-
Notifications
You must be signed in to change notification settings - Fork 25
/
TrackAttacker.py
159 lines (142 loc) · 5.86 KB
/
TrackAttacker.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
#!/usr/bin/env python3
# _*_ coding:utf-8 _*_
'''
Program:TrackAttacker
Function:help people track the attacker
Version:Python3
Time:2021/3/24
Author:bywalks
Blog:http://www.bywalks.com
Github:https://github.com/bywalks
'''
import requests
import time
from concurrent.futures import ThreadPoolExecutor,ProcessPoolExecutor
from requests.packages import urllib3
import re
import json
import nmap
import sys
urllib3.disable_warnings()
headers = {
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36',
'cookie' : 'Hm_lvt_d5e9e87de330d4ceb8f78059e5df3182=1616638111; Hm_lpvt_d5e9e87de330d4ceb8f78059e5df3182=1616638111; eid=2c2dcde34fc9ec2b0b411655235dbe05'
}
banner = '''
_______ _ _ _ _
|__ __| | | /\ | | | | | |
| |_ __ __ _ ___| | __ / \ | |_| |_ __ _ ___| | _____ _ __
| | '__/ _` |/ __| |/ / / /\ \| __| __/ _` |/ __| |/ / _ \ '__|
| | | | (_| | (__| < / ____ \ |_| || (_| | (__| < __/ |
|_|_| \__,_|\___|_|\_\/_/ \_\__|\__\__,_|\___|_|\_\___|_|
By Bywalks | V 1.0
'''
#通过IP获取网站域名
def get_site_by_ip(ip):
try:
url = "https://site.ip138.com/"+str(ip)+"/"
req = requests.get(url,timeout=3,headers=headers,verify=False)
req.encoding = "utf-8"
site=re.findall('<li><span\sclass="date">[\d\-\s]+</span><a\shref=".*?"\starget="_blank">(.*?)</a></li>',req.text)
if site != "":
print("[+]Site:"+site[0])
return site[0]
except:
pass
#通过IP获取地址
def get_address_by_ip(ip):
try:
url = "https://www.ip138.com/iplookup.asp?ip="+str(ip)+"&action=2"
req = requests.get(url,timeout=3,headers=headers,verify=False)
req.encoding = "gbk"
address=re.findall('"ASN归属地":"(.*?)",\s"iP段":',req.text)
if address != "":
print("[+]Address:"+address[0])
except:
pass
#通过网站获取备案信息
def get_beian_by_site(site):
try:
url = "https://www.beian88.com/home/Search"
post_site = {'d': site}
req = requests.post(url,data=post_site,timeout=3,headers=headers,verify=False)
req.encoding = "utf-8"
key=re.findall('"key":"(.*?)"}',req.text)
url1 = "https://www.beian88.com/d/" + key[0]
requ = requests.get(url1,timeout=3,headers=headers,verify=False)
requ.encoding = "utf-8"
name=re.findall('<span class="field-value" id="ba_Name">(.*?)</span>',requ.text)
if name[0] != "":
#print("备案信息")
webname=re.findall('<span class="field-value" id="ba_WebName">(.*?)</span>',requ.text)
print("[+]网站名称:"+webname[0])
print("[+]主办单位名称:"+name[0])
type=re.findall('<span class="field-value" id="ba_Type">(.*?)</span>',requ.text)
print("[+]主办单位性质:"+type[0])
license=re.findall('<span class="field-value" id="ba_License">(.*?)</span>',requ.text)
print("[+]网站备案/许可证号:"+license[0])
except:
pass
#通过网站获取whois信息
def get_whois_by_site(site):
try:
url = "http://whois.4.cn/api/main"
post_site = {'domain': site}
req = requests.post(url,data=post_site,headers=headers,verify=False)
json_data = json.loads(req.text)
if json_data['data']['owner_name'] !="":
#print("Whois信息")
print("[+]域名所有者:"+json_data['data']['owner_name'])
print("[+]域名所有者邮箱:"+json_data['data']['owner_email'])
print("[+]域名所有者注册:"+json_data['data']['registrars'])
except:
pass
#通过ip查端口
def nmap_port(ip):
n = nmap.PortScanner()
ip = "\""+ip+"\""
n.scan(hosts=ip,arguments="-sV -p 22,80,90,443,1433,1521,3306,3389,6379,7001,7002,8000,8080,9090,9043,9080,9300,50050")
for x in n.all_hosts():
if n[x].hostname() != "":
print("[+]HostName: " + n[x].hostname())
for y in n[x].all_protocols():
print("[+]Protocols: " + y)
for z in n[x][y].keys():
if n[x][y][z]["state"] == "open":
print("[+]port: " + str(z) + " | name: " + n[x][y][z]["name"] + " | state: " + n[x][y][z]["state"])
def deal_url(url):
print(url)
get_address_by_ip(url)
site = get_site_by_ip(url)
if site != None:
get_beian_by_site(site)
get_whois_by_site(site)
nmap_port(url)
print("=========================================")
def main():
print(banner)
print("[+]帮助小伙伴追踪Attacker的小工具")
print("[+]使用方法1:python3 TrackAttacker.py")
print("[+]使用方法2:python3 TrackAttacker.py all")
print("[+]如果你第一次使用该工具,请看README.md")
print("=========================================")
url = "urls.txt"
with open(url) as f:
for url in f:
url = url.replace('\n','')
print(url)
get_address_by_ip(url)
site = get_site_by_ip(url)
if site != None:
get_beian_by_site(site)
get_whois_by_site(site)
if len(sys.argv)>1:
if sys.argv[1]=="all":
nmap_port(url)
print("=========================================")
if __name__=="__main__":
#判断程序运行时间
start = time.time()
main()
end = time.time()
print("The program spend time is %.3f seconds" %(end-start))