Do you know, on this planet there is a company who maintains a database of every IP address
on this planet with complete GPS coordinate, area code, zip code, country. With the help of this you can easily trace IP address .
MaxMind charges $1400/yr for this database.
It also provides a free developers version of this database without any software or tools to read it.
Jennifer Ennis and T. Williams, have developed a small Python script called pygeoip and
released it under the GPL license that enables us to input an IP address and output this critical information.
1. Open the terminal in the Kali or any linux distribution you have.
2. Download the Database
Now we need to download the database from MaxMind to trace IP address we need this, and we can get it by typing the following.
get -N -q http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
3. Unzip it using this command
gzip -d GeoLiteCity.dat.gz
4. Download & Install Pygeoip
Next, we need to install the Python script to read the database, pygeoip. We can download it by typing the following.
Then, unzip it. Type
5. We need to download some setup tools in the Pygeoip directory
6. Let’s now move and then build and install the setup tools.
Type these commands
mv setuptools-0.6c11-py2.5.egg setuptools-0.7a1-py2.5.egg
python setup.py build
7. We need to move the database to the pygeoip directory so that script can access it without having to use the full path.
8. Query the Database
Now that we have the database in place and the pygeoip script downloaded and installed, we can begin to query that database with pygeoip.
First, we need to start a Python shell.
Then, you will be greeted will the triple >>> indicating you are now in an interactive python shell. Let’s import the module and instantiate the class.
>>>gip = pygeopip.GeoIP(‘GeoLiteCity.dat’)
Next, we are ready to begin our query. Let’s see where Google is located.
>>>rec = gip.record_by_addr(‘TheIPAddress‘)
>>>for key.val in rec.items():
… print “%s: %s” %(key,val)
Please note that it is critical to indent the “print”. If not, you will throw an error.
Type the IP you want to locate in place of ‘TheIPAddress‘
And you will get the exact location.