Monday, June 16, 2014

Compare 2 Lists of IP Addresses

Created this python script to look for an IP Address in one list and find it in a reputation IP list.


import os

with open("tempIP.list", "r") as f1:
        lines1 = f1.readlines()

with open("reputation.list", "r") as f2:
        lines2 = f2.readlines()

for line in lines1:
        for item in lines2:
                if line.strip('\n') in item.strip('\n'):
                        print item

Friday, June 6, 2014

Which URL matches a Particular Regular Expression

I needed a quick tool to check and see which regular expression a particular URL matched.  Below is what I came up with which is simple and elegant:


# This script is to detect based on a given URL which Regular Expression that it matches

import re
#Get the URL
url = raw_input('URL: ')
#print url

ListRegEx = [["http:\/\/[^\x2f]+?\/([a-z0-9]{2}\/)?\??[0-9a-f]{5}[\x3b\d\x2c]*", "Malicious URL"],
                ["http:\/\/[^\x0a]+\/6?2p\/[a-z]{12}", "Malicious URL"]]

for itemRegEx in ListRegEx:
        regexp = re.compile(itemRegEx[0])
        if is not None:
                print "Matched " + itemRegEx[1]


Prepare, Bait, Hook, Execute and Control - Buffer Overflows

This post is the third of four that I am planning to write about social engineering specifically about phishing.  The form of phishing that...