对于禁止网络的滥用者(恶意软件下载器(的项目。
我们需要获取IP的唯一列表,以便我们的软件可以自动将其在门口造成任何损坏之前将其阻止。
情况如下:
我们在URL上有以下数据的数据:(例如:https://urlhaus.abuse.ch/feeds/asn/14061/(
WebData:
# Dateadded (UTC),URL,URL_status,Threat,Tags,Host,IPaddress,number,Country
"2019-08-01 05:05:02","http://185.240.25.99/sparc","offline","malware_download","gafgyt|exploit|elf","185.240.25.99","185.204.25.99","14258","NL"
"2019-08-01 05:04:03","http://185.240.25.99/sh4","offline","malware_download","gafgyt|elf","185.240.25.99","185.240.25.99","14258","NL"
"2019-08-01 05:03:04","http://185.240.25.99/i686","offline","malware_download","elf|gafgyt|exploit","185.240.25.99","185.240.25.99","14258","NL"
"2019-08-01 05:03:02","http://185.240.25.99/mips","offline","malware_download","gafgyt|elf","185.240.25.99","185.240.25.99","14258","NL"
"2019-08-01 05:02:03","http://185.240.25.99/i586","offline","malware_download","gafgyt|elf","185.240.25.99","185.240.25.99","14258","NL"
"2019-07-31 14:06:10","http://185.240.25.115/dll/driver_update_service.sh4","online","malware_download","mirai|elf","185.240.25.115","185.240.25.115","14258","NL"
"2019-07-31 14:06:08","http://185.240.25.115/dll/driver_update_service.m68k","online","malware_download","mirai|elf","185.240.25.115","185.240.25.115","14258","NL"
"2019-07-31 14:06:06","http://185.240.25.115/dll/driver_update_service.ppc","online","malware_download","elf","185.240.25.115","185.240.25.115","14258","NL"
我想要的是返回IP部分的唯一行。
该页面应仅与以下唯一的IP相呼应:
185.240.25.99
185.240.25.115
您的文件是 CSV file(逗号分隔(。需要跳过前11行,可以将其视为标头。因此,我已经开始从第12行扫描它。
尝试在下面检查:
$row = 1;
$result = [];
if (($handle = fopen("https://urlhaus.abuse.ch/feeds/asn/14061/", "r")) !== FALSE) {
while (($data = fgetcsv($handle, 1000, ",")) !== FALSE)
{
if($row < 12){ $row++; continue; }
$row++;
if ( !empty($data[5]) && !empty($data[6]))
{
if (!empty($data[5]))
array_push($result, $data[5]);
if (!empty($data[6]))
array_push($result, $data[6]);
}
}
echo "<pre>";
$test = (array_unique(array_values($result)));
foreach ($test as $key => $val) {
echo $val."<br>";
fclose($handle);
}