Python network security
foreword
After nearly a year of in-depth study of data security , I suddenly woke up. It turns out that network security is compulsory (cracked), but with 19-20 years of precipitation, I think the basic part is already very solid, so how to improve it? ? ? ?
So after experiencing the baptism of language, I started to output this automation script
1. Basic environment construction
So since we want to use python, we definitely need the tool Pycharm, so I won’t go into too much detail here, just simply go to the official website to download and install it (but because my family background and life are simple (that is, poor), so I Can only use the white prostitution version).
Note: Support the original version, be strict with others, and be lenient with yourself.
Pycharm official website address: https://www.jetbrains.com/pycharm/
2. Code implementation
1. Import library
In order to implement domain name query IP\whois query\port scanning, some modules of python are essential, the specific modules are as follows:
import socket #用于域名转IP的
import requests #获取http/https请求,爬虫必备
import urllib #抓取页面,爬虫必备
import threading #多线程
import time #计时、显示时间
from whois import whois #whois查询
2. Domain name check IP
The code is as follows (example):
def ip_check(url):
IP = socket.gethostbyname(url)
url1 = 'http://ip-api.com/json/' + IP #接口调用查询
response = requests.get(url1)
ip_info = {
}
ip_info = response.json() #查询网址返回的json数据赋值给ip_info字典
#对ip_info中的内容,进行读取显示
print(f'您查询的网站的IP地址是:{
ip_info["query"]}属地信息如下:')
print(f'国 家:{
ip_info["country"]}')
print(f'省 份:{
ip_info["regionName"]}')
print(f'城 市:{
ip_info["city"]}')
Convert the domain name IP through the socket, obtain the content of the webpage after using the interface query, read and print one by one, and finally display the results as follows:
3. Domain name whois query
The code is as follows (example):
def ip_whois(url):
whois_info = {
} #声明一个字典
whois_info = whois(url.lower()) #使用whois模块查询,lower就是统一一下小写
print(f'域名是:{
whois_info["domain_name"]}')
print(f'域名注册商是:{
whois_info["registrar"]}')
print(f'域名注册时间:{
whois_info["creation_date"]}')
print(f'域名到期时间:{
whois_info["expiration_date"]}')
print(f'DNS:{
whois_info["name_servers"]}')
The implementation content is relatively simple. The only problem I encountered is: the
whois module has been looking for a long time
because whois.whois is a function of python2, so when I used python3, I originally used whois.query, but it kept reporting errors, so I think that python3 will definitely port the function of this lazy person, so I finally found the correct module after my unremitting efforts: python-whois
The result shows:
4. Port scanning
The code is as follows (example):
def duankou_check(url):
IP = socket.gethostbyname(url) #域名获取IP
server = socket.socket(socket.AF_INET,socket.SOCK_STREAM) #创建socket对象,面向连接的
for de_port in open('D:\渗透资料\FUZZ\端口清单.txt'): #读取端口
result = server.connect_ex((IP,int(de_port))) #套接字,拼接扫描
if result == 0:
print(de_port+'is_open\n')
else:
print(de_port+'is_close\n')
The connect_ex function of the socket here needs two brackets. This is a question I encountered. Why the socket is designed in this way, it feels a bit counter-logic... The result 
shows:
Summarize
The automation this time is relatively simple, and I will continue to use this as a basis to optimize and improve myself, multi-threading the port, blasting sub-domain names, or any other interesting people can give suggestions.
Checklist to be implemented:
- Multi-threaded port blasting (performance improvement)
- Subdomain blasting (function)
- Batch domain name queries are included in the document (will this thing get stuck for me)
- The fancy interface (hehehe)
- ……
