Comments on: Strategic Hacking: GEOIP

By: GeoIP Country to IP | DC802

GeoIP Country to IP | DC802 — Thu, 01 Apr 2010 13:20:30 +0000

[...] use http://www.country2ip.com/index.php. For your more heavy use you’ll want to check out http://www.gnucitizen.org/blog.....ing-geoip/ and http://www.morningstarsecurity.....h/geoipgen. That last two cover a variety of command [...]

By: pagvac

pagvac — Thu, 11 Mar 2010 22:49:16 +0000

@Andrew: thank you for sharing your project with us! please keep us up to date with any significant feature additions to GeoIPgen.

You might also be interested in taking a look at http://www.country2ip.com/

By: Andrew Horton

Andrew Horton — Thu, 11 Mar 2010 05:49:21 +0000

I’ve published a tool that uses this technique and only just found out about your similar research from a post on the full disclosure mailing list.

GeoIPgen is a tool for country to IP resolution written in ruby. It can produce IPs for 1 or a set of countries in ascending or random order, producing unique IPs with low overhead :)

It has proved useful when penetration testing to reverse resolve an entire country in order to discover networks or IPs the client forgets to mention.

It’s available here, http://www.morningstarsecurity.....h/geoipgen

By: pdp

pdp — Thu, 29 Jan 2009 22:14:26 +0000

all fixed now!

By: pdp

pdp — Thu, 20 Nov 2008 17:24:32 +0000

yes, there are tones of bugs laying around since we moved. I will fix this now. thanks for the feedback.

By: Ricky

Ricky — Thu, 20 Nov 2008 15:42:20 +0000

Links seem to be broken on this page for the script an ppt file

By: pdp

pdp — Sun, 17 Feb 2008 10:13:16 +0000

ok, I have to look into this. I think that they have changed the positions of the CSV columns. Just rearrange the columns or better yet modify the script to outline these changes.

By: ricky

ricky — Sun, 17 Feb 2008 10:05:26 +0000

Seems some changes on how the ip database is being held has been made since the last time I ran the script my files come out in the form of

country-11.0.0.0.csv
country-112.63.162.116.csv
country-112.63.162.120.csv
country-112.63.162.148.csv
country-114.0.0.0.csv
country-116.0.0.0.csv
country-116.0.128.0.csv
country-116.0.16.0.csv
country-116.0.24.0.csv
country-116.0.32.0.csv
country-116.0.64.0.csv
country-116.0.64.128.csv
country-116.0.64.192.csv
country-116.0.64.224.csv
country-116.0.64.240.csv
country-116.0.64.64.csv
country-116.0.65.0.csv

If only I had backed them upbefore like I ment to. ./R B

By: RHW

RHW — Sun, 25 Nov 2007 19:32:22 +0000

This is a cool idea. I scanned around for about 10 minutes and found about 5 boxes with open ports. What is the default user/pass for the slingboxes? I can’t find any info on their website.

By: Strategic GeoIP Hacking and TV Streaming Theft | GNUCITIZEN

Strategic GeoIP Hacking and TV Streaming Theft | GNUCITIZEN — Fri, 16 Nov 2007 14:22:12 +0000

[...] wrote a script (do.sh) that downloads Maxmind’s free GeoIP database and parses the IP ranges of all [...]

By: IP2Country php script | Websecurity.ro

IP2Country php script | Websecurity.ro — Sat, 10 Nov 2007 15:09:57 +0000

[...] read on gnucitizen that they played around with a ip2country database. I took a database and started playing with [...]

By: pdp

pdp — Sun, 14 Oct 2007 06:18:38 +0000

cybergoth, cool… I need to look at this!

By: cybergoth

cybergoth — Sat, 13 Oct 2007 20:42:14 +0000

I’m using ripe.net Europe RIRâ€™s db to extract net blocks for entire country. You can check it at ftp://ftp.ripe.net/pub/stats/ripencc/2007

By: vindic

vindic — Sat, 13 Oct 2007 17:44:18 +0000

pdp i have theyr’s db, have too bins of cc. i am providing payments services and trying protect us for fraud. i am looking for any way or stuff which can more protect ours customers.

By: pdp

pdp — Sat, 13 Oct 2007 08:38:51 +0000

vindic, what do you need this for? I mean Maxmind have a free database you can use for most things that come to mind.

By: vindic

vindic — Sat, 13 Oct 2007 00:09:54 +0000

pdp will you sell this, or make a new service? if you can make more accurate db, then why you dont use it for protection of websites? i will be first in list who will buy it, because is very very usefull

By: pdp

pdp — Fri, 12 Oct 2007 21:04:03 +0000

yep, this is the one. although, as I mentioned in the post, the database is not 100% accurate, not to mention the fact that the interesting ranges are simple not even included.

By: Dfcnvt

Dfcnvt — Fri, 12 Oct 2007 21:00:48 +0000

http://www.maxmind.com/app/city

By: Dfcnvt

Dfcnvt — Fri, 12 Oct 2007 20:59:50 +0000

Now that you have the country of all it’s ip address. What about the state in US or perhap the county in state?