Network Condom

by Sh0kwave

The Internet is full of STDs - make that malware: exploit kits, drive-by downloads, redirects, Cross-Site Scripting (XSS), malnet nodes.  (Try Nmap on 221.130.179.36.)

If you want to do a little exploration of the seedier side of the Internet, it makes sense to take precautions.  Use a little protection, as it were.

This little Python script lets you explore safely.

You won't be using a risky web browser - you'll be making raw network socket connections.  Honestly, you can do something similar with Netcat, but if you want to dip your toe into Python, and you don't want to enter a bunch of long command lines, give this a try.

Create a file called NetCondom.py and enter the following:

import socket

ip = raw_input("IP: ")
port = int(raw_input("Port: "))

try:
       s = socket.socket()
       s.settimeout(5)
       s.connect((ip, port))
       s.send("HEAD / HTTP/1.0\r\n\r\n")
       result = s.recv(1024)
       s.close()
       print(str(result))
except Exception, e:
       print(str(e))

Save it, then run it with:

$ python2 ./NetCondom.py
IP: 184.105.226.26
Port: 80
HTTP/1.1 302 Found
Date: Tue, 25 Apr 2023 05:41:35 GMT
Server: Apache
Location: https://www.2600.com/
Connection: close
Content-Type: text/html; charset=iso-8859-1

When prompted, enter the IP address and port you want to explore, and see what you get back.  Whatever it is, you won't infect yourself with malware because it is just going to be a string.

How do you know what to explore?  Try some scans with Nmap:

$ nmap -sV (IP range)

How do you find an IP address from a URL?  Use nslookup, or DiG:

$ nslookup www.2600.com
Server:		209.18.47.62
Address:	209.18.47.62#53

Non-authoritative answer:
Name:	www.2600.com
Address: 184.105.226.26

$ dig www.2600.com

; <<>> DiG 9.18.12-1-Debian <<>> www.2600.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15095
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.2600.com.			IN	A

;; ANSWER SECTION:
www.2600.com.		2807	IN	A	184.105.226.26

;; Query time: 36 msec
;; SERVER: 209.18.47.62#53(209.18.47.62) (UDP)
;; WHEN: Tue Apr 25 00:42:39 CDT 2023
;; MSG SIZE  rcvd: 57

Happy, safe, exploring!

Code: NetCondom.py

Return to $2600 Index