Here is a little shell script I created after seeing the potential of one posted by Paul Asadoorian. Its not perfect but as a canned script used the way it was intended, it does the job. Feel free to modify it however you wish. It was written for a Linux system that uses a newer version of nslookup so you may have to modify the options for your version. You can add traceroute or other commands too, such as ping or even dig.

The script will take a filename from stdin and output a file (path specified by user with a base of /tmp). It is also important to note that the IP address needs to be at the beginning of the line in the file of IP addresses provided. It works great for Apache logs or other lists of IP's you've compiled and need more info on. Otherwise, some minor modifications should suffice with awk to grab the IP from the file in the appropriate position.

This script is provided without any warranty or guarantee of fitness for use (especially on a production system). Use it at your own risk.

   
 
#!/bin/sh
clear
echo ""
echo "          #########################################################"
echo "          #########################################################="
echo "          ###                                                   ###="
echo "          ###          IP Resolution/Correlation Script         ###="
echo "          ###       Created by Jamie French - Whitehats.ca      ###="
echo "          ###                   05/03/2002                      ###="
echo "          ###                                                   ###="
echo "          #########################################################="
echo "          #########################################################="
echo "            ========================================================"
sleep 2

clear
echo " Files processed are placed in /tmp/output-filename"
echo ""
echo " ##################################################"
echo ""
echo " Input the filename to process:"
read    filename1
echo " Enter a name for the output file:"
read    filename2
# echo " Enter the whois server to use:"
# echo "  (default is whois.crsnic.net)"
# read    whois1

if ls $filename | grep -s $filename1 > /dev/null
 then
#    awk '{print "nslookup -sil "$1"\n whois -vr "$1"\n /
#    \n/usr/sbin/traceroute -m 20 "$1"\n echo /
#    \"###################################################################\""}' /
#    $filename1 | sh > /tmp/$filename2

    awk '{print "nslookup -sil "$1"\n whois -vr "$1"\n \n echo \"#############################################################\""}' $filename1 | sh > /tmp/$filename2
 exit 1
else
   echo " The input filename does not exist... Are you sure of the path?"
   echo "  Try again!"
   exit 2
fi
   

Non-Active Sitemap

Copyright © 2000-2014 Whitehats.ca
Contact Information 519.221.9132 : Web Contact webmaster@whitehats.ca