脚本ip分析 ip反查域名
打开日志文件,里面包含有很多IP
用脚本提取下log日志里面的ip地址
#-*- coding:utf-8 -*-
import fileinput
import re
import os
import shutil
def readIp():#从日志中获得IP
with open(r'honeypot.log', 'r') as f:
for line in f.readlines():
result2 = re.findall('[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}',line) #匹配ip正则表达式
if not result2 == []:
result = result2[0] + '\n'
with open('ip.txt', 'a+') as w:
w.write(result)
def setIp():#去重
a=0
readDir = "ip.txt"
writeDir = "newip.txt"#new
lines_seen = set()
outfile = open(writeDir, "w")
f = open(readDir, "r")
for line in f:
if line not in lines_seen:
a+=1
outfile.write(line)
lines_seen.add(line)
print(a)
outfile.close()
def readDns():#域名解析
with open(r'newip.txt', 'r') as g:
for i in g.readlines():
com=os.popen('nslookup %s'%i)
comm=com.read()
if comm.find('NXDOMAIN')==-1:
print comm
if __name__ == '__main__':
readIp()
setIp()
readDns()
ip反查域名http://www.ipip.net/ip.html
flag{scan-42.security.ipip.net}
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
