Category Archives: miscellany

infosec miscellany programming python technical

Bing IP Search via Python

Some time ago I wrote a small python script to search and parse out results from an IP: search on Bing. You can get it from the githib repo here. I had to work around some odd/broken behaviour from Bing along the way.

The Bing IP: operator allows you to search for an IP address and return results from any sites sharing that IP. Can be useful, but it was clunky to do manually so I wrote a script to do it all in the console.

I haven’t used it in years but recently thought to dust it off to publish on gitHub, and after searching through some old folders I dug out the most recent version I could find. It needed updating to Python 3 which was a simple matter of updating a few lines to print(), but I noticed some other problems which took longer to debug.

Firstly, the script worked but the result set was really short. After some manual testing I discovered this was due to some apparent bug/faults with Bing itself which have developed since I first wrote the script.

In general, the Bing IP search seems to be quite neglected: if you visit the default search form at bing.com and enter ip:204.79.197.200 – (bing.com) – for example, it returns an empty page (really empty – a blank, 0kb http response body). Removing all but the actual query parameter from the url string causes the page to render, so you end up with a url like this which works:

https://www.bing.com/search?q=ip%3A204.79.197.200

Which is what the script uses.

The main problem however was the truncated results set. The script tries to load more pages but beyond the first page they are empty – even with the parameter stripping hack which works on the first page, the rest are back to an empty response. It turns out that to load additional results pages, the additional URL parameter ‘first’ is required (eg first=11 – start from result 11) and it appears that more than one parameter used with ‘ip:’ alone in the query string breaks the site.

I confirmed this behaviour with a simple test which resulted in an empty response:

https://www.bing.com/search?q=ip%3A204.79.197.200&foo=bar

So it seems something is definitely breaking on the bing backend, and it happens when IP: is used as the query plus additional GET params; however I found that everything worked as expected as long as IP: was not the only search term in the query parameter itself. I still wanted just the results from the ip search without any modifiers/filters, so I tested out some Bing search operators and came up with these workarounds which resulted in all pages loading as advertised:

  • () ip:204.79.197.200
  • ip:204.79.197.200 OR ip:204.79.197.200
  • +ip:204.79.197.200

The () operator means (include these search terms). I left it blank to see what the behaviour was: it seemed to partially work so far as working around the page loading bug. Same with the OR operator, although both of these returned less results than the last one I tried (+) so I stuck with that.

The (+) operator simply means ‘this term must be included’. Seems redundant with only one search term, and I wasn’t sure how it would behave when applied to another search operator, but it worked and returned more results than the previous attempts so I settled on that.

You can check it out on github.

miscellany

High Powered Tesla Coil Demonstration

Traveled down south on the weekend to see a live demonstration of High Voltage Tesla Coils in action: a 2 hour drive but well worth it. It was a small invite only group at the Tesla guy Peters house, where it was being filmed for a show on the Dutch TV network “Veronica TV”. (Previously it has been filmed for Discovery Channel, and apparently there are more film crews on the way).

There were a couple of very interesting aspects of the demonstrations, firstly the high power electric arcs being generated, and secondly the safe handling of said arcs by Peter the Tesla guy and the TV show presenter – they had these huge arcs from the coils terminating on steel rods being held, as well as on a metal cage with a person inside, on a steel glove, and even a tinfoil hat worn on the person whilst immersed in the family pool. This was made safe by making sure the circuit was constantly grounded through nice fat copper cables and/or the water of the pool – so while it looked like the arcs were millimeters from frying the humans involved, the current was actually happier to literally follow the path of least resistance (the copper, instead of the human).

Pretty amazing stuff to watch, I’m really glad I went. You can see photos and videos of this and more of the projects Peter has done on his website: www.tesladownunder.com – well worth a look.