I't work fine, but only one port is used for checking.
Can somebody make a variables port to check.
For example: host:port 1;2;3 ... (87.252.161.42:8080 .. 87.252.161.42:1080 .. etc)
Sorry for my bad english, and thanks advanced
Code: Select all
############################ Anti-Socks v1.1 #############################
# by Cashflo #
# Cashflo@GalaxyNet.Org #
# http://www.galaxynet.org/ircops/cashflo.html #
# Final Beta tested on Eggdrop1.3.23/26 w/ tcl8.0/1 #
# Copyright (c) 1999 Cashflo All Rights Reserved. #
##########################################################################
# The first real anti socks/wingate scanner out there for tcl, connects #
#per RFC and see's if server responds with no authorization required. No#
#scanning Telnet ports which could be a possible security threat, or just#
#seeing if 1080 is open which could be a nukenapper. Actually tries to #
# connect as a sock client to the server, and sees if a no authorization #
#needed responce is returned. Works for both socks4 and socks5. Script #
# is capable of checking for socks, via dcc, msg, pub, by any user & a #
#option to allow any IrcOp to be able to scan via msg & pub, as well as a#
# option to have the bot scan scan server connections as a local IrcOp #
# connection monitor and be able to k-line and or local wallop on socks. #
#Script can Ban/onotice/log/lwallop on cooresponding automatic Triggers. #
##########################################################################
# Any problems or suggestions please contact me on irc or e-mail. #
# Same goes for if you want to edit this script or use parts of it. #
##########################################################################
# GalaxyNet Eggdrop's also check out glxauth*.tcl.gz avaliable on sodre. #
# Script has been edited to support galaxynet auth if it is loaded, but #
# make sure in config source line for glxauth comes before anti-socks. #
##########################################################################
# Special Thanks to: Andyh, Fwibbly & of course Gawyn (as always) #
# For helping me w/ rfc1928 and such. #
##########################################################################
# This script Requires, tcl8.0+ and if you don't edit main.c yourself #
# you need eggdrop1.3.23+, reason for this is because Tcl_DoOneEvent was #
# put in main.c on 1.3.23, if running a earlier version you are going to #
# have to compile it yourself by searching main.c for the following line #
#"debug0("main: entering loop");", below that line is the main while loop#
#inside the while loop add the following "Tcl_DoOneEvent(TCL_DONT_WAIT);"#
# After saving those changes to main.c, remake/compile the bot, and then #
# go to line 260 about in this script and remove scanning for 1.3.23+ #
#And also make sure to compile in bind raw if pre 1.3.* via src/eggdrop.h#
#line 86 "#define bind raw" in 1.1.5, not sure if will elimiate all probs#
# Bottom line, I recommend and its easier if you upgrade to 1.3.* #
# but in any case you are going to need tcl 8.0 or greater!!! #
##########################################################################
# .socks <host/nick> - manually check socks via dcc. #
# /msg bot socks <host/nick> - manually check for socks via msg. #
# !socks <host/nick> - Manually check for socks via channel. #
# .sockshelp [command] - List of commands w/ syntax, or info on [command]#
# .sockset <command> - Changes setting temp on <command>. #
# .showsocks [all/last #n/search phrase] - Scans socks log based on arg. #
# .viewset [setting] - shows you all values or a specific settings value.#
##########################################################################
# Important to GalaxyNet Users!! if you are running GlxAuth 2.2 or less, #
# make sure this script is loaded in config AFTER glxauth is loaded. #
##########################################################################
# If you are running this as a IrcOp'ed Connection Monitor, please make #
# Sure your bot is secure, ie. remove .tcl and any scripts that you are #
# not 100% sure are secured, and won't let anyone send raw data to server#
# Also watch who you let into bot, and limit access and amount of users #
# on the bot. I will not be held liable for anything, including but not #
# limited to problems resulting from badly configured oper'ed bots. #
##########################################################################
# Don't forget to check for updates, either on ftp's or on GalaxyNet IRC #
# network /ctcp glxauth cdcc list This is latest as of 4/23/99 #
##########################################################################
# This Script Does the Following:
# 01) Scans for socks on:
# A) Join.
# B) Connections.
# C) Dcc via .socks <host/nick>.
# D) Msg via /msg bot socks <host/nick>.
# E) Pub via !socks <host/nick>.
# 02) On Open Socks:
# A) Bans if on join.
# B) Can k-line if connect.
# C) Can lwallop if connect.
# D) Can log to file.
# E) Can ONOTICE if on join.
# F) Report back to you open socks.
# 03) Exempt:
# A) Can exempt channels from on join checking.
# B) Can exempt hosts from on join and connect checking.
# C) Can exempt flags from on join checking and on connect checking.
# 04) Connection Times Out After 15seconds.
# 05) Connection is asyncrous which means bot is not blocked while waiting for reply.
# 06) Bot tries to /oper if $onick/$opass/$sockconnect are all set.
# 07) Checks to make sure proper version of eggdrop and tcl is being run.
# 08) Help via .sockshelp:
# A) .sockshelp.
# B) .sockshelp socks.
# C) .sockshelp showsocks.
# D) .sockshelp sockshelp.
# 09) Show list of open socks that where logged.
# 10) Change settings via .sockset:
# A) Socks scan on join.
# B) Exempt channels fron on join scanning.
# C) Time to ban someone on join socks.
# D) Hosts exempt from on join and on connect scanning.
# E) Flags exempt from on join scanning.
# F) Turn on or off or change file that socks are logged to.
# G) Allow anyone umode +O (IrcOp) to scan for socks.
# H) Turn on or off socks checking on connect.
# I) Turn on or off lwalloping on open socks on connect.
# J) Turn on or off auto k-line of open socks on connect.
# K) Change bots o-line Nick.
# L) Change bots o-line Pass.
# M) Turn on or off onoticing on open socks on join.
# 11) View settings via .viewset [setting].
# 12) Delete sockslog via .delsocks.
# ---v1.1---
# 13) Option to send out onotice (notice to ops) when a wingate on join.
# 14) Fixed socks 4 scanning, before was just seeing if it was a socks4 now see's if its
#opened via another connection attempt.
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! #
# !!!!!!!!!!!!!!!!!!!!!!!!----- SET THE FOLLOWING SETTINGS -----!!!!!!!!!!!!!!!!!!!!!! #
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! #
# --- On Join Stuff ---
# Check socks on join, not including exempt channels (0 Off/ 1 On)
set sockjoin 1
# Channels to exempt from sock scanning on join. (if sockjoin is on)
set sockchans { "#sock_exempt_chan1" "#sock_exempt_chan2" }
# time to ban hosts for on open socks. (in minutes).
set bantime 60
# Send out a ONotice (Notice to ops) on a oepn sock on join? (0 Off/ 1 On).
set socknotice 0
# --- Exempt Stuff ---
# Hosts (NOT USERS@HOST) to be exempt from sock scanning on join and or on client connetions.
set sockhosts {
}
# Flags that are exempt from scanning on join and on connect by matching a handle
#against the host and seeing if it contains ANY of these flags.
set sockflags "f o m n"
# --- End Exempt Stuff ---
# File to log open socks to, set to "" for no logging.
set socklog "socks.log"
# Allow any IrcOp to /msg bot socks <host/nick> and check it for them (0 Off/ 1 On)
set sockoper 1
# --- Oper Bot Connection Monitor... (Below requires bot to have a o line) ---
# Sock Check connection notices (0 Off/ 1 On) (Requires bot to have o line)
set sockconnect 0
# Local wallop on open socks (0 Off/ 1 On) ( Requires bot to have a local o line & $sockconnect = 1)
set socklwall 0
# Auto k-line open sock hosts (0 Off / 1 On) (Requires bot to have a local o line & $sockconnect = 1)
set akline 0
# Oline nickname (leave set to "" if no o-line) (Make sure to add in ircd.conf onick & opass w/ proper host)
set onick ""
# o-line password (leave set to "" if no o-line)
set opass ""
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! #
# !!!!!!!!!!!!!!!!!!!!!!----- DO NOT EDIT BELOW HERE-----!!!!!!!!!!!!!!!!!!!!!!!! #
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! #
# Make sure no vars got deleted.
if {![info exists sockjoin]} { set sockjoin 1 }; if {![info exists sockchans]} { set sockchans "" }
if {![info exists bantime]} { set bantime 60 }; if {![info exists sockhost]} { set sockhost "" }
if {![info exists sockflags]} { set sockflags "f o m n" }; if {![info exists socklog]} { set socklog "socks.log" }
if {![info exists sockoper]} { set sockoper 1 }; if {![info exists sockconnect]} { set sockconnect 0 }
if {![info exists socklwall]} { set socklwall 0 }; if {![info exists akline]} { set akline 0 }
if {![info exists onick]} { set onick "" }; if {![info exists opass]} { set opass "" }
if {![info exists socknotice]} { set socknotice0 }; set isircop 0
if {[info exists timeout]} { unset timeout }; if {[info exists ohost]} { unset ohost }
if {[info exists nthing]} { unset nthing }
# Version info
set sockver "1.1"
# Very basic encryption.
if {$opass != ""} { set opass [encrypt $sockver $opass] }
# Help arrays
set sockshelp(socks) [list "o/oper" ".socks <host/nick> | /msg $botnick socks <host/nick> | !socks <host/nick>" "Manually scans <host/nick> for open socks. Or if \$opersock is set on, will let any IrcOp check for open socks"]
set sockshelp(showsocks) [list "o" ".showsocks \[all/last #/search phrase\]" "Outputs data from log file based on options, if no option is given shows all:
[format %-18s ".showsocks \[n\]"] - Last n open socks recorded.
[format %-18s ".showsocks all"] - Shows all entries from socks log.
[format %-18s ".showsocks \[phrase\]"] - Scans log for entries containing phrase"]
set sockshelp(sockshelp) [list "all" ".sockshelp \[command\]" "Shows syntax of all comamnds if no \[command\] is specified, otherwise shows detailed help on command"]
set sockshelp(viewset) [list "o" ".viewset \[setting\]" "View all or a specifc settings value"]
set sockshelp(delsocks) [list "m" ".delsocks" "Clear the sockslog file"]
set sockshelp(sockset) [list "m" ".sockset <setting> \[new setting\]" "Change settings or of no newset show current setting:
[format %-21s \026\[command\]\026] \026Info\026
[format %-20s "akline <0/1>"] Turn on or off auto k-line of open socks on connect.
[format %-20s "bantime \[time\]"] Time to ban someone on join socks
if no time is specified then banning is disabled.
if bantime is 0 then bans become perm.
[format %-20s "onick <o nick>"] Change bots o-line Nick.
[format %-20s "opass <o pass>"] Change bots o-line Pass.
[format %-20s "+sockchan <#channel>"] Add a chan to exempts on join scanning.
[format %-20s "-sockchan <#channel>"] Delete a channel from exempt of join scanning.
[format %-20s "sockconnect <0/1>"] Turn on or off socks checking on connect.
[format %-20s "+sockhost <host>"] Adds a Host to exempt from on join and on connect scanning.
[format %-20s "-sockhost <host>"] Deletes a exempt host from on join and connect scanning.
[format %-20s "+sockflag <flag>"] Adds a flags to exempt flags from on join scanning.
[format %-20s "-sockflag <flag>"] Deletes a exempt flag.
[format %-20s "sockjoin <0/1>"] Socks scan on join.
[format %-20s "socklog \[file\]"] Change file that socks are logged to, if no file specifed then shuts it off.
[format %-20s "socklwall <0/1>"] Turn on or off lwalloping on open socks on connect.
[format %-20s "socknotice <0/1>"] Turn on or off sending out a notice to all ops on channel on a on join open socks.
[format %-20s "sockoper <0/1>"] Allow anyone umode +O (IrcOp) to scan for socks"]
# See if person can handle script.
if {![info exists numversion] || ($numversion < 1032300)} {
if {[string range $version 0 2] != "1.3"} {
putlog "*** Can't load anti-socks -- At least Eggdrop v1.3.23 required"
return 0
}
}
if {(![info exists tcl_version] || $tcl_version < 8.0)} {
putlog "*** Can't load anti-socks -- Need at least tcl 8.0"
return 0
}
# Set settings needed if user is set to check socks on connection msgs.
if {$sockconnect} {
if {[info exists gaccess]} { catch {unbind raw - notice raw_notice} } ;# Support for GalaxyNet Auth.
bind raw - NOTICE raw_connect
if {($onick != "" && $opass != "")} {
set init-server { sock-init }
}
}
# Listening port stuff for a socks4 connection request....
if {[info exists v4sock]} { catch {close $v4sock}; unset v4sock }; # Delete/close previous sock server
proc getconnect {sock addr port} { catch {close $sock} }; # Proc for a incoming sock4 check.
set v4port "2[rand 9][rand 9][rand 9]"; # set the incoming port to a random port between 2000-2999
# Setup a incoming server socket for sock4 scanning, if port is unavaliable try another.
set x 0
while {$x == 0} { if {![catch {set v4sock [socket -server getconnect $v4port]}]} { set x 1 } }
# Now a IrcOp.
bind raw - 381 raw_nowop
proc raw_nowop {from keyword arg} {
global akline botnick isircop server socklwall sockver version
if {[lindex $arg 0] == $botnick} {
set isircop 1
set end ""
if {$socklwall} { set end [append end ". Local Wallops sent on open socks"] }
if {$akline} { set end [append end ". Auto K-line set on open socks"] }
set cmsg "\026Anti-Socks Connection Monitor v$sockver\026 on Eggdrop[lindex $version 0] by Cashflo <Cashflo@GalaxyNet.org> Is running on $server$end."
putserv "LWALLOPS :$cmsg"
}
}
proc sock-init {} {
global akline botnick gaccess onick opass server sockconnect socklwall sockver version
if {$sockconnect} {
# See if bot is a oper."
putserv "whois $botnick"
# Oper bot
putserv "oper $onick [decrypt $sockver $opass]"
# Support for GalaxyNet Auth.
if {[info exists gaccess]} {
catch {init-server}
}
}
}
# Join Checking Proc.
if {$sockjoin} {bind join - * join_sock}
proc join_sock {nick userhost handle channel} {
global sockchans sockflags sockhosts
# Exempt channel
if {[lsearch -glob $sockchans $channel] != -1} { return 0 }
set host [lindex [split $userhost @] 1]
# Exempt hosts
foreach pattern $sockhosts {
if {[string match $pattern $host]} { return 1 }
}
# Exempt flag
foreach exflag $sockflags {
if {[matchattr $handle $exflag]} { return 0 }
}
wingate $host join $channel $nick
}
# --- DCC Procs ---
# Dcc Help
bind dcc - sockshelp dcc_sockshelp
bind dcc - sockhelp dcc_sockshelp
proc dcc_sockshelp {hand idx arg} {
global sockshelp sockver version
set arg [lindex $arg 0]
putdcc $idx "---- \026Anti-Socks v$sockver on eggdrop[lindex $version 0]\026 ----"
set list "delsocks socks sockshelp sockset showsocks viewset"
if {$arg == ""} {
foreach command $list {
putdcc $idx "[lindex $sockshelp($command) 1]"
}
putdcc $idx " "
putdcc $idx "\026\002.sockshelp <command> for more info.\002\026"
} else {
if {[string index $arg 0] == "."} {
set arg [lindex [split $arg .] 1]
}
set arg [string tolower $arg]
if {[catch {set test $sockshelp($arg)}]} {
putdcc $idx "$arg is not a valid command, .sockhelp for list of commands."
return 1
}
putdcc $idx "\002Command\002: $arg"
putdcc $idx "\002Flag\002: [lindex $sockshelp($arg) 0]"
putdcc $idx "\002Syntax\002: [lindex $sockshelp($arg) 1]"
putdcc $idx "\002Summary\002: [lindex $sockshelp($arg) 2]."
}
return 1
}
# Dcc command to show list of takeovers from logfile.
bind dcc o showsocks dcc_showsocks
proc dcc_showsocks {hand idx arg} {
global socklog
if {$socklog != ""} {
# See if user specified a number of socks to show from last
if {($arg != "" && $arg != "all")} {
# See if they entered .showsocks #1, instead of .showsocks 1, if so weed out the leading #.
if {[string index $arg 0] == "#" && [regexp "^\[0-9\]+$" [string range $arg 1 end]]} {
set arg [string range $arg 1 end]
}
# If they entered a number, show last $arg socks recorded.
if {[regexp "^\[0-9\]+$" $arg]} {
set tail ""
putdcc $idx "Last $arg socks recorded."
catch {set tail [exec tail -n $arg $socklog]}
putdcc $idx "$tail"
} else {
# Scan logfile for the string
putdcc $idx "Scaning Open Socks Log for $arg."
set grep ""
catch {set grep [exec grep $arg $socklog]}
if {$grep != ""} {
putdcc $idx "$grep"
} else {
putdcc $idx "$arg was not located in socks log. Use \".sockshelp showsocks\" for assistance."
}
}
} else {
# If you did'nt enter any arg or was all, spit out the full socks log
putdcc $idx "You did'nt specify the last # of open socks, showing all."
set fd [open $socklog]
set count -1
while {![eof $fd]} {
putdcc $idx [gets $fd]
set count [expr $count + 1]
}
close $fd
}
if {[info exists count]} {
putdcc $idx "$count entries in sock log $socklog."
}
} else {
putdcc $idx "Log file does not exist."
}
return 1
}
# Dcc command to clear the socks logfile.
bind dcc m delsocks dcc_delsocks
proc dcc_delsocks {hand idx arg} {
global socklog
if {[file exists $socklog]} {
set x [open $socklog w]
catch {close $x}
putdcc $idx "Deleted the open socks logfile."
} else {
putdcc $idx "Socks log does not exist."
}
return 1
}
# Dcc to temp change settings till a rehash.
bind dcc m sockset dcc_sockset
proc dcc_sockset {hand idx arg} {
global akline bantime onick opass sockjoin sockchans sockconnect sockflags sockhosts socklwall socklog socknotice sockoper
set list "akline bantime onick opass sockconnect sockjoin socklog socklwall socknotice sockoper +sockchan -sockchan +sockflag -sockflag +sockhost -sockhost"
global botnick gaccess isircop sockver version
putdcc $idx "\026Setting for Anti-Socks v$sockver on eggdrop[lindex $version 0].\026"
if {$arg != ""} {
set arg [string tolower $arg]
set setting [lindex $arg 0]
set newset [lrange $arg 1 end]
if {[lsearch -exact [string tolower $list] ${setting}] != -1} {
# Can't have -'s in switch statement.....
if {(${setting} == "-sockchan" || ${setting} == "-sockflag" || ${setting} == "-sockhost")} {
if {$setting == "-sockchan"} {
if {$newset != ""} {
if {[lsearch -exact [string tolower $sockchans] $newset] != -1} {
for {set loopvar 0} {$loopvar < [llength $sockchans]} {incr loopvar} {
if {$newset == [string tolower [lindex $sockchans $loopvar]]} {
set sockchans [lreplace $sockchans $loopvar $loopvar]
}
}
putdcc $idx "Removed $newset from list of exempt channels."
} else {
putdcc $idx "$newset is not a exempt channel, can not remove it."
}
} else {
putdcc $idx "\002Syntax\002: .sockset -sockchan <#channel>."
putdcc $idx "Left sockchans on $sockchans."
}
} elseif {$setting == "-sockflag"} {
if {$newset != ""} {
if {[lsearch -exact [string tolower $sockflags] $newset] != -1} {
for {set loopvar 0} {$loopvar < [llength $sockflags]} {incr loopvar 1} {
if {$newset == [string tolower [lindex $sockflags $loopvar]]} {
set sockflags [lreplace $sockflags $loopvar $loopvar]
}
}
putdcc $idx "Removed $newset from list of exempt flags."
} else {
putdcc $idx "$newset is not a exempt flag from sock scanning."
}
} else {
putdcc $idx "\002Syntax\002: .sockset -sockflag <flag>. For Further Assistance \".sockshelp -sockflag\""
putdcc $idx "Left sockflags on $sockflags."
}
} elseif {$setting == "-sockhost"} {
if {$newset != ""} {
if {[lsearch -exact [string tolower $sockhosts] $newset] != -1} {
for {set loopvar 0} {$loopvar < [llength $sockhosts]} {incr loopvar 1} {
if {$newset == [string tolower [lindex $sockhosts $loopvar]]} {
set sockhosts [lreplace $sockhosts $loopvar $loopvar]
}
}
if {$isircop} { putserv "LWALLOPS :$hand removed exempt host $newset." }
putdcc $idx "Removed $newset from list of exempt hosts."
} else {
putdcc $idx "$newset is not a exempt host from sock scanning."
}
} else {
putdcc $idx "\002Syntax\002: .sockset -sockhost <host>. \".sockshelp -sockhost\" for further assistance."
putdcc $idx "Left sockhosts on $sockhosts."
}
}
return 1
}
# Setting is already set to that...
if {[string first + $setting] != 0 && $newset == [expr $$setting]} {
putdcc $idx "\002Already Set\002: $setting is already set to $newset."
putdcc $idx ".sockhelp sockset for commands."
return 1
}
# Switch for rest of commands.....
switch ${setting} {
"akline" {
if {($newset == 0 || $newset == 1)} {
set akline $newset
putdcc $idx "Set Auto-Kline to $akline"
if {$isircop} {putserv "LWALLOPS :Auto K-line changed to $akline by $hand"}
} else {
putdcc $idx "\002Syntax\002: .sockset akline <0/1>. Left auto k-line on $akline."
}
}
"bantime" {
if {[regexp "^\[0-9\]+$" $newset]} {
set bantime $newset
if {$bantime == 0} {
putdcc $idx "Made Bantime perm."
} elseif {$bantime == ""} {
putdcc $idx "Shut off banning."
} else {
putdcc $idx "Set Bantime to $bantime."
}
} elseif {$newset == ""} {
set bantime $newset
putdcc $idx "Shut off banning"
} else {
putdcc $idx "\002Syntax\002: .sockset bantime <time in minutes>. Left bantime on $bantime."
}
}
"onick" {
if {$newset != ""} {
set onick $newset
if {$isircop} { putserv "LWALLOPS :$hand changed my O-Line Name to $onick."}
putdcc $idx "Set onick to $onick."
} else {
putdcc $idx "\002Syntax\002: .sockset onick <o-line nick>. Left O-line Nick on $onick."
}
}
"opass" {
if {$newset != ""} {
set opass [encrypt $sockver $newset]
if {$isircop} { putserv "LWALLOPS :$hand changed my O-Line Pass." }
putdcc $idx "Set opass to $opass."
} else {
putdcc $idx "\002Syntax\002: .sockset opass <o-line pass>."
}
}
"sockconnect" {
if {($newset == 0 || $newset == 1)} {
set sockconnect $newset
if {$newset == 0} {
if {$isircop} {
putserv "LWALLOPS :$hand turned off scanning on connect."
putserv "MODE $botnick -o"
}
catch {unbind raw - NOTICE raw_connect}
if {[info exists gaccess]} { bind raw - notice raw_notice } ;# Support for GlxAuth
} else {
if {[info exists gaccess]} { catch {unbind raw - notice raw_notice } } ;# Glxauth Support
catch {bind raw - NOTICE raw_connect}
sock-init
if {$isircop} {putserv "LWALLOPS :$hand turned on sock scanning on connect."}
}
putdcc $idx "Set sock scanning on connect to $sockconnect."
} else {
putdcc $idx "\002Syntax\002: .sockset sockconnect <0/1>. Left sock scanning on client connect on $sockconnect."
}
}
"sockjoin" {
if {($newset == 0 || $newset == 1)} {
if {$newset == 1 && $sockjoin == 0 } {
catch {bind join - * join_sock}
} elseif {$newset == 0 && $sockjoin == 1} {
catch {unbind join - * join_sock}
}
set sockjoin $newset
putdcc $idx "Set sockjoin to $sockjoin."
} else {
putdcc $idx "\002Syntax\002: .sockset sockjoin <0/1>. Left sock scanning on join on $sockjoin."
}
}
"socklog" {
if {$newset == ""} {
set socklog $newset
putdcc $idx "Turned off sock logging."
} else {
set socklog $newset
putdcc $idx "Set Sock Log File to $newset."
}
}
"socklwall" {
if {($newset == 0 || $newset == 1)} {
set socklwall $newset
putdcc $idx "Changed Sock Lwalloping to $socklwall."
if {$isircop} {putserv "LWALLOPS :$hand changed open sock lwalloping to $socklwall."}
} else {
putdcc $idx "\002Syntax\002: .sockset socklwall <0/1>. Left socklwall on $socklwall."
}
}
"socknotice" {
if {($newset == 0 || $newset == 1)} {
set socknotice $newset
putdcc $idx "Changed Sock Op Noticing to $socknotice."
} else {
putdcc $idx "\002Syntax\002: .sockset socknotice <0/1>. Left socknotice on $socknotice."
}
}
"sockoper" {
if {($newset == 0 || $newset == 1)} {
set sockoper $newset
putdcc $idx "Set Allow any IrcOp to sock check to $sockoper."
} else {
putdcc $idx "\002Syntax\002: .sockset sockoper <0/1>. Left Allow any IrcOp to check for socks on $sockoper."
}
}
"+sockchan" {
if {$newset != ""} {
if {[lsearch -exact [string tolower $sockchans] $newset] == -1} {
set sockchans [append sockchans " $newset"]
putdcc $idx "Added $newset to list of exempt channels."
} else {
putdcc $idx "$newset is already a exempt channel from sock scanning."
}
} else {
putdcc $idx "\002Syntax\002: .sockset +sockchan <#channel>."
putdcc $idx "Left Exempt Channels on: $sockchans"
}
}
"+sockflag" {
if {$newset != ""} {
if {[lsearch -exact [string tolower $sockflags] $newset] == -1} {
set sockflags [append sockflags " $newset"]
putdcc $idx "Added $newset to list of exempt flags from on join socks scanning."
} else {
putdcc $idx "$newset is already a exempt flag from on join socks scanning."
}
} else {
putdcc $idx "\002Syntax\002: .sockset +sockflag <exempt flag>."
putdcc $idx "Left sockflags on: $sockflags"
}
}
"+sockhost" {
if {$newset != ""} {
if {[lsearch -exact [string tolower $sockhosts] $newset] == -1} {
set sockhosts [append sockhosts " $newset"]
if {$isircop} { putserv "LWALLOPS :$hand exempted host $newset." }
putdcc $idx "Added $newset to list of exempt hosts."
} else {
putdcc $idx "$newset is already a exempt host from sock scanning."
}
} else {
putdcc $idx "\002Syntax\002: .sockset +sockhost <exempt sock-host>."
putdcc $idx "Left sockhosts on $sockhosts."
}
}
}
} else {
putdcc $idx "You did not enter: $list"
}
} else {
putdcc $idx "\002Syntax\002: .sockset <arg> \[setting\]."
putdcc $idx "Valid commands are: $list."
putdcc $idx "\026\".sockshelp sockset\" for further assistance.\026"
}
return 1
}
# Dcc To show settings.
bind dcc o viewset dcc_viewset
proc dcc_viewset {hand idx arg} {
set list "akline bantime onick opass sockjoin sockchans sockconnect sockflags sockhosts socklwall socklog sockoper"
putdcc $idx "\026-------- Current Settings --------\026 "
putdcc $idx "\002Setting Value\002 "
if {$arg == ""} {
foreach setting $list {
global $setting
set value [expr $$setting]
if {$setting == "opass"} {
if {$value != ""} {
putdcc $idx "[format %-28s $setting] *IS SET*"
} else {
putdcc $idx "[format %-28s $setting] *NOT SET*"
}
continue
}
putdcc $idx "[format %-28s $setting] $value"
}
} else {
if {[lsearch -exact $list [string tolower $arg]] != -1} {
global $arg
if {$arg != "opass"} {
set value [expr $$arg]
putdcc $idx "[format %-28s $arg] $value"
} else {
putdcc $idx "O-Line Password Setting is not viewable."
}
} else {
putdcc $idx "Not a valid setting."
putdcc $idx "Valid settings are: $list."
}
}
return 1
}
# Dcc sock checking.
bind dcc o socks dcc_socks
bind dcc o sock dcc_socks
bind dcc o wingate dcc_socks
proc dcc_socks {hand idx arg} {
global nthing
if {[info exists nidx]} { unset nidx }
set host [lindex $arg 0]
if {$host != ""} {
# Get users host.
if {[llength [split $arg .]] == 1} {
putserv "userhost [lindex $arg 0]"
set nthing $idx
return 1
}
# Format was a nick.
putdcc $idx "\002SCANNING\002: $host for open socks."
wingate $host dcc $idx
} else {
putdcc $idx "\002Syntax\002: .socks <host/nick>. \".sockshelp socks\" for more info."
}
return 1
}
# --- Msg Procs ---
# msg for wingate checking
bind msg - socks msg_socks
bind msg - sock msg_socks
bind msg - wingate msg_socks
proc msg_socks {nick userhost handle arg} {
global nthing ohost sockoper
if {[info exists ohost]} { unset ohost }
if {[info exists nthing]} { unset nthing }
if {[matchattr $handle o]} {
set host [lindex $arg 0]
if {$host != ""} {
# Get users host.
if {[llength [split $arg .]] == 1} {
putserv "userhost [lindex $arg 0]"
set nthing $nick
return 1
}
putserv "NOTICE $nick :\002SCANNING\002: $host for open socks."
wingate $host msg $nick
} else {
putserv "NOTICE $nick :\002Syntax\002: .socks <host/nick>."
}
} elseif {$sockoper} {
set ohost [lindex $arg 0]
if {$ohost != ""} {
set ohost "msg $ohost"
putserv "WHOIS $nick"
} else {
putserv "NOTICE $nick :\002Syntax\002: .socks <host/nick>."
}
}
return 1
}
# A IrcOp msging bot who does not have access or bot seeing if it is a oper on rehash.
if {$sockoper} { bind raw - 313 raw_oper }
proc raw_oper {from keyword arg} {
global botnick isircop nthing ohost
# Ohost = type host [channel]
if {[info exists ohost]} {
if {[llength [split [lindex $ohost 1] .]] == 1} {
putserv "userhost [lindex $ohost 1]"
if {[lindex $ohost 0] == "pub"} {
set nthing [lindex $ohost 2]
} elseif {[lindex $ohost 0] == "msg" } { set nthing [lindex $arg 1] }
return 1
}
set msg "\002SCANNING\002: [lindex $ohost 1] for open socks."
if {[lindex $ohost 0] == "msg"} {
putserv "NOTICE [lindex $arg 1] :$msg"
set whereto [lindex $arg 1]
} elseif {[lindex $ohost 0] == "pub"} {
putserv "PRIVMSG [lindex $ohost 2] :$msg"
set whereto [lindex $ohost 2]
}
wingate [lindex $ohost 1] [lindex $ohost 0] $whereto
unset ohost
} elseif {[lindex $arg 1] == $botnick} {
set isircop 1
}
}
# userhost reply from a user......
bind raw - 302 raw_isuser
proc raw_isuser {from keyword arg} {
global nthing
if {[info exists nthing]} {
set host [lindex [split [lindex [split [lindex $arg 1] =] 1] @] 1]
if {$host != ""} {
set msg "\002SCANNING\002: Scanning $host ([string trimright [string trimleft [lindex [split [lindex $arg 1] =] 0] :] *]) for open socks."
} else {
set msg "\002Not Online\002: User is not online"
}
if {[regexp "^\[0-9\]+$" $nthing]} {
putdcc $nthing "$msg"
set type "dcc"
} elseif {[string first # $nthing] == 0} {
putserv "PRIVMSG $nthing :$msg"
set type "pub"
} else {
putserv "NOTICE $nthing :$msg"
set type "msg"
}
if {[lrange $msg 2 end] != "User is not online"} { wingate $host $type $nthing }
unset nthing
}
return 1
}
# Public command !socks <host>
bind pub - !socks pub_socks
bind pub - !sock pub_socks
proc pub_socks {nick userhost handle channel arg} {
global nthing ohost sockoper
if {[matchattr $handle o]} {
set host [lindex $arg 0]
if {$host != ""} {
# Get users host.
if {[llength [split $arg .]] == 1} {
putserv "userhost [lindex $arg 0]"
set nthing $channel
return 1
}
putserv "PRIVMSG $channel :\002SCANNING\002: $host for open socks."
wingate $host pub $channel
} else {
putserv "NOTICE $nick :\002Syntax\002: !socks <host/nick>."
}
} elseif {$sockoper} {
set ohost [lindex $arg 0]
if {$ohost != ""} {
set ohost "pub $ohost $channel"
putserv "WHOIS $nick"
} else {
putserv "NOTICE $nick :\002Syntax\002: !socks <host/nick>."
}
}
return 1
}
# Connection msgs
proc raw_connect {from keyword arg} {
global akline gaccess orawscript sockflags sockhosts
if {[lindex [split [string tolower $from] @] 1] == "" && [lrange $arg 4 5] == "Client connecting:"} {
set userhost [split [string trimright [string trimleft [lindex $arg 7] (] )] @]
set user [lindex $userhost 0]; set host [lindex $userhost 1]
# Exempt hosts
foreach pattern $sockhosts {
if {[string match $pattern $host]} { return 1 }
}
# Exempt flag
set handle [finduser [lindex $arg 6]!$user@$host]
if {$handle != "*"} {
foreach exflag $sockflags {
if {[matchattr $handle $exflag]} { return 1 }
}
}
# Get the reply of wingate
wingate $host connect
}
if {[info exists gaccess]} { catch {raw_notice $from $keyword $arg} } ;# Support for GlxAuth
return 1
}
# Scanner.
proc wingate {host type args} {
global timeout
set args [join $args " "]
# Not a valid host.
if {[catch {set sock [socket -async $host 20492]}]} {
if {$type == "dcc"} { putdcc [lindex $args 0] "\002Not Valid\002: Unable to connect to $host." }
if {$type == "msg"} { putserv "NOTICE [lindex $args 0] :\002Not Valid\002: Unable to connect to $host." }
if {$type == "pub"} { putserv "PRIVMSG [lindex $args 0] :\002Not Valid\002: Unable to connect to $host." }
return 0
}
fileevent $sock writable [list gotconnect $sock $host $type $args] ;# wait for connect.
fileevent $sock readable [list gotread $sock $host $type $args] ;#wait for responce.
# Timeout after 15seconds
set timeout($sock) ""
utimer 15 "timeout $sock $host $type $args"
}
# Connection timed out.
proc timeout {sock host type args} {
global timeout
if {[info exists timeout($sock)]} {
unset timeout($sock)
fileevent $sock writable {} ;# remove previous handler
fileevent $sock readable {} ;# remove previous handler
close $sock ;# close the socket
if {$type == "dcc"} { putdcc [lindex $args 0] "\002TIME OUT\002: Timeout on connection to $host." }
if {$type == "msg"} { putserv "NOTICE [lindex $args 0] :\002TIME OUT\002: Timeout on connection to $host." }
if {$type == "pub"} { putserv "PRIVMSG [lindex $args 0] :\002TIME OUT\002: Timeout on connect to $host." }
}
return 0
}
# Successfully connected, send data.
proc gotconnect {sock host type args} {
global botname timeout v4port
set args [join $args " "]
# Send it request to connect, if its rejected (broken pipe) ports are not open.
# 5 = SOCKS5/ 1 = I know 1 authentication methods/ 0 the one i know is 'none' as in completely open
fconfigure $sock -translation binary -buffering none -blocking 1 ;# configure the connection.
fileevent $sock writable {} ;# remove previous handler
# Send out the data, if can not send, no socks.
if {[lindex $args end] == "v4"} {
set data "[binary format "ccSI" 4 1 $v4port [myip]][exec whoami][binary format c 0]"
} else {
set data "[binary format ccc 5 1 0]"
}
if {[catch {puts $sock $data}]} {
if {$type == "dcc"} { putdcc [lindex $args 0] "\002NO SOCKS\002: not a socks host $host." }
if {$type == "msg"} { putserv "NOTICE [lindex $args 0] :\002NO SOCKS\002: not a socks host $host."}
if {$type == "pub"} { putserv "PRIVMSG [lindex $args 0] :\002NO SOCKS\002: not a socks host $host." }
if {[info exists timeout($sock)]} { unset timeout($sock) }
catch {close $sock}
}
}
# Got reply.
proc gotread {sock host type args} {
global akline bantime botnick socklog socklwall socknotice timeout
set args [join $args " "]
if {[info exists timeout($sock)]} { unset timeout($sock) }
foreach timer [utimers] {
if {([lindex [lindex $timer 1] 0] == "timeout" && [lindex [lindex $timer 1] 1] == $sock)} { killutimer [lindex $timer 2] }
}
# Read in 2 bytes of data from reply. was hh
catch {binary scan [read $sock 2] cc reply reply2}
fileevent $sock readable {} ;# remove previous handler
catch {close $sock}
# Got 2bytes of reply
if {([info exists reply] && [info exists reply2])} {
if {$reply == 0} { set reply 4 }
# Is sock4 or sock5
if {$reply == 4 || $reply == 5} {
# Reply was is a socks4 w/ error msg, connect as socks4 and see if open.
if {$reply == 4 && $reply2 == 91} {
# If connection is still not granted after second attempt, give up.....
if {[lindex $args end] != "v4"} {
set lastv4time [unixtime]; set lastv4host $host
wingate $host $type $args v4
return 0
}
}
# no auth is required. (90 = sock4, 0 = sock5)
if {($reply == 4 && $reply2 == 90 || $reply == 5 && $reply2 == 0)} {
set msg "\002OPEN\002: Socks v$reply found at $host."
if {$type == "join"} {
putserv "kick [lindex $args 0] [lindex $args 1] :Open socks v$reply found on $host!"
if {$bantime != ""} { newban *!*@${host} $botnick "Open socks v$reply found on $host!" $bantime }
} elseif {$type == "connect"} {
if {$akline} {
append msg " K-line Auto Activated on host."
putserv "KLINE *@${host} :Open Socks v$reply."
}
}
# Log wingates.
if {$socklog != ""} {
set x [open $socklog a+]
puts $x "[date] [time] - $host"
close $x
}
# Secure socks
} else {
set msg "\002SECURE SOCKS\002: $host is a socks v$reply but authentication is required."
}
# Unknown reply
} else {
set msg "\002UNKNOWN\002: $host gave a unrecognized reply."
}
# No socks.
} else {
if {$type != "join" && $type != "connect"} { set msg "\002NO SOCKS\002: not a socks host $host." }
}
# Send out warning messages.
if {![info exist msg]} { return 0 }
if {$type == "dcc"} {
putdcc [lindex $args 0] "$msg"
} elseif {$type == "msg"} {
putserv "NOTICE [lindex $args 0] :$msg"
} elseif {$type == "pub"} {
putserv "PRIVMSG [lindex $args 0] :$msg"
} elseif {$type == "connect" && $socklwall} {
putserv "LWALLOPS :$msg"
} elseif {$type == "join" && $socknotice} {
#Set max nicks at a time, and what amount up to, and list of nicks.
set numnicks 5; set oplist ""; set noticelist ""
foreach nick [chanlist [lindex $args 0]] {
# don't notice who's not op, the bot itself and other bots
if {([isop $nick [lindex $args 0]] && $nick != $botnick)} {
incr numnicks
# Add next op
lappend noticelist $nick
# List of nicks is full, output then go on to next set of nicks.
if {$numnicks == $maxnicks} {
# Add a comma between each nick for outputting.
regsub -all " " $noticelist "," noticelist
puthelp "NOTICE $noticelist :$msg ([lindex $args 1])"
# Reset settings back for next group of nicks
set numnicks 0; set noticelist ""
}
}
}
# Leftover nicks
if {$noticelist != ""} {
regsub -all " " $noticelist "," noticelist
putserv "NOTICE $noticelist :$msg ([lindex $args 1])"
}
}
}
putlog "\002Anti-Socks v$sockver TCL\002 by Cashflo <Cashflo@GalaxyNet.Org> Loaded. \".sockshelp\" For Assistance"
