Using the Linux CLI for open source intelligence gathering can be pretty powerful. Let me show you some examples:
I am using Ubuntu 18.x for below outputs (debian based).
Shodan
sudo pip3 install shodan
shodan host 172.217.167.67
shodan host [IP] command searches what shodan’s database knows about an IP address.
IPinfo
From the cli run the following:
nikon@theinsecurewire:~#curl ipinfo.io/172.217.167.67
{
"ip": "172.217.167.67",
"hostname": "syd15s06-in-f3.1e100.net",
"city": "New York City",
"region": "New York",
"country": "US",
"loc": "40.7143,-74.0060",
"org": "AS15169 Google LLC",
"postal": "10004",
"timezone": "America/New_York",
"readme": "https://ipinfo.io/missingauth"
Output is returned in json format so you can script it with jq
.
Install jq and create a text file of IPs:
nikon@theinsecurewire:~#apt install jq
nikon@theinsecurewire:~#touch ips.txt
nikon@theinsecurewire:~#for ip in $(cat ips.txt); do echo -n "$ip: "; curl -s ipinfo.io/$ip | jq .org; done
nikon@theinsecurewire:~#172.217.167.67: "AS15169 Google LLC"
nikon@theinsecurewire:~#172.217.167.68: "AS15169 Google LLC"
nikon@theinsecurewire:~#172.217.167.69: "AS15169 Google LLC"
As you can see above those IP’s below to the Google AS 15169.
Comments