proxytools

- collection of scripts for harvesting & testing proxies
git clone git://git.acid.vegas/proxytools.git
Log | Files | Refs | Archive | README | LICENSE

submit.sh (5158B)

      1 #!/bin/bash
      2 # syntax: dronebl-submit.sh [bantype [host|IP|datafile [host|IP|datafile [etc.]]]
      3 # where datafile contains one host or IP per line.
      4 # This script will sort | uniq datafiles and query for existing active listings, so
      5 # duplicate entries are no problem.
      6 #
      7 # dependencies: bash, wget, standard GNU utils (host / sed / grep / sort / etc)
      8 #
      9 # Version history:
     10 # 2.1 -- fixed a logic error; removed the removal of /tmp/dronebl-*.xml files on error
     11 # 2.0 -- completely rewritten for RPC2 (although argument syntax is backward-
     12 # compatible)
     13 
     14 RPCKEY="/etc/fail2ban/dronebl.rpckey"  # key, or path to file containing rpckey
     15 REPORT_TO="https://dronebl.org/RPC2"
     16 
     17 ### end of user variables ###
     18 
     19 if [ ! -w "/tmp" ]; then
     20 	echo "Unable to write to /tmp.  Please ensure the disk is not full, and that this account has appropriate permissions."
     21 	exit 1
     22 fi
     23 
     24 if [ -f "$RPCKEY" ]; then 
     25 	if [ -r "$RPCKEY" ]; then
     26 		RPCKEY=`cat $RPCKEY`
     27 	else
     28 		echo "RPC key in $RPCKEY is unreadable.  Exiting."
     29 		exit 1
     30 	fi
     31 fi
     32 
     33 function wash {  # wash <hostname> -- sets $IP by reference
     34 	ADDR=$1
     35 	TEST=`echo "${ADDR}." | grep -E "^([0-9]{1,3}\.){4}$"`
     36 	if [ "$TEST" ]; then
     37 		VALID=0
     38 	else
     39 		VALID=1
     40 	fi
     41 
     42 	if [ "$VALID" = "1" ]; then
     43 		echo -n "Looking up $ADDR... "
     44 		ADDR=`host $ADDR | grep -E -o -e '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$'`
     45 		TEST=`echo "${ADDR}." | grep -E "^([0-9]{1,3}\.){4}$"`
     46 		if [ "$TEST" ]; then
     47 			echo "$ADDR"
     48 		else
     49 			echo "Unable to resolve.  Skipping."
     50 			return 1
     51 		fi		
     52 	fi
     53 	eval "IP=$ADDR"
     54 	return 0
     55 }
     56 
     57 function rinse {  # rinse <bantype> -- if bantype is contained in the deprecated list, exit
     58 	DEPRECATED=( 4 11 12 )
     59 	for dep in ${DEPRECATED[@]}; do
     60 		if [ "$BANTYPE" == "$dep" ]; then
     61 			echo "Bantype $BANTYPE has been deprecated.  The DroneBL is probably not the appropriate listing service for this sort of activity.  Please visit us on irc.atheme.org in #dronebl if you believe otherwise.  Exiting."
     62 			exit 1
     63 		fi
     64 	done
     65 }
     66 
     67 function checkerror {  #checkerror <xmlfile> -- prints error messages from xml and exits
     68 	ERROR=`grep -i error $1`
     69 	if [ "$ERROR" ]; then
     70 		ERROR=`grep '<code>' $1 | sed -r -e 's/<[^>]*>//g' -e 's/^\s*//g'`
     71 		ERROR="$ERROR: `grep '<message>' $1 | sed -r -e 's/<[^>]*>//g' -e 's/^\s*//g'`"
     72 		echo "The server returned an error ($ERROR) -- see /tmp/dronebl-query.xml and /tmp/dronebl-response.xml for full details."
     73 		exit 1
     74 	fi
     75 }
     76 
     77 if [ "$2" = "" ]; then
     78 	echo -n 'Syntax:
     79 '$0' [bantype [host|IP|datafile [host|IP|datafile [etc.]]]]
     80 
     81 Types are as follows:
     82 2 = Sample
     83 3 = IRC Drone
     84 4 = Tor exit node (deprecated)
     85 5 = Bottler
     86 6 = Unknown spambot or drone
     87 7 = DDOS Drone
     88 8 = SOCKS Proxy
     89 9 = HTTP Proxy
     90 10 = ProxyChain
     91 11 = Machines and netblocks compromised or owned by MediaDefender (deprecated)
     92 12 = Trolls (deprecated)
     93 13 = Brute force attackers
     94 14 = Open Wingate
     95 15 = Open Router
     96 255 = Unknown
     97 
     98 Which type? '
     99 	read BANTYPE
    100 	rinse $BANTYPE
    101 	echo -n "What's the hostname / IP address? "
    102 	read ADDR
    103 	wash $ADDR
    104 	if [ $? ]; then
    105 		IPLIST[0]=$IP
    106 	else
    107 		echo "Unable to resolve $ADDR.  Exiting."
    108 		exit 1
    109 	fi
    110 else
    111 	rinse $1
    112 	args=($@)
    113 	echo "A little housekeeping..."
    114 	for (( x=1; x<${#args[@]}; x++ )); do
    115 		if [ "${args[$x]}" != "" ]; then
    116 			filename="${args[$x]}"
    117 			if [ ! -r "$filename" ]; then filename="$PWD/${args[$x]}"; fi
    118 			if [ -r "$filename" ]; then
    119 				for i in `sort -u $PWD/${args[$x]}`; do
    120 					wash $i
    121 					if [ $? ]; then IPLIST[${#IPLIST[@]}]=$IP; fi
    122 				done
    123 			else
    124 				wash ${args[$x]}
    125 				if [ $? ]; then IPLIST[${#IPLIST[@]}]=$IP; fi
    126 			fi
    127 		fi
    128 	done
    129 	IPLIST=( `for (( x=0; x<${#IPLIST[@]}; x++ )) ; do echo ${IPLIST[$x]}; done | sort -u` )
    130 	BANTYPE=$1
    131 fi
    132 
    133 POSTFILE="/tmp/dronebl-query.xml"
    134 RESPONSEFILE="/tmp/dronebl-response.xml"
    135 
    136 echo "Housekeeping finished.  Working with ${#IPLIST[@]} unique, valid addresses."
    137 if [ ${#IPLIST[@]} -eq 0 ]; then
    138 	echo "No hosts to report.  Exiting."
    139 	exit 0
    140 fi
    141 
    142 echo "Checking for exiting entries... "
    143 echo "<?xml version=\"1.0\"?>
    144 <request key='"$RPCKEY"'>" >$POSTFILE
    145 for i in ${IPLIST[@]}; do
    146 	echo "	<lookup ip='$i' />" >>$POSTFILE
    147 done
    148 echo "</request>" >>$POSTFILE
    149 wget -q --post-file="$POSTFILE" -O "$RESPONSEFILE" --header="Content-Type: text/xml" $REPORT_TO
    150 checkerror $RESPONSEFILE
    151 grepfor='type="'$BANTYPE'"'
    152 for i in `grep 'listed="1"' $RESPONSEFILE | grep $grepfor | grep -E -o -e '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | sort -u`; do
    153 	IPLIST=( ${IPLIST[@]%%$i} )
    154 	echo "$i is already active in the DroneBL database as ban type $BANTYPE.  Removing."
    155 done
    156 
    157 if [ ${#IPLIST[@]} -eq 0 ]; then
    158 	echo "No hosts to report.  Exiting."
    159 	exit 0
    160 elif [ ${#IPLIST[@]} -eq 1 ]; then
    161 	echo -n "Reporting ${IPLIST[@]} as ban type $BANTYPE... "
    162 else
    163 	echo -n "Reporting ${#IPLIST[@]} hosts as ban type $BANTYPE... "
    164 fi
    165 echo "<?xml version=\"1.0\"?>
    166 <request key='"$RPCKEY"'>" >$POSTFILE
    167 for i in ${IPLIST[@]}; do
    168 	if [ "`echo ${i}. | grep -E '^([0-9]{1,3}\.){4}$'`" != "" ]; then echo "	<add ip='$i' type='$BANTYPE' />" >>$POSTFILE; fi
    169 done
    170 echo "</request>" >>$POSTFILE
    171 wget -q --post-file="$POSTFILE" -O "$RESPONSEFILE" --header="Content-Type: text/xml" $REPORT_TO
    172 checkerror $RESPONSEFILE
    173 echo "done."
    174 rm -f /tmp/dronebl*.xml
    175 exit 0