IpGeo/ipGeo.py

import pyshark
import requests
import csv
from colorama import Fore
from datetime import date

def read_pcap(pcap_file):
	ips = []
	try:
		pcap = pyshark.FileCapture(pcap_file)
		print(Fore.GREEN + "[+] Pcap File is valid")
		for packet in pcap:
			if "IP" in packet: 
				ips.append(packet.ip.src) 
				ips.append(packet["ip"].dst)
		
		ips_list(ips)

	except FileNotFoundError:
		exit(Fore.RED + '[!] Pcap path is incorrect')


def ips_list(ips):
	ips_lists = []
	aborted_ips = []
	for ip in ips :
		if ip not in ips_lists and '192.168.' not in ip:
			ips_lists.append(ip)
		elif ip not in aborted_ips and '192.168.' in ip:
			aborted_ips.append(ip)
	for ip in aborted_ips:
		print(Fore.YELLOW + "[!] Remove " + Fore.RED + ip + Fore.YELLOW + ' From Scaning')
	#call get ip info function
	if len(ips_lists) <1:
		exit(Fore.RED + "[-] No ip to scan. ")
	get_ip_info(ips_lists)


def get_ip_info(list_ip):
	data = []
	for ip in list_ip:
		
		print(Fore.YELLOW + "[+] Start analyzing IP : " + ip )
		try:
			req = requests.get("http://ip-api.com/json/"+ip+"?fields=status,message,country,countryCode,region,regionName,city,zip,lat,lon,timezone,isp,org,,query").content.decode()
			if "message" not in req:
				data.append(req)
		except requests.exceptions.ConnectionError:
			exit(Fore.RED + "Check your internet connection and try again ....")
	dic_data = []
	for i in data:
		l = eval(i)
		dic_data.append(l)
	export_result(dic_data)


def export_result(data):
	for i in data:
		i['ip'] = i.pop('query') 
		i = i.pop('status')
	fieldnames = []
	for i in data[0].keys():
		fieldnames.append(i)
	with open('scan_result-'+str(date.today())+'.csv', 'w', encoding='UTF8', newline='') as f:
		writer = csv.DictWriter(f, fieldnames=fieldnames)
		writer.writeheader()
		writer.writerows(data)
	print(Fore.GREEN + "\n  **Report Exported Succesfully!**")
 
pcap_path = input("[-] Enter pcap file: ")

ips = read_pcap(pcap_path)
Add files via upload 2022-07-26 11:01:36 +00:00			`import pyshark`
			`import requests`
			`import csv`
			`from colorama import Fore`
			`from datetime import date`

			`def read_pcap(pcap_file):`
			`ips = []`
			`try:`
			`pcap = pyshark.FileCapture(pcap_file)`
			`print(Fore.GREEN + "[+] Pcap File is valid")`
			`for packet in pcap:`
			`if "IP" in packet:`
			`ips.append(packet.ip.src)`
			`ips.append(packet["ip"].dst)`

			`ips_list(ips)`

			`except FileNotFoundError:`
			`exit(Fore.RED + '[!] Pcap path is incorrect')`


			`def ips_list(ips):`
			`ips_lists = []`
			`aborted_ips = []`
			`for ip in ips :`
			`if ip not in ips_lists and '192.168.' not in ip:`
			`ips_lists.append(ip)`
			`elif ip not in aborted_ips and '192.168.' in ip:`
			`aborted_ips.append(ip)`
			`for ip in aborted_ips:`
			`print(Fore.YELLOW + "[!] Remove " + Fore.RED + ip + Fore.YELLOW + ' From Scaning')`
			`#call get ip info function`
			`if len(ips_lists) <1:`
			`exit(Fore.RED + "[-] No ip to scan. ")`
			`get_ip_info(ips_lists)`


			`def get_ip_info(list_ip):`
			`data = []`
			`for ip in list_ip:`

			`print(Fore.YELLOW + "[+] Start analyzing IP : " + ip )`
			`try:`
			`req = requests.get("http://ip-api.com/json/"+ip+"?fields=status,message,country,countryCode,region,regionName,city,zip,lat,lon,timezone,isp,org,,query").content.decode()`
			`if "message" not in req:`
			`data.append(req)`
			`except requests.exceptions.ConnectionError:`
			`exit(Fore.RED + "Check your internet connection and try again ....")`
			`dic_data = []`
			`for i in data:`
			`l = eval(i)`
			`dic_data.append(l)`
			`export_result(dic_data)`


			`def export_result(data):`
			`for i in data:`
			`i['ip'] = i.pop('query')`
			`i = i.pop('status')`
			`fieldnames = []`
			`for i in data[0].keys():`
			`fieldnames.append(i)`
			`with open('scan_result-'+str(date.today())+'.csv', 'w', encoding='UTF8', newline='') as f:`
			`writer = csv.DictWriter(f, fieldnames=fieldnames)`
			`writer.writeheader()`
			`writer.writerows(data)`
			`print(Fore.GREEN + "\n Report Exported Succesfully!")`

			`pcap_path = input("[-] Enter pcap file: ")`

			`ips = read_pcap(pcap_path)`