IP&whois&系统指纹获取代码段-外网

CDN&子域名&端口扫描&交互代码段-外网

ip 查询-socket

def ip_check(url):
ip=socket.gethostbyname(url)
print(ip)

whois 查询-模块库获取

def whois_check(url):
data=whois(url)
print(data)

CDN 判断-利用返回 IP 数目进行判断

def cdn_check(url):
ns="nslookup "+url
#data=os.system(ns)
#print(data) #结果无法读取操作
data=os.popen(ns,"r").read()
if data.count(".")>8:
print("存在 CDN")
else:
print("不存在 CDN")

子域名查询

#1.利用字典记载爆破进行查询
#2.利用 bing 或第三方接口进行查询
def zym_list_check(url):
url=url.replace("www.","")
for zym_list in open("dic.txt"):
zym_list=zym_list.replace("\n","")
zym_list_url=zym_list+"."+url
try:
ip=socket.gethostbyname(zym_list_url)
print(zym_list_url+"->"+ip)
time.sleep(0.1)
except Exception as e:
print(zym_list_url+"->"+"error")
time.sleep(0.1)
def zym_api_check(url):
url=url.replace("www.", "")

端口扫描

#1.自写 socket 协议 tcp,udp 扫描
#2.调用第三方 masscan,nmap 等扫描
def port_check(url):
ip = socket.gethostbyname(url)
#ip="192.168.76.155"
#ports={'21','22','135','443','445','80','1433','3306',"3389",'1521','8000','7002','7001','8080',"9090",'8089',
"4848}
server = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
#for port in ports:
try:
data=server.connect_ex((ip, 80))
if data==0:
print(ip+":"+str(80)+"|open")
else:
print(ip+":"+str(80)+"|close")
pass
except Exception as err:
print("error")

系统判断-

#1.基于 TTL 值进行判断
#2.基于第三方脚本进行判断
def os_check(url):
data = os.popen("nmap\\nmap -O "+url, "r").read()
print(data)

PY转换成Exe: Pyinstaller

if __name__ == '__main__':
print("Test：python test.py www.xiaodi8.com all")
url = sys.argv[1]
check = sys.argv[2]
#print(url +"\n"+ check)
if check=="all":
ip_check(url)
whois_check(url)
cdn_check(url)
os_check(url)
#port_check(url)
zym_list_check(url)