#!/usr/bin/env python
import sys, socket
result = socket.getaddrinfo(sys.argv[1], None)
print result[0][4]
獲取目標主機IP。
如:
zoo@zoo:~/桌面$ python getaddrinfo.py www.yahoo.com
('72.30.38.140', 0)
獲取全部條目:
#!/usr/bin/env python
import sys, socket
result = socket.getaddrinfo(sys.argv[1], None)
counter = 0
for item in result:
print "%-2d : %s" % (counter, item[4])
counter += 1
運行:
zoo@zoo:~/桌面$ python getaddrinfo2.py www.yahoo.com
0 : ('72.30.2.43', 0)
1 : ('72.30.2.43', 0)
2 : ('72.30.2.43', 0)
3 : ('72.30.38.140', 0)
4 : ('72.30.38.140', 0)
5 : ('72.30.38.140', 0)
zoo@zoo:~/桌面$ python getaddrinfo2.py www.baidu.com
0 : ('119.75.218.77', 0)
1 : ('119.75.218.77', 0)
2 : ('119.75.218.77', 0)
3 : ('119.75.217.56', 0)
4 : ('119.75.217.56', 0)
5 : ('119.75.217.56', 0)
betterone:
#!/usr/bin/env python
import sys, socket
result = socket.getaddrinfo(sys.argv[1], None, 0, socket.SOCK_STREAM)
counter = 0
for item in result:
print "%-2d : %s " % (counter, item[4])
counter += 1
運行:
zoo@zoo:~/桌面$ python getaddrinfo3.py www.baidu.com
0 : ('119.75.217.56', 0)
1 : ('119.75.218.77', 0)
反向查詢:
#!/usr/bin/env python
import sys, socket
try:
result = socket.gethostbyaddr(sys.argv[1])
print "Primary hostname:"
print " " + result[0]
print "\nAddress:"
for item in result[2]:
print " " + item
except socket.herror, e:
print "Couldn't look up name:" , e
運行:
zoo@zoo:~/桌面$ python gethostbyaddr.py 127.0.0.1
Primary hostname:
localhost
Address:
127.0.0.1
可惜很多網站都使用了域名服務器,我們無法得知真實的IP,也就無法從IP得到主機名...
使用更好的版本:
#!/usr/bin/env python
import sys, socket
def getipaddrs(hostname):
"""Get a list of IP Address from a given hostname. This is a standard
(forword) lookup."""
result = socket.getaddrinfo(hostname, None, 0, socket.SOCK_STREAM)
return [x[4][0] for x in result]
def gethostname(ipaddr):
"""Get the hostname from a given IP address. This is a reverse lookup."""
return socket.gethostbyaddr(ipaddr)[0]
try:
# First, do the reverse lookup and get the hostname
hostname = gethostname(sys.argv[1]) # could raise socket.herror
ipaddrs = getipaddrs(hostname) # get ipaddrs from hostname
except socket.herror , e:
print "No host names available for %s ; this may be normal." % sys.argv[1]
sys.exit(0)
except socket.gaierror, e:
print "Got hostname %s, but it could not be forward-resolved: %s " % ((hostname, str(e)))
sys.exit(1)
if not sys.argv[1] in ipaddrs:
print "Got hostname %s, but on forward lookup," % hostname
print "original IP %s did not appear in IP address list." % sys.argv[1]
sys.exit(2)
print "Validated hostname: ", hostname
運行:
zoo@zoo:~/桌面$ python betterinfo.py 127.0.0.1
Validated hostname: localhost
zoo@zoo:~/桌面$ python betterinfo.py 202.196.5.3
No host names available for 202.196.5.3 ; this may be normal.
zoo@zoo:~/桌面$ python betterinfo.py 82.94.164.162
Validated hostname: dinsdale.python.org
gethostbyaddr說明:
socket.gethostbyaddr(ip_address)
Return a triple (hostname, aliaslist, ipaddrlist)
where hostname is the primary host name responding to the given ip_address,
aliaslist is a (possibly empty) list of alternative host names for the same address,
and ipaddrlist is a list of IPv4/v6 addresses for the same interface on the same host
(most likely containing only a single address).
To find the fully qualified domain name,
use the function getfqdn(). gethostbyaddr() supports both IPv4 and IPv6.
使用PyDNS:
#!/usr/bin/env python
import sys, DNS
query = sys.argv[1]
DNS.DiscoverNameServers()
reqobj = DNS.Request()
answerobj = reqobj.req(name = query, qtype = DNS.Type.ANY)
if not len(answerobj.answers):
print "Not found"
for item in answerobj.answers:
print "%-5s %s" % (item['typename'], item['data'])
zoo@zoo:~/桌面$ python pynds.py www.baidu.com
CNAME www.a.shifen.com
zoo@zoo:~/桌面$ python pynds.py www.sina.com
CNAME us.sina.com.cn
zoo@zoo:~/桌面$ python pynds.py www.google.com
CNAME www.l.google.com
zoo@zoo:~/桌面$ python pynds.py www.apress.com
CNAME apress.com