Re: "Ping scan" through Google -- Perl version for *NIX

[Peter Hille <peter () das-system ath cx>]

Hi,

Petr.Kazil () eap nl wrote:

> The way I do a "Google Ping scan" is so trivial and badly programmed that 
> I'm almost ashamed to publish it.
> But since two people asked about it, I'll publish it anyway.
>
> This thing could be programmed much better using Perl and the Google API, 
> but I haven't taken the time to do this.
>
> Suppose I want to scan the range: 221.208.146.1-255
> (This is a random IP range that I got from one of the most recent SPAM 
> mails that I received.)
>
> The Google search URL belonging to the spam sender's address 
> 221.208.146.138 is:
> http://www.google.nl/search?hl=en&q=%22221.208.146.138%22&btnG=Search
>
>  
I've created a small Perl version of the VBscript previously published here:

=== CUT HERE ===

#!/usr/bin/perl
#
# 'Google scan' script for *NIX operating systems
#   based on an idea by Petr Kazil, ported to *NIX/Perl
#   by Peter Hille
#
# This script takes the first three bytes of a class C
# IP range as an argument and then searches Google for each
# address in that range. If any results were found, they're
# saved to 'Googlescan_$ip.html'.
#

use warnings;
use strict;

use LWP;

my $ipr = '';

die "Syntax: $0 1.2.3\n" unless ($ipr = shift);
die "Syntax: $0 1.2.3\n"
  unless ($ipr =~ /^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/i);

my $ip_a = $1;
my $ip_b = $2;
my $ip_c = $3;

my $browser = LWP::UserAgent->new;

for (1 .. 255)
{
    my $url =
     
"http://www.google.com/search?hl=en&q=%22$ip_a.$ip_b.$ip_c.$_%22&btnG=Search";;
    my $response =
      $browser->get(
                    $url,
                    'User-Agent'      => 'Mozilla/4.76 [en] (Win98; U)',
                    'Accept'          => 'text/html, text/plain, */*',
                    'Accept-Charset'  => 'iso-8869-1, *, utf-8',
                    'Accept-Language' => 'en-US'
                   );

    if ($response->is_success)
    {
        if ($response->content =~ m/did not match any documents/i)
        {
            print
              "\x1b[33;1m[i] Search for $ip_a.$ip_b.$ip_c.$_ did not
return any documents!\n";
            next;
        }

        print "\x1b[32;1m[*] Got search results for $ip_a.$ip_b.$ip_c.$_\n";
        my $fn = "Googlescan_$ip_a.$ip_b.$ip_c.$_.html";

        open OUTFILE, ">$fn"
          or die 'Unable to open output file "' . $fn . '": ' . $!;
        print OUTFILE $response->content;
        close OUTFILE;
    }
    else
    {
        print "\x1b[31;1m[X]\x1b[0;0m HTTP error while trying to load
$url: "
          . $response->status_line . "\n";
    }
}

=== CUT HERE ===

Please note that your terminal will need support for ANSI escape
sequences, or the output will somewhat ugly... 

Greetings

Peter Hille


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------