I need to analysis some IPs, so I need to check DNS BLACK LISTS.
I made simple checking DNS black Lists using python.
import os
import re
import socket
import sys
import requests
from BeautifulSoup import BeautifulSoup
USER_AGENT = "Mozilla/5.0 (Windows NT 5.1; rv:6.0.1) Gecko/20100101 Firefox/6.0.1"
PRAGMA = "no-cache"
ACCEPT = "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
def blacklist(dat):
ip = dat
type =None
status = ""
#path = "/query/bl?ip="
#path +=ip
host = "http://www.spamhaus.org/query/bl?ip="+ip
USER_AGENT = "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.107 Safari/537.36"
PRAGMA = "no-cache"
ACCEPT = "application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*"
results = requests.get(host,
params = {"ip": ip},
headers = {"Host": "www.spamhaus.org",
"User-Agent": USER_AGENT,
"Accept": ACCEPT,
"Accept-Encoding": "gzip, deflate",
"Accept-Language": "ko-KR",
"Connection": "keep-alive"
}
)
try:
html = results.text
except UnicodeDecodeError:
html = u' '.join(results.text).encode('utf-8').strip()
soup = BeautifulSoup(html)
tag = soup.findAll('b')
for item in tag:
if "is listed in the" in item.text:
#print item.text
status = "Block"
return status
else :
status = "Allow"
return status
iplists = open('iplists.txt','r')
save = open('result.csv', 'w')
for ip in iplists:
ip = str(ip).replace("\n","")
print " "*8 + "[-] " + ip
try:
result = blacklist(ip)
except UnicodeDecodeError:
result = u' '.join(blacklist(ip)).encode('utf-8').strip()
save.write(ip + ",\"" + result + "\"\n")
if result:
print " "*12 + result
iplists.close()
save.close()
Input IPs to iplists.txt, then it makes result.csv.
