self.dst_ip] = self.desc
def get_whois(address: str):
whois_error = None
result = None
try:
obj = ipwhois.IPWhois(address)
rdap_answer = obj.lookup_rdap(depth=1)
except Exception as ex:
# should be ipwhois.exceptions.BaseIpwhoisException
# but ipwhois can raise AttributeError: 'NoneType' object has no attribute 'strip'
whois_error = exception_to_str(ex)
else:
result = {
'asn':
rdap_answer.get('asn', ''),
'asn_cidr':
rdap_answer.get('asn_cidr', ''),
'asn_description':
rdap_answer.get('asn_description', ''),
'asn_country_code':
safe_upper(rdap_answer.get('asn_country_code')),
'network_name':
rdap_answer.get('network', {}).get('name', ''),
'network_country':
safe_upper(rdap_answer.get('network', {}).get('country', '')),
}
asn_privacy = ASN_PRIVACY.get(result['asn'], AsnPrivacy.UNKNOWN)
if asn_privacy is not None:
result['asn_privacy'] = asn_privacy.value
return result, whois_error
def RECO3(ip):
print(R + '---------------------------------------------------')
Log.info('Whois Lookup : ' + W)
print(R + '---------------------------------------------------')
try:
Lookup = ipwhois.IPWhois(ip)
results = Lookup.lookup_whois()
Log.info1('NIR : ' + W + str(results['nir']))
Log.info1('ASN Registry : ' + W + str(results['asn_registry']))
Log.info1('ASN : ' + W + str(results['asn']))
Log.info1('ASN CIDR : ' + W + str(results['asn_cidr']))
Log.info1('ASN Country Code : ' + W +
str(str(results['asn_country_code'])))
Log.info1('ASN Date : ' + W + str(results['asn_date']))
Log.info1('ASN Description : ' + W + str(results['asn_description']))
for k, v in results['nets'][0].items():
Log.info1('{} : '.format(str(k)) + W + str(v))
except Exception as e:
Log.info3(' Error : ' + C + str(e) + W)
pass
#keyboardinterrrupt handler
except KeyboardInterrupt:
Log.info3(keybordexcpt)
sys.exit(1)
except Exception as inst:
Log.info1('Exception in RECO3() function')
sys.exit(1)
def get_whois_data(self):
try:
import ipwhois
except ImportError:
print 'The ipwhois library is not install. pip install ipwhois'
return False
# is the ip in the cache
try:
self.desc = whois_cache[self.dst_ip]
except KeyError:
# Is not, so just ask for it
try:
obj = ipwhois.IPWhois(self.dst_ip)
data = obj.lookup()
self.desc = data['nets'][0]['description'].strip().replace(
'\n', ' ') + ',' + data['nets'][0]['country']
except ipwhois.IPDefinedError as e:
if 'Multicast' in e:
self.desc = 'Multicast'
self.desc = 'Private Use'
except ValueError:
# Not a real IP, maybe a MAC
pass
# Store in the cache
whois_cache[self.dst_ip] = self.desc
def whois_lookup(ip, output, data):
collect = {}
print ('\n' + Y + '[!]' + Y + ' Whois Pencarian : ' + W + '\n')
try:
lookup = ipwhois.IPWhois(ip)
results = lookup.lookup_whois()
for k,v in results.items():
if v != None:
if isinstance(v, list):
for item in v:
for k, v in item.items():
if v != None:
print (G + '[+]' + C + ' {} : '.format(str(k)) + W + str(v).replace(',', ' ').replace('\r', ' ').replace('\n', ' '))
if output != 'None':
collect.update({str(k):str(v).replace(',', ' ').replace('\r', ' ').replace('\n', ' ')})
else:
pass
else:
print (G + '[+]' + C + ' {} : '.format(str(k)) + W + str(v).replace(',', ' ').replace('\r', ' ').replace('\n', ' '))
if output != 'None':
collect.update({str(k):str(v).replace(',', ' ').replace('\r', ' ').replace('\n', ' ')})
else:
pass
except Exception as e:
print (R + '[-] Kesalahan : ' + C + str(e) + W)
if output != 'None':
collect.update({'Kesalahan':str(e)})
pass
if output != 'None':
whois_output(output, data, collect)
def whois_info_fetch(self):
whois_data = {}
try:
whois_info = ipwhois.IPWhois(self.ip).lookup_rdap()
whois_data["IpWhoIsResult"] = whois_info
except:
whois_data["IpWhoIsResult"] = ""
try:
whois_dict = {}
whois_info = restApi.httpRequest("https://www.whois.com/whois/" +
self.domain).get_request()
html_strip = re.search(
'Raw.+?Whois.+?Data.+?Domain((.|\n)*)For.+?more.+?information',
whois_info)
html_strip = str(html_strip.group(1)).replace("\n", ",")
html_strip = html_strip.split(",")
for item in html_strip:
if ":" in item:
items = item.split(":")
whois_dict[items[0]] = items[1]
whois_data["WhoIsComResult"] = whois_dict
except:
whois_data["WhoIsComResult"] = ""
return whois_data
def get_asn(ip):
try:
asn = ipwhois.IPWhois(ip).lookup_rdap()['asn']
except ipwhois.IPDefinedError:
asn = '-'
return asn
def get_whois_info(ip_address):
''' Returns WHOIS info about given ip_address as a string '''
try:
ip_info = ipwhois.IPWhois(ip_address).lookup()
except ipwhois.ipwhois.WhoisLookupError:
ip_info = ipwhois.IPWhois(ip_address).lookup_rws()
country_list = ipwhois.utils.get_countries()
country_code = ip_info['asn_country_code']
try:
country_name = country_list[country_code]
except KeyError:
country_name = 'UNKNOWN(' + country_code + ')'
whois_string =\
'IP address: ' + ip_address + '\n' +\
'ASN (Autonomous System number): ' + get_string(ip_info, 'asn') +\
'\n' +\
'ASN CIDR: ' + get_string(ip_info, 'asn_cidr') + '\n' +\
'ASN Country: ' + country_name + '\n' +\
'ASN Registry: ' + get_string(ip_info, 'asn_registry') + '\n'
for net in ip_info['nets']:
country_code = get_string(net, 'country')
try:
country_name = country_list[country_code]
except KeyError:
country_name = 'UNKNOWN(' + country_code + ')'
whois_string += '==== ' + get_string(net, 'name') + ' ====' + '\n' +\
get_string(net, 'description') + ':\n' +\
' CIDR: ' + get_string(net, 'cidr') + '\n' +\
' Created: ' + get_string(net, 'created') + '\n' +\
' Updated: ' + get_string(net, 'updated') + '\n' +\
' ==== Geographic Data ====' + '\n' +\
' Country: ' + country_name + '\n' +\
' State: ' + get_string(net, 'state') + '\n' +\
' City: ' + get_string(net, 'city') + '\n' +\
' Address: ' + get_string(net, 'address') + '\n' +\
' Postal Code: ' + get_string(net, 'postal_code') + '\n' +\
' ==== Emails ====' + '\n' +\
' Abuse Email: ' + get_string(net, 'abuse_emails') + '\n' +\
' Tech Email: ' + get_string(net, 'tech_emails') + '\n' +\
' Misc Email: ' + get_string(net, 'misc_emails') + '\n'
return whois_string
def handleEvent(self, event):
eventName = event.eventType
srcModuleName = event.module
eventData = event.data
if eventData in self.results:
return None
else:
self.results[eventData] = True
self.sf.debug(f"Received event, {eventName}, from {srcModuleName}")
try:
data = None
if eventName != "NETBLOCK_OWNER":
whoisdata = whois.whois(eventData)
if whoisdata:
data = whoisdata.text
else:
qry = eventData.split("/")[0]
ip = IPAddress(qry) + 1
self.sf.debug("Querying for IP ownership of " + str(ip))
r = ipwhois.IPWhois(ip)
whoisdata = r.lookup_rdap(depth=1)
if whoisdata:
data = str(whoisdata)
if not data:
self.sf.error("Unable to perform WHOIS on " + eventData, False)
return None
except BaseException as e:
self.sf.error("Unable to perform WHOIS on " + eventData + ": " + str(e), False)
return None
# This is likely to be an error about being throttled rather than real data
if len(data) < 250:
self.sf.error("Throttling from Whois is probably happening.", False)
return None
if eventName.startswith("DOMAIN_NAME"):
typ = "DOMAIN_WHOIS"
if eventName.startswith("NETBLOCK"):
typ = "NETBLOCK_WHOIS"
if eventName.startswith("AFFILIATE_DOMAIN_NAME"):
typ = "AFFILIATE_DOMAIN_WHOIS"
if eventName.startswith("CO_HOSTED_SITE_DOMAIN"):
typ = "CO_HOSTED_SITE_DOMAIN_WHOIS"
if eventName == "SIMILARDOMAIN":
typ = "SIMILARDOMAIN_WHOIS"
rawevt = SpiderFootEvent(typ, data, self.__name__, event)
self.notifyListeners(rawevt)
if 'registrar' in whoisdata:
if eventName.startswith("DOMAIN_NAME") and whoisdata['registrar'] is not None:
evt = SpiderFootEvent("DOMAIN_REGISTRAR", whoisdata['registrar'],
self.__name__, event)
self.notifyListeners(evt)
def get_ip_whois(ip):
owner_name = ''
try:
o = ipwhois.IPWhois(ip)
data = o.lookup_whois()
owner_name = data['asn_description']
except ipwhois.ASNRegistryError:
pass
return owner_name
def whois_info_fetch(self, ip, ips):
for i in ips:
if "whois" not in self.communication_details[ip]["ip_details"][i]:
self.communication_details[ip]["ip_details"][i]["whois"] = ""
try:
whois_info = ipwhois.IPWhois(ip).lookup_rdap()
except:
whois_info = "NoWhoIsInfo"
self.communication_details[ip]["ip_details"][i]["whois"] = whois_info
def ip_whois(self, ip):
"""
Peform WHOIS lookup of the IP.
Args:
ip (str): IP address on which to perform operation
Raises:
None
Returns:
ip_dict (dict): Dictionary of the details collected
"""
self.logger.log("Performing IP WHOIS lookup on IP: " + str(ip),
logtype="info")
# Initialize a temporary dict to store data
temp_ip_whois_dict = dict()
ipwho = ipwhois.IPWhois(ip)
ip_dict = ipwho.lookup_whois()
description = ip_dict["asn_description"]
state = ip_dict["nets"][0]["state"]
city = ip_dict["nets"][0]["city"]
detailed_addr = ip_dict["nets"][0]["address"]
postal_code = ip_dict["nets"][0]["postal_code"]
if description:
temp_ip_whois_dict["description"] = description
else:
temp_ip_whois_dict["description"] = "Not found"
if state:
temp_ip_whois_dict["state"] = state
else:
temp_ip_whois_dict["state"] = "Not found"
if city:
temp_ip_whois_dict["city"] = city
else:
temp_ip_whois_dict["city"] = "Not found"
if detailed_addr:
temp_ip_whois_dict["detailed_addr"] = detailed_addr
else:
temp_ip_whois_dict["detailed_addr"] = "Not found"
if postal_code:
temp_ip_whois_dict["postal_code"] = postal_code
else:
temp_ip_whois_dict["postal_code"] = "Not found"
# Return the generated IP WHOIS dict
return temp_ip_whois_dict
def get_ispinfo(ipaddr):
try:
rdap_response = ipwhois.IPWhois(ipaddr)
ispinfo = rdap_response.lookup_rdap(depth=1)
return ispinfo['asn']
except (ipwhois.exceptions.ASNRegistryError,
ipwhois.exceptions.ASNLookupError,
ipwhois.exceptions.ASNParseError,
ipwhois.exceptions.HTTPLookupError,
ipwhois.exceptions.HTTPRateLimitError):
return False
def whois_ip(ip):
if ip_is_valid(ip):
try:
return ipw.IPWhois(ip).lookup()
except ipw.WhoisLookupError as e:
raise KeyboardInterrupt
except ipw.ipwhois.IPDefinedError as e:
logging.warning(e)
else:
logging.warning('No Whois IP for ' + ip + ' as it doesn\'t seem to be an IP on the internet')
