#!/usr/bin/perl -w # # Copyright (C) 2009, Joshua D. Abraham (jabra@spl0it.org) # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # use strict; # use strict; use Getopt::Long; use HTML::SimpleLinkExtor; use Socket; use vars qw( $PROG ); ( $PROG = $0 ) =~ s/^.*[\/\\]//; # Truncate calling path from the prog name my $AUTH = 'Joshua D. Abraham'; # author my $EMAIL = 'jabra@spl0it.org'; # email my $VERSION = '1.00'; # version my %options; # getopt option hash my ($domain,$prefix); my $number = 1; my @links; BEGIN { $SIG{__WARN__} = sub{ }; $SIG{__DIE__} = sub{ }; } # # help: # display help information # sub help { print "Usage: $PROG [Input Option] [Option] -i --ip [str] IP Address to find virtual host -d --domain [str] Domain Filter include -p --prefix [str] Prefix Filter Out -n --number [num] Number of pages to try -r --resolve Resolve Hostnames -v --version Display version -h --help Display this information Send Comments to $AUTH ( $EMAIL )\n"; exit; } if ( @ARGV == 0 ) { help; exit; } GetOptions( \%options, 'ip|i=s', 'domain|d=s','prefix|p=s','resolve','number|n=s', 'help|h' => sub { help(); }, 'version|v' => sub { print_version(); }, ) or exit 1; if ( $options{domain} ) { $domain = $options{domain}; } if ( $options{prefix} ) { $prefix = $options{prefix}; } if ( $options{number} ) { if ($options{number} =~ /\d+/ and $options{number} > 0) { $number = $options{number}; } else { print "number not a number\n"; exit; } } if ( $options{ip} ) { my $ip = $options{ip}; $ip =~ s/\s+//g; if ($ip !~ /\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/) { my $inet = inet_aton("$ip"); if (defined $inet){ $ip = inet_ntoa($inet); } else { print "cant resolve $ip\n"; } } my $url; my $i; for(1..$number) { my $extor = HTML::SimpleLinkExtor->new(); sleep int(rand(3)); if ($_ == 1 ) { $url = "http://search.msn.com/results.aspx?q=ip%3A$ip&first=$i"; } elsif ($_ == 2 ) { $i = int($_-1) . 1; $url = "http://search.msn.com/results.aspx?q=ip%3A$ip&first=$i&FORM=PERE"; } elsif ($_ < 10) { my $j = int($_-1); $i = $j . 1; $url = "http://search.msn.com/results.aspx?q=ip%3A$ip&first=$i&FORM=PERE$j"; } $extor->parse_url( $url ); my @tmp = $extor->schemes( qw( http https ) ); push(@links,@tmp); } } else { print "Error: Input type not set\n"; help(); } my %hash; foreach(@links) { s/\s+//g; next if (/microsoft\.com/i or /msnscache\.com/ or /msn\.com/i or /live\.com/i or /clk\.atdmt\.com/i); if ( (!defined($domain)) or ($_ =~ /$domain/) ) { s/http:\/\///g; s/https:\/\///g; s/\/.*//g; $hash{lc($_)}++; } } my $high = 0; foreach my $h (sort keys %hash) { if ( defined($prefix) and $h =~ /$prefix/) { next; } if ( $options{resolve} ) { my $inet = inet_aton("$h"); if (defined $inet){ my $ip = inet_ntoa($inet); if ( length($h) > 22) { print "$h\t\t=>\t$ip\n"; } elsif ( length($h) > 15) { print "$h\t\t\t=>\t$ip\n"; } else { print "$h\t\t\t\t=>\t$ip\n"; } } else { print "Could not resolve $h\n"; } } else { print "$h\n"; } }