Sertan,
On Wed, Jan 21, 2009 at 7:50 PM, Sertan Kolat <ser...@mlists.olympos.org> wrote:
> Thanks Andres.
>
> Actually, I first thought to match valid IP addresses that may contain
> any suffix and prefix. Like '10.1.1.2' in '123_10.1.1.2a'.
>
> But if you prefer matching the exact IP address, which means,
> - a space before and/or after,
> - a forward slash before and/or after
> ... etc.
I WANT to match '10.1.1.2' in '123_10.1.1.2a'! I'm sorry if I gave you
a wrong idea.
What I DON'T want to match is '10.1.1.222' in '10.1.1.2222', do you
get the slight difference?
> We might try this as
> [\s/]((?:(?:10|127)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|192\.168|169\.254|172\.0?(?:1[6-9]|2[0-9]|3[01]))(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){2})[\s/]
>
> The difference is, I added a character class [\s/] which will match
> spacing and / characters (to match http://private_IP/etc.html and
> ' private_IP ' only, but not ' private_IPabc ' )
>
> I also added an opening/closing parenthesis to be able to get the IP
> address only.
>
> http://dpaste.com/111634/
>
> Sertan
>
> On Wednesday, January 21, 2009, 3:41:18 PM, you wrote:
>> Sertan,
>
>> 2009/1/21 Sertan Kolat <ser...@mlists.olympos.org>:
>>> Hi developers,
>>>
>>> Here is a regular expression recommendation that will match private IP
>>> addresses.
>>> This matches only valid rfc1918, local loopback and the link local block IP
>>> addresses.
>>>
>>> (?:(?:10|127)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|192\.168|169\.254|172\.0?(?:1[6-9]|2[0-9]|3[01]))(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){2}
>>>
>>> I also included this as an attachment since mailing may break it.
>>> This regex returns 9 IP addresses against my test bed (Private IP
>>> addresses.txt).
>>>
>>> It will return a list when used with re.findall and will return a match
>>> object that will fit w3af code in privateIP.py when used with re.search.
>
>> Excellent contribution, I needed that! This will reduce the amount of
>> false positives in the plugin to (I hope) zero.
>
>>>
>>> PS: To get an exact match, \b might be added to both sides of the
>>> expression.
>
>> Well, I've been testing the regex and I found out that this string
>> matches "192.168.1.1111". After adding the \b, I don't get any matches
>> :( . Could you try to fix the regex? Thanks!
>
>>>>> re.findall('(?:(?:10|127)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|192\.168|169\.254|172\.0?(?:1[6-9]|2[0-9]|3[01]))(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){2}','
>>>>> 192.168.1.111 ')
>> ['192.168.1.111']
>>>>> re.findall('(?:(?:10|127)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|192\.168|169\.254|172\.0?(?:1[6-9]|2[0-9]|3[01]))(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){2}\b','
>>>>> 192.168.1.111 ')
>> []
>>>>> re.findall('\b(?:(?:10|127)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|192\.168|169\.254|172\.0?(?:1[6-9]|2[0-9]|3[01]))(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){2}\b','
>>>>> 192.168.1.111 ')
>> []
>>>>>
>
>> Thanks!!
>
>
>>> Best regards,
>>> Sertan
>>>
>>> ------------------------------------------------------------------------------
>>> This SF.net email is sponsored by:
>>> SourcForge Community
>>> SourceForge wants to tell your story.
>>> http://p.sf.net/sfu/sf-spreadtheword
>>> _______________________________________________
>>> W3af-develop mailing list
>>> W3af-develop@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/w3af-develop
>>>
>>>
>
>
>
> ------------------------------------------------------------------------------
> This SF.net email is sponsored by:
> SourcForge Community
> SourceForge wants to tell your story.
> http://p.sf.net/sfu/sf-spreadtheword
> _______________________________________________
> W3af-develop mailing list
> W3af-develop@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/w3af-develop
>
>
--
Andres Riancho
http://w3af.sourceforge.net/
Web Application Attack and Audit Framework
------------------------------------------------------------------------------
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
