scan ip from a proxy scanner site

Post by **CrazyCat** » Sun Dec 25, 2022 8:47 am

Check https://tools.eggdrop.fr/privatebin/?40 ... 5DxPazBmet

I've added wlcountries variable, which is a list of countries code (I put NP for Nepal and FR for France, you can add more), modified the http query to add the countryCode in the answer and added a check to bypass the iplog proc if the IP come from one of the white-listed countries.

TimeRider · Post by **TimeRider** » Sun Dec 25, 2022 10:21 am

Thank you CrazyCat! The script is working as expected.

TimeRider · Post by **TimeRider** » Fri Jan 13, 2023 9:08 pm

Hello CrazyCat,

I am bumping this thread because I want to make 2 Anti-VPN TCL script work as it will be helpful to ban the connection one VPN scanner can't detect and the limit of scanning will be increased from 2 Anti-VPN TCL scripts.

The one you already made works well, https://tools.eggdrop.fr/privatebin/?40 ... 5DxPazBmet

What I want now is a new same TCL script where I would use a different bind like !antiproxy or .antiproxy And it will scan the IPs from proxycheck.io with the API key But will also add exception scans or will not scan IPs of the country Nepal (NP).

Thank you!

TimeRider · Post by **TimeRider** » Sat Feb 18, 2023 9:28 pm

CrazyCat wrote:Not tested (the write/read file come from another of my scripts):

Code: Select all

package require http

namespace eval pchecker {

	# proxycheck.io api key
	variable pckey "xxxxxx-xxxxxx-xxxxxx-xxxxxxxx"

	# gzline message
	variable gmsg "Sorry, VPN are not allowed"

	# List of IP not checked
	variable whitelist {}

	# List of blacklisted IP
	variable blacklist {}
	
	variable pcheckerwl "scripts/pcheckerwl.txt"

	# To enable on a chan, think to do
	# .chanset #chan +scanip
	setudef flag scanip

	bind join - * ::pchecker::whois
	bind raw - 378 ::pchecker::ipcheck
	bind pub - !add ::pchecker::ipadd
	bind pub - !rem ::pchecker::iprem

	proc whois {nick uhost handle chan} {
		if {![channel get $chan scanip]} { return }
		if {[isbotnick $nick]} { return }
		putquick "WHOIS $nick"
	}

	proc ipadd {nick uhost handle chan text} {
		if {[lsearch $::pchecker::whitelist $text] == -1} {
			lappend ::pchecker::whitelist $text
		}
		::pchecker::l2file $::pchecker::whitelist $::pchecker::pcheckerwl
	}
	
	proc iprem {nick uhost handle chan text} {
		set n [lsearch $::pchecker::whitelist $text]
		if {$n != -1} {
			set ::pchecker::whitelist [lreplace $::pchecker::whitelist $n $n]
			::pchecker::l2file $::pchecker::whitelist $::pchecker::pcheckerwl
		}
	}
	
	proc ipcheck {frm key text} {
		set ip [lindex [split $text " "] end]
		foreach w $::pchecker::whitelist {
			if {[string match $w $text]} { return }
		}
		foreach b $::pchecker::blacklist {
			if {[string match $w $text]} {
				putquick "GLINE *@$ip +7d :$::pchecker::gmsg"
				return
			}
		}
		::pchecker::isvpn $ip
	}

	proc json2dict {JSONtext} {
		string range [string trim [string trimleft [string map {\t {} \n {} \r {} , { } : { } \[ \{ \] \}} $JSONtext] {\uFEFF}]] 1 end-1
	}

	proc isvpn {ip} {
		::http::config -useragent "lynx"
		set pcheck [::http::geturl http://api.isproxyip.com/v1/check.php?key=$::pchecker::pckey&ip=${ip}&format=json]
		set data [json2dict [::http::data $pcheck]]
		if {[dict get $data status] eq "success"} {
			set proxy [dict get $data proxy]
			if {$proxy == 1 } {
				lappend $::pchecker::blacklist $ip
				putquick "GLINE *@$ip +7d :$::pchecker::gmsg"
			}
		}
		::http::cleanup $pcheck
	}

	proc l2file {olist dfile} {
		set fo [open $dfile w]
		puts $fo [join $olist "\n"]
		close $fo
	}
	
	proc f2list {dfile} {
		set fi [open $dfile r]
		set olist [split [read -nonewline $fi] "\n"]
		close $fi
		return $olist
	}
	
	set ::pchecker::whitelist [::pchecker::f2list $::pchecker::pcheckerwl]
	
}

CrazyCat, this script is generating an error now: Tcl error [::pchecker::ipcheck]: Illegal characters in URL path

Could you please fix it?

FmX · Post by **FmX** » Tue Jan 30, 2024 3:49 am

Bringing up a bit of an old topic. I tried this script but I get the following error:
Tcl error [::pchecker::ipcheck]: Illegal characters in URL path

Client connection is this way:
[09:40:42] Connect: (Chat@1005633945813123113.discord.com) [53.92.95.41] [vhost: 3D6263FF.C15E8851.D7BC4C45.IP] [secure] [country: DE] [reputation: 0] [security-groups: unknown-users,webirc-users]
Connect: (webirc@62-73-100-175.ip.btc-net.bg) [62.73.100.175] [vhost: 306D8AA.C305ADBD.62D3FB63.IP] [class: clients] [secure: TLSv1.3-TLS_CHACHA20_POLY1305_SHA256] [country: BG] [reputation: 5] [security-groups: unknown-users,webirc-users,tls-and-known-users,tls-users]

Maybe the script need to read IPs from brackets [] ?
This is UnrealIRCD.

Post by **CrazyCat** » Tue Jan 30, 2024 4:10 am

Just before the line

::http::config -useragent "lynx"

add

putlog "Checking: $ip"

FmX · Post by **FmX** » Tue Jan 30, 2024 5:07 am

Still gives error:
[11:06:22] <ATAS> [09:06:21] Tcl error [::pchecker::ipcheck]: Illegal characters in URL path
[11:06:22] <ATAS> [09:06:21] -NOTICE- connect.LOCAL_CLIENT_CONNECT [info] Client connecting: obssesedwithme (Chat@1143552215554986125.discord.com) [53.98.128.141] [vhost: Portal-F5EDA4FF.discord.com] [class: clients] [country: DE] [reputation: 0] [security-groups: unknown-users,webirc-users]
[11:06:22] <ATAS> [09:06:21] Checking: 53.98.128.141
[11:06:22] <ATAS> [09:06:21] Tcl error [::pchecker::ipcheck]: Illegal characters in URL path
[11:06:22] <ATAS> [09:06:21] -NOTICE- connect.REMOTE_CLIENT_CONNECT [info] Client connecting: obssesedwithme (Chat@1143552215554986125.discord.com) [53.98.128.141] [vhost: 90A44659.6F5C8A2F.4EB8A045.IP] [secure] [country: DE] [reputation: 0] [security-groups: unknown-users,webirc-users]

FmX · Post by **FmX** » Tue Jan 30, 2024 5:18 am

My bad, there is space in api key that i missed. Everything wokrs fine. Thank you

and 1 latest request. Can you make to not scanning IPs start with 53.*

Post by **CrazyCat** » Tue Jan 30, 2024 6:01 am

FmX wrote: ↑Tue Jan 30, 2024 5:18 am and 1 latest request. Can you make to not scanning IPs start with 53.*

Just replace:

   ::pchecker::isvpn $ip
}

With:

   if {[string first "53." $ip]==0} { return }
   ::pchecker::isvpn $ip
}

FmX · Post by **FmX** » Tue Jan 30, 2024 6:15 am

Everything is fine now. Thanks mate. I have 1 more request but i will try alone to figure out how to achieve it. After Gline i want to report in certain channel nick and IP who was glined. now i will try to do it myself

FmX · Post by **FmX** » Tue Jan 30, 2024 6:47 am

 ::pchecker::isvpn $ip $unick

proc isvpn {ip unick}

putquick "PRIVMSG #test33 :$unick *@$ip +7d :$::pchecker::gmsg"

is that good CrazyCat ?

Post by **CrazyCat** » Tue Jan 30, 2024 7:16 am

What is $unick ? How do you get it ?

FmX · Post by **FmX** » Tue Jan 30, 2024 7:31 am

proc ipcheck {frm key text} {
		if {[string match *!*@* $frm] || ![string match -nocase "*client connecting*" $text]} { return }
		regexp {:\ ([^ ]+)\s\(([^@]+)@([^\)])+\)\s\[([^\]]+)} $text - unick ident host ip

Post by **CrazyCat** » Tue Jan 30, 2024 10:20 am

So it may work.

Why don't you try and just ask when you have an error ?

egghelp/eggheads community

scan ip from a proxy scanner site

Re: scan ip from a proxy scanner site

Re: scan ip from a proxy scanner site

Re: scan ip from a proxy scanner site

Re: scan ip from a proxy scanner site

Re: scan ip from a proxy scanner site

Re: scan ip from a proxy scanner site

Re: scan ip from a proxy scanner site

Re: scan ip from a proxy scanner site

Re: scan ip from a proxy scanner site

Re: scan ip from a proxy scanner site