Data hosted with ♥ by Pastebin.com - Download Raw - See Original
  1. import urllib2
  2. import re
  3. import sys
  4.  
  5. # parsetor.py script to detect TOR IPs in access_log files
  6. # www.securitybydefault.com
  7.  
  8. url="https://exitlist.torproject.org/exit-addresses"
  9. page =urllib2.urlopen(url)
  10. data=page.read()
  11.  
  12. arraydata = data.split("\n")
  13.  
  14. ips = []
  15.  
  16. for text in arraydata:
  17.    
  18.     regex = re.findall( r'[0-9]+(?:\.[0-9]+){3}', text )
  19.    
  20.     strdata = ', '.join(regex)
  21.    
  22.     if strdata is not None and strdata not in ips:
  23.         ips.append(strdata)
  24.        
  25.  
  26. LogFile = sys.argv[1]
  27.  
  28. file = open(LogFile, "r")
  29.  
  30. for LOG in file.readlines():
  31.    
  32.     regex = re.findall( r'^[0-9]+(?:\.[0-9]+){3}', LOG )
  33.    
  34.     strdata = ', '.join(regex)
  35.    
  36.     if strdata in ips:
  37.        
  38.         print LOG