proxytools- collection of scripts for harvesting & testing proxies |
git clone git://git.acid.vegas/proxytools.git |
Log | Files | Refs | Archive | README | LICENSE |
submit.sh (5158B)
1 #!/bin/bash 2 # syntax: dronebl-submit.sh [bantype [host|IP|datafile [host|IP|datafile [etc.]]] 3 # where datafile contains one host or IP per line. 4 # This script will sort | uniq datafiles and query for existing active listings, so 5 # duplicate entries are no problem. 6 # 7 # dependencies: bash, wget, standard GNU utils (host / sed / grep / sort / etc) 8 # 9 # Version history: 10 # 2.1 -- fixed a logic error; removed the removal of /tmp/dronebl-*.xml files on error 11 # 2.0 -- completely rewritten for RPC2 (although argument syntax is backward- 12 # compatible) 13 14 RPCKEY="/etc/fail2ban/dronebl.rpckey" # key, or path to file containing rpckey 15 REPORT_TO="https://dronebl.org/RPC2" 16 17 ### end of user variables ### 18 19 if [ ! -w "/tmp" ]; then 20 echo "Unable to write to /tmp. Please ensure the disk is not full, and that this account has appropriate permissions." 21 exit 1 22 fi 23 24 if [ -f "$RPCKEY" ]; then 25 if [ -r "$RPCKEY" ]; then 26 RPCKEY=`cat $RPCKEY` 27 else 28 echo "RPC key in $RPCKEY is unreadable. Exiting." 29 exit 1 30 fi 31 fi 32 33 function wash { # wash <hostname> -- sets $IP by reference 34 ADDR=$1 35 TEST=`echo "${ADDR}." | grep -E "^([0-9]{1,3}\.){4}$"` 36 if [ "$TEST" ]; then 37 VALID=0 38 else 39 VALID=1 40 fi 41 42 if [ "$VALID" = "1" ]; then 43 echo -n "Looking up $ADDR... " 44 ADDR=`host $ADDR | grep -E -o -e '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$'` 45 TEST=`echo "${ADDR}." | grep -E "^([0-9]{1,3}\.){4}$"` 46 if [ "$TEST" ]; then 47 echo "$ADDR" 48 else 49 echo "Unable to resolve. Skipping." 50 return 1 51 fi 52 fi 53 eval "IP=$ADDR" 54 return 0 55 } 56 57 function rinse { # rinse <bantype> -- if bantype is contained in the deprecated list, exit 58 DEPRECATED=( 4 11 12 ) 59 for dep in ${DEPRECATED[@]}; do 60 if [ "$BANTYPE" == "$dep" ]; then 61 echo "Bantype $BANTYPE has been deprecated. The DroneBL is probably not the appropriate listing service for this sort of activity. Please visit us on irc.atheme.org in #dronebl if you believe otherwise. Exiting." 62 exit 1 63 fi 64 done 65 } 66 67 function checkerror { #checkerror <xmlfile> -- prints error messages from xml and exits 68 ERROR=`grep -i error $1` 69 if [ "$ERROR" ]; then 70 ERROR=`grep '<code>' $1 | sed -r -e 's/<[^>]*>//g' -e 's/^\s*//g'` 71 ERROR="$ERROR: `grep '<message>' $1 | sed -r -e 's/<[^>]*>//g' -e 's/^\s*//g'`" 72 echo "The server returned an error ($ERROR) -- see /tmp/dronebl-query.xml and /tmp/dronebl-response.xml for full details." 73 exit 1 74 fi 75 } 76 77 if [ "$2" = "" ]; then 78 echo -n 'Syntax: 79 '$0' [bantype [host|IP|datafile [host|IP|datafile [etc.]]]] 80 81 Types are as follows: 82 2 = Sample 83 3 = IRC Drone 84 4 = Tor exit node (deprecated) 85 5 = Bottler 86 6 = Unknown spambot or drone 87 7 = DDOS Drone 88 8 = SOCKS Proxy 89 9 = HTTP Proxy 90 10 = ProxyChain 91 11 = Machines and netblocks compromised or owned by MediaDefender (deprecated) 92 12 = Trolls (deprecated) 93 13 = Brute force attackers 94 14 = Open Wingate 95 15 = Open Router 96 255 = Unknown 97 98 Which type? ' 99 read BANTYPE 100 rinse $BANTYPE 101 echo -n "What's the hostname / IP address? " 102 read ADDR 103 wash $ADDR 104 if [ $? ]; then 105 IPLIST[0]=$IP 106 else 107 echo "Unable to resolve $ADDR. Exiting." 108 exit 1 109 fi 110 else 111 rinse $1 112 args=($@) 113 echo "A little housekeeping..." 114 for (( x=1; x<${#args[@]}; x++ )); do 115 if [ "${args[$x]}" != "" ]; then 116 filename="${args[$x]}" 117 if [ ! -r "$filename" ]; then filename="$PWD/${args[$x]}"; fi 118 if [ -r "$filename" ]; then 119 for i in `sort -u $PWD/${args[$x]}`; do 120 wash $i 121 if [ $? ]; then IPLIST[${#IPLIST[@]}]=$IP; fi 122 done 123 else 124 wash ${args[$x]} 125 if [ $? ]; then IPLIST[${#IPLIST[@]}]=$IP; fi 126 fi 127 fi 128 done 129 IPLIST=( `for (( x=0; x<${#IPLIST[@]}; x++ )) ; do echo ${IPLIST[$x]}; done | sort -u` ) 130 BANTYPE=$1 131 fi 132 133 POSTFILE="/tmp/dronebl-query.xml" 134 RESPONSEFILE="/tmp/dronebl-response.xml" 135 136 echo "Housekeeping finished. Working with ${#IPLIST[@]} unique, valid addresses." 137 if [ ${#IPLIST[@]} -eq 0 ]; then 138 echo "No hosts to report. Exiting." 139 exit 0 140 fi 141 142 echo "Checking for exiting entries... " 143 echo "<?xml version=\"1.0\"?> 144 <request key='"$RPCKEY"'>" >$POSTFILE 145 for i in ${IPLIST[@]}; do 146 echo " <lookup ip='$i' />" >>$POSTFILE 147 done 148 echo "</request>" >>$POSTFILE 149 wget -q --post-file="$POSTFILE" -O "$RESPONSEFILE" --header="Content-Type: text/xml" $REPORT_TO 150 checkerror $RESPONSEFILE 151 grepfor='type="'$BANTYPE'"' 152 for i in `grep 'listed="1"' $RESPONSEFILE | grep $grepfor | grep -E -o -e '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | sort -u`; do 153 IPLIST=( ${IPLIST[@]%%$i} ) 154 echo "$i is already active in the DroneBL database as ban type $BANTYPE. Removing." 155 done 156 157 if [ ${#IPLIST[@]} -eq 0 ]; then 158 echo "No hosts to report. Exiting." 159 exit 0 160 elif [ ${#IPLIST[@]} -eq 1 ]; then 161 echo -n "Reporting ${IPLIST[@]} as ban type $BANTYPE... " 162 else 163 echo -n "Reporting ${#IPLIST[@]} hosts as ban type $BANTYPE... " 164 fi 165 echo "<?xml version=\"1.0\"?> 166 <request key='"$RPCKEY"'>" >$POSTFILE 167 for i in ${IPLIST[@]}; do 168 if [ "`echo ${i}. | grep -E '^([0-9]{1,3}\.){4}$'`" != "" ]; then echo " <add ip='$i' type='$BANTYPE' />" >>$POSTFILE; fi 169 done 170 echo "</request>" >>$POSTFILE 171 wget -q --post-file="$POSTFILE" -O "$RESPONSEFILE" --header="Content-Type: text/xml" $REPORT_TO 172 checkerror $RESPONSEFILE 173 echo "done." 174 rm -f /tmp/dronebl*.xml 175 exit 0