악성코드 유포지 등 URL정보를 가지로 IP로 차단할때 한번에 nslookup해서 IP를 추출할때 사용하는 파이썬 소스코드 입니다.



 dnslookup.py

list.txt


# -*- coding: utf-8 -*-

# Copyright (C) 2016 n3osim.

# Author: Neo Yoo(n3oism@gmail.com)


import os

import time

import socket

from urlparse import urlparse


def nslookup(DOMAIN):

try:

ip_list = []

ais = socket.getaddrinfo(DOMAIN,0,0,0,0)

for result in ais:

ip_list.append(result[-1][0])


ip_list = list(set(ip_list))

return (',').join(ip_list)

except:

return "N/A"


def getDomain(PATH,FNAME):

#print PATH + '\\' + FNAME

with open(PATH + '\\' + FNAME, 'r') as f:

maldomain = f.readlines()


if len(maldomain)>0:

for i in range(0,len(maldomain)):

#print i

if maldomain[i][:4]!="http":

maldomain[i]="http://" + maldomain[i].rstrip()

#print urlparse(maldomain[i]).hostname

maldomain[i] = "%-15s / %s" %  (nslookup(urlparse(maldomain[i]).hostname), "hxxp" + maldomain[i][4:])

print maldomain[i]

else:

maldomain = "No URL in File"

## 결과 출력

#print maldomain

return maldomain

print "Loading...."


result = open('result.txt', 'w')

for item in getDomain(os.getcwd(),"list.txt"):

result.write("%s\n" % item)


print "Done. Thank you!"


Posted by n3015m

BLOG main image
'네오이즘'의 보안LAB 블로그입니다........... n3oism@gmail.com by n3015m

카테고리

분류 전체보기 (226)
[ HappyDevTool ] (29)
[ HappyToolRelease ] (4)
[Book] (5)
[ Security Studies ] (0)
- CII (2)
- BigData (2)
- Web Hacking (10)
- SQL Injection (25)
- Mobile Security (8)
- Network (6)
- OperatingSystem (4)
- Malware & Reversing (4)
- Phishing (5)
- Compliance (0)
- Programming (13)
- Tools (13)
- IoT (6)
- etc (21)
[Pentration Testing] (3)
[OS X] (4)
[ Security Trends ] (16)
[ Fixing Guideline ] (7)
My Way, My Life (34)
About Me (2)
Total : 231,036
Today : 3 Yesterday : 264