利用python探测谷歌搜索可用IP

原理是查询_netblocks.google.com域名的TXT记录,这个记录有大量网段的谷歌IP,再探测443端口开放的IP。不过探测出开放443端口的IP后,可能还要使用curl来检测是不是谷歌搜索的服务器。这一步需要与443端口ssl握手,但验证证书是否一致,使用python暂时写不出来,可以用curl https://www.google.com –resolve www.google.com:443:1.2.3.4,其中1.2.3.4为要探测的谷歌IP。
python脚本:

#!/usr/bin/python
# -*- coding:utf-8 -*-
'''
install modules:
pip install dnspython
'''

import dns.resolver
import struct, socket
import re
import sys
import threading
import Queue

threadLock = threading.Lock()
SHARE_Q = Queue.Queue()  
_WORKER_THREAD_NUM = 10
GLOBAL_COUNTER = 0

class MyThread(threading.Thread) :

    def __init__(self, func) :
        super(MyThread, self).__init__()
        self.func = func

    def run(self) :
        self.func()


def worker() :
    global SHARE_Q
    global GLOBAL_COUNTER
    while not SHARE_Q.empty():
        item = SHARE_Q.get()

        if check_port(item):
            with threadLock:
                print(item)
                GLOBAL_COUNTER += 1
                if GLOBAL_COUNTER >= 100:
                    sys.exit(0)

def get_txt_record(domain):
    answers = dns.resolver.query(domain, 'TXT')
    for rdata in answers:
        return str(rdata)


def get_ip_range_from_txt_record(txt_record):
    ip_range = []
    re_ret = re.findall(r'ip4:([^ ]+)', txt_record)
    for ip_mask in re_ret:
        ip_range.append(ip_mask)

    return ip_range

def get_ip_from_cidr(ip_range):
    ips = []
    for ip_mask in ip_range:
        (ip, cidr) = ip_mask.split('/')
        cidr = int(cidr) 
        host_bits = 32 - cidr
        i = struct.unpack('>I', socket.inet_aton(ip))[0] # note the endianness
        start = (i >> host_bits) << host_bits # clear the host bits
        end = i | ((1 << host_bits) - 1) 

        for i in range(start, end):
            ips.append(socket.inet_ntoa(struct.pack('>I',i)))

    return ips

def check_port(address, port=443):
    s=socket.socket()
    s.settimeout(1)  
    try:
        s.connect((address,port))
        return True
    except socket.error,e:
        return False

def main():
    txt_record = get_txt_record("_netblocks.google.com")
    ip_range = get_ip_range_from_txt_record(txt_record)
    ips = get_ip_from_cidr(ip_range)

    global SHARE_Q
    threads = []
    for task in ips :  
        SHARE_Q.put(task)

    for i in xrange(_WORKER_THREAD_NUM) :
        thread = MyThread(worker)
        thread.start()
        threads.append(thread)
    for thread in threads :
        thread.join()


if __name__ == '__main__':
    main()

shell脚本:


while read ip;do if curl -s -m 3 https://www.google.com.hk --resolve www.google.com.hk:443:$ip -o /dev/null;then echo $ip fi done < ip.txt