import socket, os, time, sys, whois # ip查询 def ip_check(url): ip = socket.gethostbyname(url) print(ip) # whois查询 def whois_check(url): data = whois.whois(url) print(data) # CDN查询 def cdn_check(url): ns = "nslookup " + url # data=os.system(ns) # print(data) #结果无法读取操作 data = os.popen(ns, "r").read() if data.count(".") > 8: print("存在CDN") else: print("不存在CDN") # 子域名查询 #利用字典记载爆破进行查询 def zym_list_check(url): url = url.replace("www.", "") for zym_list in open("dic.txt"): zym_list = zym_list.replace(" ", "") zym_list_url = zym_list + "." + url try: ip = socket.gethostbyname(zym_list_url) print(zym_list_url + "->" + ip) time.sleep(0.1) except Exception as e: time.sleep(0.1) # 端口扫描 def port_check(url): ip = socket.gethostbyname(url) server = socket.socket(socket.AF_INET, socket.SOCK_STREAM) try: data = server.connect_ex((ip, 80)) if data == 0: print(ip + ":" + str(80) + "|open") else: print(ip + ":" + str(80) + "|close") pass except Exception as err: print("error") if __name__ == '__main__': print("python3 1.py all www.baidu.com") check = sys.argv[1] url = sys.argv[2] # print(url +" "+ check) if check == "all": ip_check(url) port_check(url) cdn_check(url) whois_check(url) zym_list_check(url)