Thanks Andres.
Actually, I first thought to match valid IP addresses that may contain
any suffix and prefix. Like '10.1.1.2' in '123_10.1.1.2a'.
But if you prefer matching the exact IP address, which means,
- a space before and/or after,
- a forward slash before and/or after
... etc.
We might try this as
[\s/]((?:(?:10|127)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|192\.168|169\.254|172\.0?(?:1[6-9]|2[0-9]|3[01]))(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){2})[\s/]
The difference is, I added a character class [\s/] which will match
spacing and / characters (to match http://private_IP/etc.html and
' private_IP ' only, but not ' private_IPabc ' )
I also added an opening/closing parenthesis to be able to get the IP
address only.
http://dpaste.com/111634/
Sertan
On Wednesday, January 21, 2009, 3:41:18 PM, you wrote:
> Sertan,
> 2009/1/21 Sertan Kolat <ser...@mlists.olympos.org>:
>> Hi developers,
>>
>> Here is a regular expression recommendation that will match private IP
>> addresses.
>> This matches only valid rfc1918, local loopback and the link local block IP
>> addresses.
>>
>> (?:(?:10|127)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|192\.168|169\.254|172\.0?(?:1[6-9]|2[0-9]|3[01]))(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){2}
>>
>> I also included this as an attachment since mailing may break it.
>> This regex returns 9 IP addresses against my test bed (Private IP
>> addresses.txt).
>>
>> It will return a list when used with re.findall and will return a match
>> object that will fit w3af code in privateIP.py when used with re.search.
> Excellent contribution, I needed that! This will reduce the amount of
> false positives in the plugin to (I hope) zero.
>>
>> PS: To get an exact match, \b might be added to both sides of the
>> expression.
> Well, I've been testing the regex and I found out that this string
> matches "192.168.1.1111". After adding the \b, I don't get any matches
> :( . Could you try to fix the regex? Thanks!
>>>> re.findall('(?:(?:10|127)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|192\.168|169\.254|172\.0?(?:1[6-9]|2[0-9]|3[01]))(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){2}','
>>>> 192.168.1.111 ')
> ['192.168.1.111']
>>>> re.findall('(?:(?:10|127)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|192\.168|169\.254|172\.0?(?:1[6-9]|2[0-9]|3[01]))(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){2}\b','
>>>> 192.168.1.111 ')
> []
>>>> re.findall('\b(?:(?:10|127)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|192\.168|169\.254|172\.0?(?:1[6-9]|2[0-9]|3[01]))(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){2}\b','
>>>> 192.168.1.111 ')
> []
>>>>
> Thanks!!
>> Best regards,
>> Sertan
>>
>> ------------------------------------------------------------------------------
>> This SF.net email is sponsored by:
>> SourcForge Community
>> SourceForge wants to tell your story.
>> http://p.sf.net/sfu/sf-spreadtheword
>> _______________________________________________
>> W3af-develop mailing list
>> W3af-develop@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/w3af-develop
>>
>>
[\s/]((?:(?:10|127)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|192\.168|169\.254|172\.0?(?:1[6-9]|2[0-9]|3[01]))(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){2})[\s/]------------------------------------------------------------------------------
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
