Article

Get ip address resolution home

Get ip address resolution home ...

Get ip address resolution home

  1. Version V1.0
  2. Time: April 29, 2013
  3. Copyright GPL
  4. By itnihao
  5. Email [email protected]  
  6. Blog http://itnihao.blog.51cto.com  
  7. If you need to reissue, please indicate the above information. Thank you for your cooperation

Purpose of this paper:

By analyzing the process of ip address resolution, sharing the basic steps to explore the problem, and gradually understanding the importance of basic knowledge.

Make a statement:

Based on my knowledge field of vision and the limitation of my understanding ability, there are inevitably improper points in the article. Please understand.

As you all know, there are many websites that can query the IP address, such as ip138, Taobao, QQ and so on. Now take QQ as an example to explore how to query and obtain the attribution through the command line.

http://ip.qq.com/cgi-bin/index Open the website and enter the ip to query

Input the ip address to query, and at the same time, prepare the packet capturing tool to analyze the query data. Here, I open two packet capturing tools, one is httpwatch web page packet capturing, the other is wireshark packet analysis.

By analyzing the data package, you can see the following information

See the green part and submit the data by post. The submitted content is searchip1=114.114.114.114

OK, the rule has been found out here. The query uses post to submit the call. The content is searchip1=X.X.X.X

Then, you can use curl to simulate the submission of data. The command format is as follows

curl URL - d "post submit content" - e "refer address" - A "browser ID"

  1. #!/bin/bash
  3. IP=114.114.114.114
  4. curl http://ip.qq.com/cgi-bin/searchip -d "searchip1=$IP" -e "http://ip.qq.com/cgi-bin/index" -A "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; QQDownload 718; .NET CLR 2.0.50727)"

Note: Chinese characters cannot be displayed because the characters opened by curl do not match the system,

You can save the result as html, open it through a browser, and you will see the resolved address result.

View page source code

So far, it has replaced browser direct access and achieved preliminary results.

This is not the end of the matter. Let's continue to solve the problem of character encoding

The gh2312 character is converted to Utf-8 standard character with the help of system iconv conversion

  1. iconv -f gb2312 -t utf-8

  1. So the command becomes
  2. #!/bin/bash
  4. IP=114.114.114.114
  5. curl http://ip.qq.com/cgi-bin/searchip -d "searchip1=$IP" -e "http://ip.qq.com/cgi-bin/index" -A "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; QQDownload 718; .NET CLR 2.0.50727)" | iconv -f gb2312 -t utf-8| grep "<p>.*"|sed "s/<p>\(.*\).*<span>\(.*\)&nbsp;\(.*\)<\/span><\/p>/\1\2\3/g"

The operation results are as follows

The requirements are basically completed, and then the details are improved. Write a script, which can automatically parse the ip address after receiving the parameter. No more writing here. Of course, it might be better to write this in python.

What is provided here is just a way of thinking, a way to solve problems. Before solving problems, you need to have some basic knowledge

Knowledge needed here:

  1. 1. Be able to use packet grabbing tools to grab packets and analyze data packets
  2. 2. Be familiar with curl command
  3. 3. Be familiar with sed, grep and other commands for text filtering
  4. 4. Other knowledge integration capabilities

Thank you for reading!

Happy May Day!

Appendix a python version of ip address home location resolution

  1. #!/usr/bin/env python
  2. # coding=utf8
  3. # Filename: monitor_idc.py
  4. # Last modified: 2013-04-23 16:54
  5. # Author: itnihao
  6. # Mail: [email protected]
  7. # Description:
  9. import urllib,re, sys
  10. def getip(ip= '114.114.114.114'):
  11. url = "http://ip.qq.com/cgi-bin/searchip"
  12. data = "searchip1="+ip
  14. html = urllib.urlopen(url, data).read().decode("gb2312")
  15. pat = re.compile(r'<span>(.*)</span></p>')
  16. result= re.findall(pat, html)
  17. print ip +": " + result[0].encode("utf-8").replace('&nbsp;', '')
  18. #getip('8.8.8.8')
  19. getip()
  1. taobao edition
  2. #!/usr/bin/env python
  3. # coding=utf8
  4. # Filename: get_out_ip.py
  5. # Last modified: 2013-04-28 17:02
  6. # Author: itnihao
  7. # Mail: [email protected]
  8. # Description:
  10. import urllib, re, simplejson
  12. #Get the exit ip address
  13. html= urllib.urlopen('http://ip.qq.com').read()
  14. pat = re.compile('red">([0-9]+.[0-9]+.[0-9]+.[0-9]+)</span>')
  15. ip = re.findall(pat, html)
  17. ip = ip[0]
  18. #Get ip address home resolution
  19. url = 'http://ip.taobao.com/service/getIpInfo.php?ip=%s' % ip
  20. f = urllib.urlopen(url).read()
  21. s= simplejson.loads(f)
  23. print ip+": "+s['data']['country']+s['data']['area']+s['data']['region']+s['data']['city']+s['data']['isp']

The effect is as follows

20 June 2020, 03:51 | Views: 5936

Add new comment

For adding a comment, please log in
or create account

0 comments