-
Notifications
You must be signed in to change notification settings - Fork 0
/
checkaip
71 lines (65 loc) · 1.98 KB
/
checkaip
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
#!/bin/bash
#Comprobar información sobre IP
# -rep: comprobar reputación en abuseipdb
# -vpn: comprobar si está asociada a VPN/VPS/Proxy en spur.us
# usage:
# checkaip -rep my_IPlist.txt
if [ "$#" -ne 2 ] ; then
echo
echo "Error: Illegal number of arguments."
echo
exit 1
fi
if [ "$1" = "-rep" ] ; then
echo "Check IP reputation"
echo
while read line
do
url=https://www.abuseipdb.com/check/$line
#curl writes the output to stderr, so redirect that and also suppress the progress to grep the html
#sed cleans html tags
#curl --silent $url 2>&1 | grep "was first reported on" | sed -e 's/<[^>]*>//g'
match1=$(curl --silent $url | grep "This IP was reported" | sed -e 's/<[^>]*>//g' )
#Check the
if [ ${#match1} -gt 1 ] ; then
#He tenido que separar las siguientes dos queries porque se hacían de forma asíncrona automáticamente
#ineficiente de cojones 3 peticiones lo sé, pero tengo prisa
match2=$(curl --silent $url | grep "distinct source" | sed -e 's/<[^>]*>//g' )
match3=$(curl --silent $url | grep -E "first reported|most recently reported" | sed -e 's/<[^>]*>//g' )
echo "$line:"
echo "$match1"
echo "$match2"
echo "$match3"
echo
else
echo "$line:"
echo "No bad reputation for $line in abuseipdb. Possible FP."
echo
fi
done<$2
else
if [ "$1" = "-vpn" ] ; then
echo "Check for hosting assotiations for IP"
echo
while read line
do
url=https://spur.us/context/$line
match1=$(curl --silent $url | grep -o -E ".*anonymization network" | sed -e 's/<[^>]*>//g' )
if [ ${#match1} -gt 1 ] ; then
checko=$(curl --silent $url | grep -A 2 -E "This IP is owned by .*")
isp=$(grep -o -E "This IP is owned by .*" <<< "$checko" )
echo "$line:"
echo -n "$match1. "
echo -n "$isp "
echo $(echo "$checko" | grep -v "owned")
else
echo "$line:"
echo -e "\tNo association for $line in spur.us. Possible FP."
fi
done<$2
else
echo
echo "Usage: checkaip [-vpn/-rep] my_IPlist.txt"
echo
fi
fi