Pages: [1]

Author Topic: [Python] Omegle IP tracking script  (Read 2207 times)

0 Members and 1 Guest are viewing this topic.

Offline cr4zi8

  • Serf
  • *
  • Posts: 29
  • Cookies: 26
    • View Profile
[Python] Omegle IP tracking script
« on: August 01, 2015, 06:30:04 pm »
This is a quick script that sniffs UDP packets looking for things that look like Omegle video stream packets then uses GeoIP to track them. You can obviously modify this to use premium GeoIP and GeoIP2 very easily I just do not own those products.

Code: (python) [Select]
from __future__ import print_function
import pcapy
import GeoIP
from impacket.ImpactDecoder import *

gi = GeoIP.open("/usr/local/share/GeoIP/GeoLiteCity.dat", GeoIP.GEOIP_STANDARD)
ips=[]
dev="";
ips.append("192.168.1.100")
ips.append("192.168.1.1")
def track(ip):
    for sr in ips:
        if ip==sr:
            return
    gir=gi.record_by_addr(ip)
    ips.append(ip)
    if gir is not None:
        print(str(gir))
        print(ip)
print("Devices:")
devices = pcapy.findalldevs()
for d in devices :
    print("\t- "+d)
dev = raw_input('Enter device name: ')
cap = pcapy.open_live(dev , 1024 , 1 , 0)
cap.setfilter('udp')

def recv_pkts(hdr, data):
    p= EthDecoder().decode(data)
    packet=str(p)
    count=0
    for item in packet.split("\n"):
        count+=1
    #print(count)
    #print(packet)
    if count==67:
        #print packet.splitlines()[1];
        if (packet.splitlines()[1])[0:5] == "IP DF":
            track((packet.splitlines()[1])[6:(packet.splitlines()[1]).index('>')-2])
        else:
            track((packet.splitlines()[1])[3:(packet.splitlines()[1]).index('>')-2])




track("1.1.1.1")
packet_limit = -1
cap.loop(packet_limit,recv_pkts)

Currently reworking a traceroute solution to get dest-1 for more reliable state codes in the US. Will add that as soon it is finished.

N.B. Seems there has been some confusion on what is necessary to run this so here is a requirement list:

Python 2.x
Pcapy: http://www.coresecurity.com/corelabs-research/open-source-tools/pcapy
Impacket: http://www.coresecurity.com/corelabs-research/open-source-tools/impacket
Python GeoIP api: https://pypi.python.org/pypi/GeoIP/
GeoIP: http://dev.maxmind.com/geoip/legacy/geolite/


« Last Edit: August 02, 2015, 08:25:07 pm by cr4zi8 »
Report to moderator   Logged

Offline g14diator

  • NULL
  • Posts: 4
  • Cookies: -2
    • View Profile
Re: [Python] Omegle IP tracking script
« Reply #1 on: October 14, 2015, 12:54:57 pm »
Nice, didn't know geoip existed! Usually i would use wireshark to obtain the ip address and use some ip tracking websites.
Report to moderator   Logged
Pages: [1]