bpmcdevitt/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
dotfiles/bin/rblscan.sh

261 lines
6 KiB
Bash
Raw Normal View History

added bin dir, some scripts in there, and aliases, functions, and environment variable files
2016-10-15 08:29:29 -05:00
#!/bin/bash
# Scans IP against blocklists
# Enter the IP address to test it
# Uses input to define needed information
ADDRESS=$1
# Verifies address is correct format and length
if [[ $ADDRESS =~ ([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3}) ]] ; then
:
else
echo ""
echo "Please supply a valid address"
echo ""
echo "Usage: rblscan [ip address] <subnet in CIDR>" >&2
echo ""
exit 1
fi
# Creates needed variables
BACKADDRESS=$(echo $ADDRESS | sed -r 's/([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3})/\4.\3.\2.\1/')
REVERSE=$(dig -x $ADDRESS +short)
SUBNETCIDR=$2
# Subnet hosts based on CIDR
if [[ $SUBNETCIDR = 31 ]] ; then
SUBNETSPAN="2"
elif [[ $SUBNETCIDR = 30 ]] ; then
SUBNETSPAN="4"
elif [[ $SUBNETCIDR = 29 ]] ; then
SUBNETSPAN="8"
elif [[ $SUBNETCIDR = 28 ]] ; then
SUBNETSPAN="16"
elif [[ $SUBNETCIDR = 27 ]] ; then
SUBNETSPAN="32"
elif [[ $SUBNETCIDR = 26 ]] ; then
SUBNETSPAN="64"
elif [[ $SUBNETCIDR = 25 ]] ; then
SUBNETSPAN="128"
elif [[ $SUBNETCIDR = 24 ]] ; then
SUBNETSPAN="256"
elif [[ $SUBNETCIDR = 23 ]] ; then
SUBNETSPAN="512"
elif [[ $SUBNETCIDR = 22 ]] ; then
SUBNETSPAN="1024"
elif [[ $SUBNETCIDR = 21 ]] ; then
SUBNETSPAN="2048"
elif [[ $SUBNETCIDR = 20 ]] ; then
SUBNETSPAN="4096"
elif [[ $SUBNETCIDR = 19 ]] ; then
SUBNETSPAN="8192"
elif [[ $SUBNETCIDR = 18 ]] ; then
SUBNETSPAN="16384"
elif [[ $SUBNETCIDR = 17 ]] ; then
SUBNETSPAN="32768"
elif [[ $SUBNETCIDR = 16 ]] ; then
SUBNETSPAN="65536"
elif [[ -z $SUBNETCIDR ]] ; then
:
else
echo "Please supply a valid CIDR"
echo "/16 is the largest scannable range"
exit
fi
# List of RBLs
LISTS="
b.barracudacentral.org
bb.barracudacentral.org
bl.deadbeef.com
bl.emailbasura.org
bl.spamcannibal.org
bl.spamcop.net
blackholes.five-ten-sg.com
blacklist.woody.ch
bogons.cymru.com
cbl.abuseat.org
cdl.anti-spam.org.cn
cidr.bl.mcafee.com
combined.abuse.ch
combined.rbl.msrbl.net
db.wpbl.info
dnsbl-1.uceprotect.net
dnsbl-2.uceprotect.net
dnsbl-3.uceprotect.net
dnsbl.cyberlogic.net
dnsbl.inps.de
dnsbl.njabl.org
dnsbl.sorbs.net
drone.abuse.ch
drone.abuse.ch
duinv.aupads.org
dul.dnsbl.sorbs.net
dul.ru
dyna.spamrats.com
dynip.rothen.com
http.dnsbl.sorbs.net
images.rbl.msrbl.net
ips.backscatterer.org
ix.dnsbl.manitu.net
korea.services.net
misc.dnsbl.sorbs.net
noptr.spamrats.com
ohps.dnsbl.net.au
omrs.dnsbl.net.au
orvedb.aupads.org
osps.dnsbl.net.au
osrs.dnsbl.net.au
owfs.dnsbl.net.au
owps.dnsbl.net.au
pbl.spamhaus.org
phishing.rbl.msrbl.net
probes.dnsbl.net.au
proxy.bl.gweep.ca
proxy.block.transip.nl
psbl.surriel.com
rbl.interserver.net
rbl.megarbl.net
rdts.dnsbl.net.au
relays.bl.gweep.ca
relays.bl.kundenserver.de
relays.nether.net
residential.block.transip.nl
ricn.dnsbl.net.au
rmst.dnsbl.net.au
sbl.spamhaus.org
short.rbl.jp
smtp.dnsbl.sorbs.net
socks.dnsbl.sorbs.net
spam.abuse.ch
spam.dnsbl.sorbs.net
spam.rbl.msrbl.net
spam.spamrats.com
spamlist.or.kr
spamrbl.imp.ch
t3direct.dnsbl.net.au
tor.dnsbl.sectoor.de
torserver.tor.dnsbl.sectoor.de
ubl.lashback.com
ubl.unsubscore.com
virbl.bit.nl
virus.rbl.jp
virus.rbl.msrbl.net
web.dnsbl.sorbs.net
wormrbl.imp.ch
xbl.spamhaus.org
zen.spamhaus.org
zombie.dnsbl.sorbs.net
"
## Basic Functions ##
# All of the basic functions are here.
# Checks if you're scanning a range or not
function rangecheck {
if [[ -n "$SUBNETCIDR" ]] ; then
rangebuild
rangeoutput
rangescan
fi
}
# Builds range based on CIDR
function rangebuild {
ADDRLOCTET=$(echo $ADDRESS | sed -r 's/([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3})/\4/')
ADDRNET=$(echo $ADDRESS | sed -r 's/([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3})/\1.\2.\3./')
RANGEEND=$(expr $ADDRLOCTET + $SUBNETSPAN)
RANGELOCTS=$(seq $ADDRLOCTET $RANGEEND)
RANGEARRAY=$(for i in $RANGELOCTS ; do echo $ADDRNET$i ; done)
BACKRANGEARRAY=$(for RANGEARRA in ${RANGEARRAY} ; do echo ${RANGEARRA} | sed -r 's/([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3})/\4.\3.\2.\1/' ; done)
}
# Scans range
function rangescan {
for BACKRANGEARRA in ${BACKRANGEARRAY} ; do
for LIST in ${LISTS} ; do
if [[ $(dig +short ${BACKRANGEARRA}.${LIST}.) =~ 127.0.0.[2-50] ]] ; then
echo ""
echo $(echo $BACKRANGEARRA | sed -r 's/([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3})/\4.\3.\2.\1/') " is listed in $LIST"
fi
done
done
echo ""
echo "Scan completed!!!"
echo ""
exit
}
# Runs the check against the list of RBLs then prints a result if it is listed
function defaultscan {
for LIST in ${LISTS} ; do
if [[ $(dig +short ${BACKADDRESS}.${LIST}.) =~ 127.0.0.[2-50] ]] ; then
echo "Listed in ${LIST}"
fi
done
echo ""
echo "Scan completed!!!"
echo ""
}
# Begin Output
function defaultout {
echo ""
echo "+----------------------------------------------------------------------+"
echo ""
echo " IP Address is: " $ADDRESS
echo " Reverse DNS (if any) is: " $REVERSE
echo ""
echo "+----------------------------------------------------------------------+"
echo ""
echo ""
echo "Running query now, this may take some time..."
echo "If nothing comes up, you're not listed on known blacklists."
}
# Range Output
function rangeoutput {
echo ""
echo "+----------------------------------------------------------------------+"
echo ""
echo " Range scan started on: " $ADDRESS
echo " Subnet size: /"$SUBNETCIDR
echo ""
echo "+----------------------------------------------------------------------+"
echo ""
echo ""
echo "Running scan against this range, this may take some time..."
echo ""
echo "If nothing comes up, your range is not listed on known blocklists."
}
# Help Menu with -h
while getopts ":h" SWITCH; do
case $SWITCH in
h)
echo ""
echo "IP Blocklist checker" >&2
echo ""
echo "Usage: rblscan [ip address] <subnet in CIDR>" >&2
echo ""
exit 1
;;
\?)
echo ""
echo "Invalid option: -$OPTARG" >&2
echo "Please use -h for help" >&2
echo "Usage: rblscan [ip address] <subnet in CIDR>"
exit 1
;;
esac
done
rangecheck
defaultout
defaultscan
exit
Reference in a new issue Copy permalink