Whois 簡(jiǎn)單來(lái)說,就是一個(gè)用來(lái)查詢域名是否已經(jīng)被注冊(cè),以及注冊(cè)域名的詳細(xì)信息的數(shù)據(jù)庫(kù)(如域名所有人、域名注冊(cè)商、域名注冊(cè)日期和過期日期等)。通過域名Whois服務(wù)器查詢,可以查詢域名歸屬者聯(lián)系方式,以及注冊(cè)和到期時(shí)間。通常情況下,whois信息均為真實(shí)信息,通過whois信息可以找到域名注冊(cè)人的很多真實(shí)信息,像電話,郵箱,NS記錄,是對(duì)網(wǎng)站進(jìn)行社工非常好的信息來(lái)源,對(duì)于安全從業(yè)人員來(lái)說,快速獲取whois信息,能夠幫助自己掌握目標(biāo)網(wǎng)站的很多有用信息。
而whois信息通常是保存在各級(jí)域名注冊(cè)機(jī)構(gòu)中,平常我們要查詢whois信息都是通過godaddy、name.com、萬(wàn)網(wǎng)、新網(wǎng)等域名注冊(cè)商網(wǎng)站通過查詢頁(yè)面提交域名進(jìn)行查詢,既慢又不能批量查詢,太費(fèi)勁了,這里我就把我珍藏很久的一個(gè)PS function貢獻(xiàn)給大家,這個(gè)腳本支持140多種后綴的域名進(jìn)行查詢,尤其是一些生僻的域,找一個(gè)能支持這個(gè)域注冊(cè)的注冊(cè)商就不容易了,現(xiàn)在你不需要再為這個(gè)事情發(fā)愁了。
老規(guī)矩,先上代碼,然后對(duì)關(guān)鍵操作進(jìn)行解釋:
=====文件名:Get-whois.ps1===== function Get-WhoIs {<# Author:fuhj(powershell#live.cn ,http://fuhaijun.com) # Does a raw WHOIS query and returns the results # The simplest whois search #.Example # get-whois dnspod.com # # This example is one that forwards to a second whois server ... #.Example # get-whois baidu.com -NoForward # # Returns the partial results you get when you don't follow forwarding to a new whois server # get-whois n 128.11.5.98 -server whois.arin.net # # Does an ip lookup at arin.net #> [CmdletBinding()] param( # The query to send to WHOIS servers [Parameter(Position=0, ValueFromRemainingArguments=$true)] [string]$query, # A specific whois server to search [string]$server, # Disable forwarding to new whois servers [switch]$NoForward ) end { $TLDs = DATA { @{ ".com"= "whois.verisign-grs.com","whois.crsnic.net" ".net"= "whois.verisign-grs.com","whois.crsnic.net" ".org"= "whois.pir.org","whois.publicinterestregistry.net" ".info"= "whois.afilias.info","whois.afilias.net" ".biz"= "whois.neulevel.biz" ".us"= "whois.nic.us" ".uk"= "whois.nic.uk" ".ca"= "whois.cira.ca" ".tel"= "whois.nic.tel" ".ie"= "whois.iedr.ie","whois.domainregistry.ie" ".it"= "whois.nic.it" ".li"= "whois.nic.li" ".no"= "whois.norid.no" ".cc"= "whois.nic.cc" ".eu"= "whois.eu" ".nu"= "whois.nic.nu" ".au"= "whois.aunic.net","whois.ausregistry.net.au" ".de"= "whois.denic.de" ".ws"= "whois.worldsite.ws","whois.nic.ws","www.nic.ws" ".sc"= "whois2.afilias-grs.net" ".mobi" = "whois.dotmobiregistry.net" ".pro"= "whois.registrypro.pro","whois.registry.pro" ".edu"= "whois.educause.net","whois.crsnic.net" ".tv"= "whois.nic.tv","tvwhois.verisign-grs.com" ".travel" = "whois.nic.travel" ".name" = "whois.nic.name" ".in"= "whois.inregistry.net","whois.registry.in" ".me"= "whois.nic.me","whois.meregistry.net" ".at"= "whois.nic.at" ".be"= "whois.dns.be" ".cn"= "whois.cnnic.cn","whois.cnnic.net.cn" ".edu.cn"="whois.edu.cn" ".asia"= "whois.nic.asia" ".ru"= "whois.ripn.ru","whois.ripn.net" ".ro"= "whois.rotld.ro" ".aero" = "whois.aero" ".fr"= "whois.nic.fr" ".se"= "whois.iis.se","whois.nic-se.se","whois.nic.se" ".nl"= "whois.sidn.nl","whois.domain-registry.nl" ".nz"= "whois.srs.net.nz","whois.domainz.net.nz" ".mx"= "whois.nic.mx" ".tw"= "whois.apnic.net","whois.twnic.net.tw" ".ch"= "whois.nic.ch" ".hk"= "whois.hknic.net.hk" ".ac"= "whois.nic.ac" ".ae"= "whois.nic.ae" ".af"= "whois.nic.af" ".ag"= "whois.nic.ag" ".al"= "whois.ripe.net" ".am"= "whois.amnic.net" ".as"= "whois.nic.as" ".az"= "whois.ripe.net" ".ba"= "whois.ripe.net" ".bg"= "whois.register.bg" ".bi"= "whois.nic.bi" ".bj"= "www.nic.bj" ".br"= "whois.nic.br" ".br.com"="whois.centralnic.net" ".eu.org"="whois.eu.org" ".bt"= "whois.netnames.net" ".by"= "whois.ripe.net" ".bz"= "whois.belizenic.bz" ".cd"= "whois.nic.cd" ".ck"= "whois.nic.ck" ".cl"= "nic.cl" ".coop"= "whois.nic.coop" ".cx"= "whois.nic.cx" ".cy"= "whois.ripe.net" ".cz"= "whois.nic.cz" ".dk"= "whois.dk-hostmaster.dk" ".dm"= "whois.nic.cx" ".dz"= "whois.ripe.net" ".ee"= "whois.eenet.ee" ".eg"= "whois.ripe.net" ".es"= "whois.ripe.net" ".fi"= "whois.ficora.fi" ".fo"= "whois.ripe.net" ".gb"= "whois.ripe.net" ".ge"= "whois.ripe.net" ".gl"= "whois.ripe.net" ".gm"= "whois.ripe.net" ".gov"= "whois.nic.gov" ".gr"= "whois.ripe.net" ".gs"= "whois.adamsnames.tc" ".hm"= "whois.registry.hm" ".hn"= "whois2.afilias-grs.net" ".hr"= "whois.ripe.net" ".hu"= "whois.ripe.net" ".il"= "whois.isoc.org.il" ".int"= "whois.isi.edu" ".iq"= "vrx.net" ".ir"= "whois.nic.ir" ".is"= "whois.isnic.is" ".je"= "whois.je" ".jp"= "whois.jprs.jp" ".kg"= "whois.domain.kg" ".kr"= "whois.nic.or.kr" ".la"= "whois2.afilias-grs.net" ".lt"= "whois.domreg.lt" ".lu"= "whois.restena.lu" ".lv"= "whois.nic.lv" ".ly"= "whois.lydomains.com" ".ma"= "whois.iam.net.ma" ".mc"= "whois.ripe.net" ".md"= "whois.nic.md" ".mil"= "whois.nic.mil" ".mk"= "whois.ripe.net" ".ms"= "whois.nic.ms" ".mt"= "whois.ripe.net" ".mu"= "whois.nic.mu" ".my"= "whois.mynic.net.my" ".nf"= "whois.nic.cx" ".pl"= "whois.dns.pl" ".pr"= "whois.nic.pr" ".pt"= "whois.dns.pt" ".sa"= "saudinic.net.sa" ".sb"= "whois.nic.net.sb" ".sg"= "whois.nic.net.sg" ".sh"= "whois.nic.sh" ".si"= "whois.arnes.si" ".sk"= "whois.sk-nic.sk" ".sm"= "whois.ripe.net" ".st"= "whois.nic.st" ".su"= "whois.ripn.net" ".tc"= "whois.adamsnames.tc" ".tf"= "whois.nic.tf" ".th"= "whois.thnic.net" ".tj"= "whois.nic.tj" ".tk"= "whois.nic.tk" ".tl"= "whois.domains.tl" ".tm"= "whois.nic.tm" ".tn"= "whois.ripe.net" ".to"= "whois.tonic.to" ".tp"= "whois.domains.tl" ".tr"= "whois.nic.tr" ".ua"= "whois.ripe.net" ".uy"= "nic.uy" ".uz"= "whois.cctld.uz" ".va"= "whois.ripe.net" ".vc"= "whois2.afilias-grs.net" ".ve"= "whois.nic.ve" ".vg"= "whois.adamsnames.tc" ".yu"= "whois.ripe.net" } } $EAP, $ErrorActionPreference = $ErrorActionPreference, "Stop" $query = $query.Trim() if($query -match "(?:/d{1,3}/.){3}/d{1,3}") { Write-Verbose "IP Lookup!" if($query -notmatch " ") { $query = "n $query" } if(!$server) { $server = "whois.arin.net" } } elseif(!$server) { $server = $TLDs.GetEnumerator() | Where { $query -like ("*"+$_.name) } | Select -Expand Value | Get-Random } if(!$server) { $server = "whois.arin.net" } $maxRequery = 3 do { Write-Verbose "Connecting to $server" $client = New-Object System.Net.Sockets.TcpClient $server, 43 try { $stream = $client.GetStream() Write-Verbose "Sending Query: $query" $data = [System.Text.Encoding]::Ascii.GetBytes( $query + "`r`n" ) $stream.Write($data, 0, $data.Length) Write-Verbose "Reading Response:" $reader = New-Object System.IO.StreamReader $stream, [System.Text.Encoding]::ASCII $result = $reader.ReadToEnd() if($result -match "(?s)Whois Server:/s*(/S+)/s*") { Write-Warning "Recommended WHOIS server: ${server}" if(!$NoForward) { Write-verbose "Non-Authoritative Results:`n${result}" # cache, in case we can't get an answer at the forwarder if(!$cachedResult) { $cachedResult = $result $cachedServer = $server } $server = $matches[1] $query = ($query -split " ")[-1] $maxRequery-- } else { $maxRequery = 0 } } else { $maxRequery = 0 } } finally { if($stream) { $stream.Close() $stream.Dispose() } } } while ($maxRequery -gt 0) $result if($cachedResult -and ($result -split "`n").count -lt 5) { Write-Warning "Original Result from ${cachedServer}:" $cachedResult } $ErrorActionPreference = $EAP } }函數(shù)里定義了三個(gè)參數(shù),兩個(gè)[string]類型,一個(gè)[switch]類型,分別用于接收要進(jìn)行whois查詢的域名,指定whois域名服務(wù)器,以及是否允許將查詢請(qǐng)求轉(zhuǎn)發(fā)到其他域名解析服務(wù)器。隨后創(chuàng)建了一個(gè)枚舉值的哈希表,目的是用于存儲(chǔ)不同域名后綴和whois服務(wù)器的對(duì)應(yīng)關(guān)系,因?yàn)椴煌挠蛎缶Y對(duì)應(yīng)的域名信息是存儲(chǔ)在不同的服務(wù)器上的。需要強(qiáng)調(diào)的是像.com、.net、.org、.info這幾個(gè)注冊(cè)量特別大的域名后綴指定了多個(gè)whois服務(wù)器,避免查詢量過大無(wú)法有效返回結(jié)果的問題。
接下來(lái)通過New-Object創(chuàng)建一個(gè)System.Net.Sockets.TcpClient的TCP對(duì)象,連接上面指定的whois服務(wù)器的43端口用于查詢whois信息,在通過一個(gè)System.IO.StreamReader對(duì)象接收whois信息返回的數(shù)據(jù),并對(duì)數(shù)據(jù)進(jìn)行解析。除此之外再加上try{}cache{}finally{}進(jìn)行容錯(cuò)處理,在數(shù)據(jù)解析是也用到了正則表達(dá)式用于匹配目標(biāo)字符串。
程序的運(yùn)行方法有如下四種:
get-whois dnspod.com
先看看dnspod在被騰訊收購(gòu)后有沒有更改whois信息,貌似鵝廠沒有改過
get-whois jd.com 主站蜘蛛池模板: 一级做a爱性色毛片免费1 | 国产成人自拍视频在线 | 国产精品区一区二区三区 | 毛片网站网址 | 久久美女色视频 | 色视频在线观看 | 激情视频在线播放 | 久久久国产精品免费观看 | 免费视频xxxx | 久久久久免费精品国产小说色大师 | 加勒比色综合 | 久久久久久久久国产 | 美女av在线免费观看 | 久久国产精品电影 | 欧美毛片 | 中文字幕激情视频 | 欧美一区二区黄色 | 香蕉视频18 | 精品久久久久久久久久久久久久久久久久久 | 黄色网址免费进入 | 毛片一级免费看 | 亚洲视频成人 | 日韩美香港a一级毛片免费 日韩激情 | 久草最新网址 | 中午字幕无线码一区2020 | 国产日韩在线观看一区 | 国产毛片网 | 青青草成人免费视频在线 | 色综合久久久久久久粉嫩 | 青草视频在线观看视频 | 日本黄色a视频 | 免费在线观看成年人视频 | 看毛片电影 | 免费视频aaa | 最近日本电影hd免费观看 | 国产精品久久久久久久久久三级 | 暴力肉体进入hdxxxx0 | 日本一区二区在线 | 国产精品中文在线 | 久久久国产精品视频 | 毛片a片|