Penetration Testing mailing list archives
Re: "Ping scan" through Google -- Perl version for *NIX
From: Peter Hille <peter () das-system ath cx>
Date: Sun, 22 Jan 2006 14:54:27 +0100
Hi, Petr.Kazil () eap nl wrote:
The way I do a "Google Ping scan" is so trivial and badly programmed that I'm almost ashamed to publish it. But since two people asked about it, I'll publish it anyway. This thing could be programmed much better using Perl and the Google API, but I haven't taken the time to do this. Suppose I want to scan the range: 221.208.146.1-255 (This is a random IP range that I got from one of the most recent SPAM mails that I received.) The Google search URL belonging to the spam sender's address 221.208.146.138 is: http://www.google.nl/search?hl=en&q=%22221.208.146.138%22&btnG=Search
I've created a small Perl version of the VBscript previously published here: === CUT HERE === #!/usr/bin/perl # # 'Google scan' script for *NIX operating systems # based on an idea by Petr Kazil, ported to *NIX/Perl # by Peter Hille # # This script takes the first three bytes of a class C # IP range as an argument and then searches Google for each # address in that range. If any results were found, they're # saved to 'Googlescan_$ip.html'. # use warnings; use strict; use LWP; my $ipr = ''; die "Syntax: $0 1.2.3\n" unless ($ipr = shift); die "Syntax: $0 1.2.3\n" unless ($ipr =~ /^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/i); my $ip_a = $1; my $ip_b = $2; my $ip_c = $3; my $browser = LWP::UserAgent->new; for (1 .. 255) { my $url = "http://www.google.com/search?hl=en&q=%22$ip_a.$ip_b.$ip_c.$_%22&btnG=Search"; my $response = $browser->get( $url, 'User-Agent' => 'Mozilla/4.76 [en] (Win98; U)', 'Accept' => 'text/html, text/plain, */*', 'Accept-Charset' => 'iso-8869-1, *, utf-8', 'Accept-Language' => 'en-US' ); if ($response->is_success) { if ($response->content =~ m/did not match any documents/i) { print "\x1b[33;1m[i] Search for $ip_a.$ip_b.$ip_c.$_ did not return any documents!\n"; next; } print "\x1b[32;1m[*] Got search results for $ip_a.$ip_b.$ip_c.$_\n"; my $fn = "Googlescan_$ip_a.$ip_b.$ip_c.$_.html"; open OUTFILE, ">$fn" or die 'Unable to open output file "' . $fn . '": ' . $!; print OUTFILE $response->content; close OUTFILE; } else { print "\x1b[31;1m[X]\x1b[0;0m HTTP error while trying to load $url: " . $response->status_line . "\n"; } } === CUT HERE === Please note that your terminal will need support for ANSI escape sequences, or the output will somewhat ugly... Greetings Peter Hille ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Re: List of "clickable" on-line pen-test tools, (continued)
- Re: List of "clickable" on-line pen-test tools Ivan . (Jan 24)
- Re: List of "clickable" on-line pen-test tools Alvin Oga (Jan 25)
- Re: List of "clickable" on-line pen-test tools thomas springer (Jan 25)
- Message not available
- Re: List of "clickable" on-line pen-test tools FocusHacks (Jan 30)
- Re: List of "clickable" on-line pen-test tools thomas springer (Jan 24)
- Re: Secure Password Policy? Tim (Jan 21)
- Re: Secure Password Policy? Tim (Jan 21)
- "Ping scan" through Google Petr . Kazil (Jan 22)
- Re: "Ping scan" through Google -- Perl version for *NIX Peter Hille (Jan 22)
- Re: "Ping scan" through Google Robert Wesley McGrew (Jan 22)
- Re: "Ping scan" through Google pagvac (Jan 23)
- Re: Secure Password Policy? David M. Zendzian (Jan 22)
- Re: Secure Password Policy? Brian Anderson (Jan 22)
- Re: Secure Password Policy? bf (Jan 21)
- Re: Secure Password Policy? intel96 (Jan 22)