#!/usr/bin/perl ########################################################## # ipkas.pl, v.1.01 # Detects hostname/domain/country for IP address inputted, # uses both DNS and WHOIS services # (C) Ansis Ataols Bērziņš , 2000-2006 # http://ansis.lv/ipkas/ # Public domain, can be used and modified as wanted. ########################################################## use IO::Socket; ($userfile,$arglist) = split(/\\\[/,"@ARGV"); ($addr) = split(/ /,$userfile); print "Hostname detector for IP address.\n"; if ($addr !~ /\d+\.\d+\.\d+\.\d+/) { print "Usage: ipkas.pl IP_address\n"; exit(0); } print "IP address: $addr\n"; $hn = &addr2host($addr); if ($hn) { print "Hostname found: $hn\a\n"; } else { print "Hostname not found!\a\n"; } $wh = &addr2whois($addr); print "\n$wh"; if ($hn) { print "Hostname: $hn\a"; } print "\n\n"; exit(1); sub addr2host { local($IP_address) = $_[0]; local(@bytes) = split(/\./, $IP_address); local($packaddr) = pack("C4",@bytes); local($host_name) = (gethostbyaddr($packaddr, 2))[0]; return($host_name); } sub addr2whois { local($IP_address) = $_[0]; local $out; local @servers = ( 'whois.arin.net', 'whois.ripe.net', 'whois.apnic.net' ); local @IP = split(/\./, $IP_address); local $IPsum = (($IP[0]*1000+$IP[1])*1000+$IP[2])*1000+$IP[3]; local $num = 0; nextserv: local $server = $servers[$num]; if (!$server) { return 1; } print "Checking whois database at $server\n"; $sock = IO::Socket::INET->new("$server:43") || die &fail; print $sock "$IP_address\n"; @output=<$sock>; close $sock; chop(@output); velreiz: local $arin_new = ''; local $arin_q = ''; foreach $x (@output) { $x =~ s/\t/ /g; if ($x =~ /(No match|No entries|Not found|No Records|not registered|These addresses have been further assigned)/i) { print "Not found...\n"; $num++; goto nextserv; } if ($x =~ /^.+?\s+\(([-\w]+)\)\s+[-\w]+\s+(\d+)\.(\d+)\.(\d+)\.(\d+)\s-\s(\d+)\.(\d+)\.(\d+)\.(\d+)$/) { local $start = (($2*1000+$3)*1000+$4)*1000+$5; local $end = (($6*1000+$7)*1000+$8)*1000+$9; if ($IPsum >= $start && $IPsum <= $end) { $arin_new = $1 }; } elsif ($x =~ /^.+?\s+\(([-\w]+)\)\s+[-\w]+$/) { $arin_q = $1; } elsif ($x =~ /^(\s+)(\d+)\.(\d+)\.(\d+)\.(\d+)\s-\s(\d+)\.(\d+)\.(\d+)\.(\d+)$/) { local $start = (($2*1000+$3)*1000+$4)*1000+$5; local $end = (($6*1000+$7)*1000+$8)*1000+$9; if ($IPsum >= $start && $IPsum <= $end) { $arin_new = $arin_q }; } if ($server eq 'whois.arin.net' && $x =~ /^\s+([a-zA-Z]{2}|[A-Z]{3,}|[A-Z]{1}[a-z]+|[A-Z]{1}[a-z]+\s[A-Z]{1}[a-z]+)$/ && !$arin_new) { $country = $1; } if ($server eq 'whois.arin.net' && $x =~ /^\s+?[a-zA-Z\s]+,?\s+[A-Z]{2}\s+\d{5}(-\d{4})?$/ && !$arin_new) { $country = 'us'; } if ($server eq 'whois.arin.net' && $x =~ /\s([a-zA-Z0-9\-\.\_]+\@(\[?)([a-zA-Z0-9\-\.\_]+\.([a-zA-Z]{2,4}))(\]?))$/ && !$arin_new) { $domain = $3; } if (($server eq 'whois.ripe.net' || $server eq 'whois.apnic.net') && $x =~ /^country:\s+?([a-zA-Z]+?)$/) { $country = $1; } if (($server eq 'whois.ripe.net' || $server eq 'whois.apnic.net') && $x =~ /^e-mail:\s+?([a-zA-Z0-9\-\.\_]+\@(\[?)([a-zA-Z0-9\-\.\_]+\.([a-zA-Z]{2,4}))(\]?))$/ && !$domain) { $domain = $3; } if (($server eq 'whois.ripe.net' || $server eq 'whois.apnic.net') && $x =~ /^changed:\s+?([a-zA-Z0-9\-\.\_]+\@(\[?)([a-zA-Z0-9\-\.\_]+\.([a-zA-Z]{2,4}))(\]?))\s\d{8}$/ && !$domain) { $changed = $3; } } if ($arin_new) { $sock = IO::Socket::INET->new("$server:43") || die &fail; print $sock "$arin_new\n"; @output=<$sock>; close $sock; chop(@output); goto velreiz; } foreach $x (@output){ print $x . "\n"; } if (!$domain) { $domain = $changed; } $country =~ tr/A-Z/a-z/; $country =~ s/^([a-z])/\u$1/; $domain =~ tr/A-Z/a-z/; print "Country: $country\n"; print "Domain: $domain"; return $out; }