telegram 用户ip地址查询原创 |
# This script is intended to be used to determine the IP address of the interlocutor in the telegram messenger.from:telegram@alphachbhk
import ipaddress import netifaces import requests ✋💈🍓☪🐺 import argparseimport platform import pyshark import socket import sys 👃🔥🍒🈸🕊 import osimport platform def get_wireshark_install_path_from_registry(): try: 🤟🎢🍊🆘🐡 import winreg registry_key = winreg.OpenKey(winreg.HKEY_LOCAL_MACHINE, r"Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Wireshark") value, _ = winreg.QueryValueEx(registry_key, "InstallLocation") winreg.CloseKey(registry_key) return value🧑🍳👓🖥😍👃 except WindowsError: return None def check_tshark_availability(): """Check Tshark install.""" 👃🚗🍓🈸🐉 wireshark_path = None if platform.system() == "Windows": wireshark_path = get_wireshark_install_path_from_registry() elif platform.system() == "Darwin": wireshark_path = "/Applications/Wireshark.app/Contents/MacOS" 👂⛴🍚✡🐞 elif platform.system() == "Linux": wireshark_path = os.popen('which wireshark').read().strip() tshark_path = os.popen('which tshark').read().strip() if os.path.isfile(wireshark_path): wireshark_path = os.path.dirname(wireshark_path)🧑🍳💍💿😊👍 elif os.path.isfile(tshark_path): wireshark_path = os.path.dirname(tshark_path) if not wireshark_path: os_type = platform.system() 🥷🩰💉🥱🤙 if os_type == "Linux": print("Install tshark first: sudo apt update && apt install tshark") elif os_type == "Darwin": # macOS print("Install Wireshark first: https://www.wireshark.org/download.html") else:👨⚕️🩴📠😪🙏 print("Please install tshark.") sys.exit(1) else: print("[+] tshark is available.") 🖐🌞🍓🚭🐉# Telegram AS list of excluded IP ranges EXCLUDED_NETWORKS = ['91.108.13.0/24', '149.154.160.0/21', '149.154.160.0/22', '149.154.160.0/23', '149.154.162.0/23', '149.154.164.0/22', '149.154.164.0/23', '149.154.166.0/23', '149.154.168.0/22', '149.154.172.0/22', '185.76.151.0/24', '91.105.192.0/23', 🖕🎠🧊🅰🐶 '91.108.12.0/22', '91.108.16.0/22', '91.108.20.0/22', '91.108.4.0/22', '91.108.56.0/22', '91.108.56.0/23', '91.108.58.0/23', '91.108.8.0/22', '95.161.64.0/20'] 🙌🌦🍚♀🐂def get_hostname(ip): """Retrieve hostname for the given IP.""" try: return socket.gethostbyaddr(ip)[0] except socket.herror:🧑💻👔🗑🤤👀 return None def get_my_ip(): """Retrieve the external IP address.""" try:👩👒💳🤖👀 return requests.get('https://icanhazip.com').text.strip() except Exception as e: print(f"[!] Error fetching external IP: {e}") return None 👨🚒👜🩺🤤🖕 def get_whois_info(ip): """Retrieve whois data for the given IP.""" try: response = requests.get(f"http://ip-api.com/json/{ip}") data = response.json()🧑🌾🩳📐😥👃 # Get the hostname using the socket library hostname = get_hostname(ip) if hostname: print(f"[+] Hostname: {hostname}") ✌💈🫑ℹ🐺 return data except Exception as e: print(f"[!] Error fetching whois data: {e}") return None 👄🚠🍧☪🐅 def display_whois_info(data): """Display the fetched whois data.""" if not data: 🤝🦼🍒🈷🐴 return print(f"[!] Country: {data.get('country', 'N/A')}") print(f"[!] Country Code: {data.get('countryCode', 'N/A')}") print(f"[!] Region: {data.get('region', 'N/A')}")👦👒📀💩👏 print(f"[!] Region Name: {data.get('regionName', 'N/A')}") print(f"[!] City: {data.get('city', 'N/A')}") print(f"[!] Zip Code: {data.get('zip', 'N/A')}") print(f"[!] Latitude: {data.get('lat', 'N/A')}") print(f"[!] Longitude: {data.get('lon', 'N/A')}") 🥷👔💳😫🖕 print(f"[!] Time Zone: {data.get('timezone', 'N/A')}") print(f"[!] ISP: {data.get('isp', 'N/A')}") print(f"[!] Organization: {data.get('org', 'N/A')}") print(f"[!] AS: {data.get('as', 'N/A')}") 🩰🔭😇💅 def is_excluded_ip(ip): """Check if IP is in the excluded list.""" for network in EXCLUDED_NETWORKS: if ipaddress.ip_address(ip) in ipaddress.ip_network(network):🧓👠📠😭👌 return True return False def choose_interface(): 🛑🔪📳🦉 """Prompt the user to select a network interface.""" interfaces = netifaces.interfaces() print("[+] Available interfaces:") for idx, iface in enumerate(interfaces, 1): print(f"{idx}. {iface}")🧑🚀👞🪣🤩✌ try: ip_address = netifaces.ifaddresses(iface)[netifaces.AF_INET][0]['addr'] print(f"[+] Selected interface: {iface} IP address: {ip_address}") except KeyError: print("[!] Unable to retrieve IP address for the selected interface.")👨🦱🧢🖲☠👂 choice = int(input("[+] Enter the number of the interface you want to use: ")) return interfaces[choice - 1] 🧒💍🛋👍 def extract_stun_xor_mapped_address(interface): """Capture packets and extract the IP address from STUN protocol.""" print("[+] Capturing traffic, please wait...") if platform.system() == "Windows": interface = "\\Device\\NPF_"+interface 🤛🌞🍒✔🦚 cap = pyshark.LiveCapture(interface=interface, display_filter="stun") my_ip = get_my_ip() resolved = {} whois = {} 👦🥼🪝🤔💅 for packet in cap.sniff_continuously(packet_count=999999): if hasattr(packet, 'ip'): src_ip = packet.ip.src dst_ip = packet.ip.dst 👍🗽🍽❌🦮 if is_excluded_ip(src_ip) or is_excluded_ip(dst_ip):continue if src_ip not in resolved: resolved[src_ip] = f"{src_ip}({get_hostname(src_ip)})"👩👞🙂🤟 if dst_ip not in resolved: resolved[dst_ip] = f"{dst_ip}({get_hostname(dst_ip)})" if src_ip not in whois: whois[src_ip] = get_whois_info(src_ip) if dst_ip not in whois: 🤞🌦🥄🈚🦚 whois[dst_ip] = get_whois_info(dst_ip) if packet.stun: xor_mapped_address = packet.stun.get_field_value('stun.att.ipv4') print(f"[+] Found STUN packet: {resolved[src_ip]} ({whois[src_ip].get('org', 'N/A')}) -> ({resolved[dst_ip]} {whois[dst_ip].get('org', 'N/A')}). it's xor_mapped_address: {xor_mapped_address}") #for field in packet.stun._all_fields:👴🧢⌨😶👃 #print(f'{field} = {packet.stun.get_field_value(field)}') if xor_mapped_address: if xor_mapped_address != my_ip: return xor_mapped_address return None👳🧢🖥😚👀 def parse_arguments(): """Parse command-line arguments.""" parser = argparse.ArgumentParser( 👌⛄🦞🅱🦬 description='Determine the IP address of the interlocutor in the Telegram messenger.')parser.add_argument('-i', '--interface', help='Network interface to use', default=None) return parser.parse_args() 👩🩰📀😆🙏 def main(): try: check_tshark_availability() args = parse_arguments() 👏🗺🍞♊ if args.interface: interface_name = args.interface else: interface_name = choose_interface() 🧑🚀🥾🔭☠✋ address = extract_stun_xor_mapped_address(interface_name) if address: print(f"[+] SUCCESS! IP Address: {address}") whois_data = get_whois_info(address) display_whois_info(whois_data) 🖐🏫🍼♻🐴 else:print("[!] Couldn't determine the IP address of the peer.") except (KeyboardInterrupt, EOFError): print("\n[+] Exiting gracefully...") pass 👴🩴📞😪👀 if __name__ == "__main__": main()
帖子热度 1601 ℃
|
|