Open in app

Sign in

Write

Sign in

Reverse IP Engineering

Priya Kalyanakrishnan
4 min readFeb 27, 2021

--

Have you ever wondered if there are other domains on a particular IP (internet protocol) address?

This tutorial is reminiscent of prior topics the concept can apply to any relevant situation.

Building off of previous articles: Python Programming Tkinter and general misfortunate events. Here is another plausible method of finding domain names on the same IP address, sometimes referred to as reverse IP engineering.

Usually, the most preferred computing language to use is Python.

Requirements:

  • Prior programming experience or learning opportunities.
  • Basic internet terminology
  • Internet access
  • The current version of python(3.8 in this tutorial).
  • Any operating system with a Python version.
  • Downloading or installing programming libraries.
  • Terms used within context.

Major Goals:

  • Discover and explore reverse IP engineering from a positive perspective.
  • One of several solutions to avoid unlimited and continuous fraud.

Let’s get started with writing an HTML file from a domain name website.

Here, we use:

careers-massiveinsights.works

https://host.io/careers-massiveinsights.works for the URL in the code.

Assuming that the user already installed libraries.

*Note: if you are going to copy-and-paste, please ensure quotation marks and spaces are both accurately typed to avoid error messages.

Below is one way to retrieve web layers within a computing language and save them as an HTML file:

import pycurl
import certifi
from io import BytesIO

buffer = BytesIO()
c = pycurl.Curl()
with open('project.html', 'wb') as f:
 import pycurl
 import certifi
 from io import BytesIO
 buffer = BytesIO()
 c = pycurl.Curl()
 c.setopt(c.URL, 'https://host.io/careers-massiveinsights.works')
 c.setopt(c.WRITEDATA, f)
 c.setopt(c.FOLLOWLOCATION, True)
 c.setopt(c.CAINFO, certifi.where())
 c.perform()
 c.close()

If you are wondering what was going on in the code written above, here is a quick synopsis:

  • Imported necessary libraries.
  • Created a PyCurl connection.
  • Included an opportunity to save retrieved data as an HTML file.
  • Provided an option to allow HTTP and HTTPS URLs within search (both should typically work without errors). This code used the certificate verification line of code.
  • They also accommodated any redirects.

Next, read the file into beautiful beautifulBeautiful Soup with these lines of codes:

from bs4 import BeautifulSoup
with open('project.html') as fp:
 soup = BeautifulSoup(fp, 'html.parser')

After reading the file, find the class layer name. I identified the layer as ‘li’. I wanted to find all domain names. I did, with the following code:

soup.find_all('li')

Partial output appeared this way:

Partial output

A few more lines of code can display links within each displayed web layer shown above. Most of these links are other domain names on the IP address:

for link in soup.find_all('a'):
 print(link.get('href'))

What do ‘a’ and ‘href’ mean? They are the standardized layer subcategories for web coding.

Below, between “/docs#apidomainsfieldvalue”, are the domain names on the IP address “45.88.197.212”.

Partial output

If the above image confused you, here is a magnified version of the code:

Magnified Version

The domain name, “careers-massiveinsights.works,” is shown.

There you have it, reverse IP engineering.

Well, it was working while PyCurl was supported. It’s not well-supported anymore. So, here is an alternative.

As much of online forums may point out, the less-code intensive alternative to PyCurl is requests.

A code to substitute is simply found below.

import requests
x = requests.get('https://host.io/careers-massiveinsights.works', allow_redirects=True)
are = x.text

import io
data = io.StringIO()
data.write(are)
a1 = data.write(are)
a3 = data.getvalue()
print(a3)

For certificate validation, response <200> or <301> are also indications of valid certificates.

import requests

website = requests.get('https://host.io/careers-massiveinsights.works', allow_redirects=True, verify=True)
print(website)

BeautifulSoup portion works without loading in a separate external file, but rather a variable within.

from bs4 import BeautifulSoup
soup = BeautifulSoup(a3, 'html.parser')

soup.find_all('li')

for link in soup.find_all('a'):
  print(link.get('href'))

Supported alternatives that produce the same results.

Sources

Beautiful Soup Documentation - Beautiful Soup 4.9.0 documentation

Beautiful Soup is a Python library for pulling data out of HTML and XML files. It works with your favorite parser to…

www.crummy.com

Python Write to File - Open, Read, Append, and Other File Handling Functions Explained

Welcome Hi! If you want to learn how to work with files in Python, then this article is for you. Working with files is…

www.freecodecamp.org

Python Requests Module

Make a request to a web page, and print the response text: import requests x =…

www.w3schools.com

Python io - BytesIO, StringIO | DigitalOcean

Python io module allows us to manage the file-related input and output operations. The advantage of using the IO module…

www.digitalocean.com

Reverse Engineering
Internet Protocol
Python Programming
Pycurl
Beautifulsoup
Unlisted

--

--

Priya Kalyanakrishnan

Written by Priya Kalyanakrishnan

9 Followers

I am just a fan of a variety of subjects.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams