API tools faq
paste
Advertisement
0xspade

Domain Reverse IP Look Up

0xspade
Aug 25th, 2016
377
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 1.95 KB | None | 0 0
raw download clone embed print report
  1. <script src="//my.hellobar.com/d47b5e9fed3fd1926808aefff5134faac871bb04.js" type="text/javascript" charset="utf-8" async="async"></script>#!/usr/local/bin/python2.7
  2.  
  3. # The objective of this script is to generate an output file with all the URLs found on shared hosting ('DSQLiReverseLookUp.txt' by default)
  4. # Shamelessly copied from http://hack-addict.blogspot.co.nz/2011/09/finding-domains-on-targeted-host.html.
  5. # Thanks and credit to the author
  6.  
  7. import httplib, urllib, socket, sys
  8. from xml.dom.minidom import parse, parseString
  9.  
  10. #reverseLookUp = 'DSQLiReverseLookUp.txt'
  11.  
  12. def generate_reverse_lookup(domainURL, filename, verbose):
  13.     print "\t[*] Performing Reverse IP Lookup to collect all domains hosted on same server....."
  14.     if domainURL[:7] == "http://":
  15.             domainURL = domainURL[7:]
  16.    
  17. #   print "\n inside generate_reverse_lookup function with args: ", domainURL
  18.     AppId = '1734E2C92CA63FAA596335295B09CF1D0B5C6161'
  19.     sites = [domainURL]
  20.     ip = socket.gethostbyname(domainURL)
  21.     offset = 50
  22.    
  23.     while offset < 300:
  24.         uri = "/xml.aspx?AppId=%s&Query=ip:%s&Sources=Web&Version=2.0&Market=en-us&Adult=Moderate&Options=EnableHighlighting&Web.Count=50&Web.Offset=%s&Web.Options=DisableQueryAlterations"%(AppId, ip, offset)
  25.         conn = httplib.HTTPConnection("api.bing.net")
  26.         conn.request("GET", uri)
  27.         res = conn.getresponse()
  28.         data = res.read()
  29.         conn.close()
  30.         xmldoc = parseString(data)
  31.         nameEls = xmldoc.getElementsByTagName('web:DisplayUrl')
  32.    
  33.         for el in nameEls:
  34.             temp = el.childNodes[0].nodeValue
  35.             temp = temp.split("/")[0]
  36.        
  37.             if temp.find('www.') == -1:
  38.                 if temp not in sites:
  39.                     sites.append(temp)
  40.         offset += 50
  41.    
  42.     print "\n\t[-] Reverse IP Look Up successful"
  43. #   print "\n\t[-] Number of domain(s) found: %d\n" % len(sites)
  44.    
  45.     try:
  46.         fd_reverseLookUp = open(filename, 'w+')
  47.         for site in sites:
  48.             fd_reverseLookUp.write(site + '\n')
  49.             if verbose == 1:
  50.                 print "\t\t", site
  51.        
  52.         print "\n\t[-] Number of domain(s) found: %d\n"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!