Using GeoIP to query IP location database

First, download IP database:
http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
Install Python pupi libs: http://pypi.python.org/pypi/pygeoip/
Extract, go to extracted folder and type: #python setup.py install

File geo.py:
import pygeoip
import dns.resolver
import sys
import re

gi =pygeoip.GeoIP('GeoLiteCity.dat')

def name2ip(dnsname):
    answers = dns.resolver.query(dnsname, 'A')
    for rdata in answers:
           return rdata
def printRecord(tgt):
    rec =gi.record_by_name(tgt)
    city =rec['city']
    region =rec['region_name']
    country =rec['country_name']
    long =rec['longitude']
    lat =rec['latitude']
    print '[*] Target: ' +tgt
    print '[+] '+str(city)+', '+str(region)+', '+str(country)
    print '[+] Latitude: '+str(lat)+', Longitude: '+str(long)

str1 = sys.argv[1]
is_ip = re.match("^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$", str1)
is_domain = re.match("^(([a-zA-Z]|[a-zA-Z][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z]|[A-Za-z][A-Za-z0-9\-]*[A-Za-z0-9])$", str1)

if is_ip:
    printRecord(str1)

if is_domain:
    ip = str(name2ip(str1))
    printRecord(ip)

Run it:
#python geo.py hacking.vn
------------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
Security Research
All my Lab:
Linux Lab -- window and Cisco Lab
to be continued - I will update more.

Comments

Anonymous said…
Please post result for testing case.
Unknown said…
IP Location Finder tool will provide get geolocation of any web ip address including city, country, latitude, longitude and more

Popular posts from this blog

Python - Multithread to read one file

Install Xposed Inspector and Frida on Genymotion

OpenCA tutorial