악성코드 유포지 등 URL정보를 가지로 IP로 차단할때 한번에 nslookup해서 IP를 추출할때 사용하는 파이썬 소스코드 입니다.
dnslookup.py
# -*- coding: utf-8 -*-
# Copyright (C) 2016 n3osim.
# Author: Neo Yoo(n3oism@gmail.com)
import os
import time
import socket
from urlparse import urlparse
def nslookup(DOMAIN):
try:
ip_list = []
ais = socket.getaddrinfo(DOMAIN,0,0,0,0)
for result in ais:
ip_list.append(result[-1][0])
ip_list = list(set(ip_list))
return (',').join(ip_list)
except:
return "N/A"
def getDomain(PATH,FNAME):
#print PATH + '\\' + FNAME
with open(PATH + '\\' + FNAME, 'r') as f:
maldomain = f.readlines()
if len(maldomain)>0:
for i in range(0,len(maldomain)):
#print i
if maldomain[i][:4]!="http":
maldomain[i]="http://" + maldomain[i].rstrip()
#print urlparse(maldomain[i]).hostname
maldomain[i] = "%-15s / %s" % (nslookup(urlparse(maldomain[i]).hostname), "hxxp" + maldomain[i][4:])
print maldomain[i]
else:
maldomain = "No URL in File"
## 결과 출력
#print maldomain
return maldomain
print "Loading...."
result = open('result.txt', 'w')
for item in getDomain(os.getcwd(),"list.txt"):
result.write("%s\n" % item)
print "Done. Thank you!"