From: Peter Hille (peter@das-system.ath.cx)
Date: Sun Jan 22 2006 - 08:54:27 EST
Hi,
Petr.Kazil@eap.nl wrote:
>The way I do a "Google Ping scan" is so trivial and badly programmed that
>I'm almost ashamed to publish it.
>But since two people asked about it, I'll publish it anyway.
>
>This thing could be programmed much better using Perl and the Google API,
>but I haven't taken the time to do this.
>
>Suppose I want to scan the range: 221.208.146.1-255
>(This is a random IP range that I got from one of the most recent SPAM
>mails that I received.)
>
>The Google search URL belonging to the spam sender's address
>221.208.146.138 is:
>http://www.google.nl/search?hl=en&q=%22221.208.146.138%22&btnG=Search
>
>
>
I've created a small Perl version of the VBscript previously published here:
=== CUT HERE ===
#!/usr/bin/perl
#
# 'Google scan' script for *NIX operating systems
# based on an idea by Petr Kazil, ported to *NIX/Perl
# by Peter Hille
#
# This script takes the first three bytes of a class C
# IP range as an argument and then searches Google for each
# address in that range. If any results were found, they're
# saved to 'Googlescan_$ip.html'.
#
use warnings;
use strict;
use LWP;
my $ipr = '';
die "Syntax: $0 1.2.3\n" unless ($ipr = shift);
die "Syntax: $0 1.2.3\n"
unless ($ipr =~ /^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/i);
my $ip_a = $1;
my $ip_b = $2;
my $ip_c = $3;
my $browser = LWP::UserAgent->new;
for (1 .. 255)
{
my $url =
"http://www.google.com/search?hl=en&q=%22$ip_a.$ip_b.$ip_c.$_%22&btnG=Search";
my $response =
$browser->get(
$url,
'User-Agent' => 'Mozilla/4.76 [en] (Win98; U)',
'Accept' => 'text/html, text/plain, */*',
'Accept-Charset' => 'iso-8869-1, *, utf-8',
'Accept-Language' => 'en-US'
);
if ($response->is_success)
{
if ($response->content =~ m/did not match any documents/i)
{
print
"\x1b[33;1m[i] Search for $ip_a.$ip_b.$ip_c.$_ did not
return any documents!\n";
next;
}
print "\x1b[32;1m[*] Got search results for $ip_a.$ip_b.$ip_c.$_\n";
my $fn = "Googlescan_$ip_a.$ip_b.$ip_c.$_.html";
open OUTFILE, ">$fn"
or die 'Unable to open output file "' . $fn . '": ' . $!;
print OUTFILE $response->content;
close OUTFILE;
}
else
{
print "\x1b[31;1m[X]\x1b[0;0m HTTP error while trying to load
$url: "
. $response->status_line . "\n";
}
}
=== CUT HERE ===
Please note that your terminal will need support for ANSI escape
sequences, or the output will somewhat ugly...
Greetings
Peter Hille
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:24 EDT