LDP
/
LDP
mirror of https://github.com/tLDP/LDP
0
1
Fork 0
Code Releases Activity

new

This commit is contained in:
gferg 2005-06-05 14:40:27 +00:00
parent 95201486ee
commit fd62391fb4
5 changed files with 391 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
LDP/guide/docbook/abs-guide/agram2.sh Normal file
View File

@ -0,0 +1,46 @@
#!/bin/bash
# agram2.sh
# Example of nested command substitution.
# Uses "anagram" utility
#+ that is part of the author's "yawl" word list package.
# http://ibiblio.org/pub/Linux/libs/yawl-0.3.2.tar.gz
# http://personal.riverusers.com/~thegrendel/yawl-0.3.2.tar.gz
E_NOARGS=66
E_BADARG=67
MINLEN=7
if [ -z "$1" ]
then
echo "Usage $0 LETTERSET"
exit $E_NOARGS # Script needs a command-line argument.
elif [ ${#1} -lt $MINLEN ]
then
echo "Argument must have at least $MINLEN letters."
exit $E_BADARG
fi
FILTER='.......' # Must have at least 7 letters.
# 1234567
Anagrams=( $(echo $(anagram $1 | grep $FILTER) ) )
# | | nested command sub. | |
# ( array assignment )
echo
echo "${#Anagrams[*]} 7+ letter anagrams found"
echo
echo ${Anagrams[0]} # First anagram.
echo ${Anagrams[1]} # Second anagram.
# Etc.
# echo "${Anagrams[*]}" # To list all the anagrams in a single line . . .
# Look ahead to the "Arrays" chapter for enlightenment on
#+ what's going on here.
# See also the agram.sh script for an example of anagram finding.
exit $?

36
LDP/guide/docbook/abs-guide/pr-asc.sh Normal file
View File

@ -0,0 +1,36 @@
#!/bin/bash
# pr-ascii.sh: Prints a table of ASCII characters.
START=33 # Range of printable ASCII characters (decimal).
END=125
echo " Decimal Hex Character" # Header.
echo " ------- --- ---------"
for ((i=START; i<=END; i++))
do
echo $i | awk '{printf(" %3d %2x %c\n", $1, $1, $1)}'
# The Bash printf builtin will not work in this context:
# printf "%c" "$i"
done
exit 0
# Decimal Hex Character
# ------- --- ---------
# 33 21 !
# 34 22 "
# 35 23 #
# 36 24 $
#
# . . .
#
# 122 7a z
# 123 7b {
# 124 7c |
# 125 7d }
# Redirect the output of this script to a file
#+ or pipe it to "more": sh pr-asc.sh | more

19
LDP/guide/docbook/abs-guide/rot13a.sh Normal file
View File

@ -0,0 +1,19 @@
#!/bin/bash
# rot13a.sh: Same as "rot13.sh" script, but writes output to "secure" file.
# Usage: ./rot13a.sh filename
# or ./rot13a.sh &lt;filename
# or ./rot13a.sh and supply keyboard input (stdin)
umask 177 # File creation mask.
# Files created by this script
#+ will have 600 permissions.
OUTFILE=decrypted.txt # Results output to file "decrypted.txt"
#+ which can only be read/written
# by invoker of script (or root).
cat "$@" | tr 'a-zA-Z' 'n-za-mN-ZA-M' > $OUTFILE
# ^^ Input from stdin or a file. ^^^^^^^^^^ Output redirected to file.
exit 0

45
LDP/guide/docbook/abs-guide/spam-lookup.sh Normal file
View File

@ -0,0 +1,45 @@
#!/bin/bash
# spam-lookup.sh: Look up abuse contact to report a spammer.
# Thanks, Michael Zick.
# Check for command-line arg.
ARGCOUNT=1
E_WRONGARGS=65
if [ $# -ne "$ARGCOUNT" ]
then
echo "Usage: `basename $0` domain-name"
exit $E_WRONGARGS
fi
dig +short $1.contacts.abuse.net -c in -t txt
# Also try:
# dig +nssearch $1
# Tries to find "authoritative name servers" and display SOA records.
# The following also works:
# whois -h whois.abuse.net $1
# ^^ ^^^^^^^^^^^^^^^ Specify host.
# Can even lookup multiple spammers with this, i.e."
# whois -h whois.abuse.net $spamdomain1 $spamdomain2 . . .
# Exercise:
# --------
# Expand the functionality of this script
#+ so that it automatically e-mails a notification
#+ to the responsible ISP's contact address(es).
# Hint: use the "mail" command.
exit $?
# spam-lookup.sh chinatietong.com
# A known spam domain.
# "crnet_mgr@chinatietong.com"
# "crnet_tec@chinatietong.com"
# "postmaster@chinatietong.com"
# For a more elaborate version of this script,
#+ see the SpamViz home page, http://www.spamviz.net/index.html.

245
LDP/guide/docbook/abs-guide/whx.sh Normal file
View File

@ -0,0 +1,245 @@
#!/bin/bash
# whx.sh: "whois" spammer lookup
# Author: Walter Dnes
# Slight revisions (first section) by ABS Guide author.
# Used in ABS Guide with permission.
# Needs version 3.x or greater of Bash to run (because of =~ operator).
# Commented by script author and ABS Guide author.
E_BADARGS=65 # Missing command-line arg.
E_NOHOST=66 # Host not found.
E_TIMEOUT=67 # Host lookup timed out.
HOSTWAIT=10 # Specify up to 10 seconds for host query reply.
# The actual wait may be a bit longer.
OUTFILE=whois.txt # Output file.
PORT=4321
if [ -z "$1" ] # Check for (required) command-line arg.
then
echo "Usage: $0 domain name or IP address"
exit $E_BADARGS
fi
if [[ "$1" =~ "[a-zA-Z][a-zA-Z]$" ]] # Ends in two alpha chars?
then # It's a domain name && must do host lookup.
IPADDR=$(host -W $HOSTWAIT $1 | awk '{print $4}')
# Doing host lookup to get IP address.
# Extract final field.
else
IPADDR="$1" # Command-line arg was IP address.
fi
if [ -e "$OUTFILE" ]
then
rm -f "$OUTFILE"
echo "Stale output file \"$OUTFILE\" removed."; echo
fi
# Sanity checks.
# ==============
if [[ "$IPADDR" =~ "^[;;]" ]]
# ;; connection timed out; no servers could be reached
then
echo "Host lookup timed out!"
exit $E_TIMEOUT # Bail out.
fi
if [[ "$IPADDR" =~ "[(NXDOMAIN)]$" ]]
# Host xxxxxxxxx.xxx not found: 3(NXDOMAIN)
then
echo "Host not found!"
exit $E_NOHOST # Bail out.
fi
if [[ "$IPADDR" =~ "[(SERVFAIL)]$" ]]
# Host xxxxxxxxx.xxx not found: 2(SERVFAIL)
then
echo "Host not found!"
exit $E_NOHOST # Bail out.
fi
# ==============
# ========== Main body of script ==========
AFRINICquery() {
# Define the function that queries AFRINIC. Echo a notification to the
#+ screen, and then run the actual query, redirecting output to $OUTFILE.
echo "Searching for $IPADDR in whois.afrinic.net"
whois -h whois.afrinic.net "$IPADDR" > $OUTFILE
# Check for presence of reference to an rwhois.
# Warn about non-functional rwhois.infosat.net server
#+ and attempt rwhois query.
if grep -e "^remarks: .*rwhois\.[^ ]\+" "$OUTFILE"
then
echo " " >> $OUTFILE
echo "***" >> $OUTFILE
echo "***" >> $OUTFILE
echo "Warning: rwhois.infosat.net was not working as of 2005/02/02" >> $OUTFILE
echo " when this script was written." >> $OUTFILE
echo "***" >> $OUTFILE
echo "***" >> $OUTFILE
echo " " >> $OUTFILE
RWHOIS=`grep "^remarks: .*rwhois\.[^ ]\+" "$OUTFILE" | tail -n 1 |\
sed "s/\(^.*\)\(rwhois\..*\)\(:4.*\)/\2/"`
whois -h ${RWHOIS}:${PORT} "$IPADDR" >> $OUTFILE
fi
}
APNICquery() {
echo "Searching for $IPADDR in whois.apnic.net"
whois -h whois.apnic.net "$IPADDR" > $OUTFILE
# Just about every country has its own internet registrar.
# I don't normally bother consulting them, because the regional registry
#+ usually supplies sufficient information.
# There are a few exceptions, where the regional registry simply
#+ refers to the national registry for direct data.
# These are Japan and South Korea in APNIC, and Brasil in LACNIC.
# The following if statement checks $OUTFILE (whois.txt) for the presence
#+ of "KR" (South Korea) or "JP" (Japan) in the country field.
# If either is found, the query is re-run against the appropriate
#+ national registry.
if grep -E "^country:[ ]+KR$" "$OUTFILE"
then
echo "Searching for $IPADDR in whois.krnic.net"
whois -h whois.krnic.net "$IPADDR" >> $OUTFILE
elif grep -E "^country:[ ]+JP$" "$OUTFILE"
then
echo "Searching for $IPADDR in whois.nic.ad.jp"
whois -h whois.nic.ad.jp "$IPADDR"/e >> $OUTFILE
fi
}
ARINquery() {
echo "Searching for $IPADDR in whois.arin.net"
whois -h whois.arin.net "$IPADDR" > $OUTFILE
# Several large internet providers listed by ARIN have their own
#+ internal whois service, referred to as "rwhois".
# A large block of IP addresses is listed with the provider
#+ under the ARIN registry.
# To get the IP addresses of 2nd-level ISPs or other large customers,
#+ one has to refer to the rwhois server on port 4321.
# I originally started with a bunch of "if" statements checking for
#+ the larger providers.
# This approach is unwieldy, and there's always another rwhois server
#+ that I didn't know about.
# A more elegant approach is to check $OUTFILE for a reference
#+ to a whois server, parse that server name out of the comment section,
#+ and re-run the query against the appropriate rwhois server.
# The parsing looks a bit ugly, with a long continued line inside
#+ backticks.
# But it only has to be done once, and will work as new servers are added.
#@ ABS Guide author comment: it isn't all that ugly, and is, in fact,
#@+ an instructive use of Regular Expressions.
if grep -E "^Comment: .*rwhois.[^ ]+" "$OUTFILE"
then
RWHOIS=`grep -e "^Comment:.*rwhois\.[^ ]\+" "$OUTFILE" | tail -n 1 |\
sed "s/^\(.*\)\(rwhois\.[^ ]\+\)\(.*$\)/\2/"`
echo "Searching for $IPADDR in ${RWHOIS}"
whois -h ${RWHOIS}:${PORT} "$IPADDR" >> $OUTFILE
fi
}
LACNICquery() {
echo "Searching for $IPADDR in whois.lacnic.net"
whois -h whois.lacnic.net "$IPADDR" > $OUTFILE
# The following if statement checks $OUTFILE (whois.txt) for the presence of
#+ "BR" (Brasil) in the country field.
# If it is found, the query is re-run against whois.registro.br.
if grep -E "^country:[ ]+BR$" "$OUTFILE"
then
echo "Searching for $IPADDR in whois.registro.br"
whois -h whois.registro.br "$IPADDR" >> $OUTFILE
fi
}
RIPEquery() {
echo "Searching for $IPADDR in whois.ripe.net"
whois -h whois.ripe.net "$IPADDR" > $OUTFILE
}
# Initialize a few variables.
# * slash8 is the most significant octet
# * slash16 consists of the two most significant octets
# * octet2 is the second most significant octet
slash8=`echo $IPADDR | cut -d. -f 1`
slash16=`echo $IPADDR | cut -d. -f 1-2`
octet2=`echo $slash16 | cut -d. -f 2`
# Check for various odds and ends of reserved space.
# There is no point in querying for those addresses.
if [ $slash8 == 0 ]; then
echo $IPADDR is '"This Network"' space\; Not querying
elif [ $slash8 == 10 ]; then
echo $IPADDR is RFC1918 space\; Not querying
elif [ $slash8 == 14 ]; then
echo $IPADDR is '"Public Data Network"' space\; Not querying
elif [ $slash8 == 127 ]; then
echo $IPADDR is loopback space\; Not querying
elif [ $slash16 == 169.254 ]; then
echo $IPADDR is link-local space\; Not querying
elif [ $slash8 == 172 ] && [ $octet2 -ge 16 ] && [ $octet2 -le 31 ];then
echo $IPADDR is RFC1918 space\; Not querying
elif [ $slash16 == 192.168 ]; then
echo $IPADDR is RFC1918 space\; Not querying
elif [ $slash8 -ge 224 ]; then
echo $IPADDR is either Multicast or reserved space\; Not querying
elif [ $slash8 -ge 200 ] && [ $slash8 -le 201 ]; then LACNICquery "$IPADDR"
elif [ $slash8 -ge 202 ] && [ $slash8 -le 203 ]; then APNICquery "$IPADDR"
elif [ $slash8 -ge 210 ] && [ $slash8 -le 211 ]; then APNICquery "$IPADDR"
elif [ $slash8 -ge 218 ] && [ $slash8 -le 223 ]; then APNICquery "$IPADDR"
# If we got this far without making a decision, query ARIN.
# If a reference is found in $OUTFILE to APNIC, AFRINIC, LACNIC, or RIPE,
#+ query the appropriate whois server.
else
ARINquery "$IPADDR"
if grep "whois.afrinic.net" "$OUTFILE"; then
AFRINICquery "$IPADDR"
elif grep -E "^OrgID:[ ]+RIPE$" "$OUTFILE"; then
RIPEquery "$IPADDR"
elif grep -E "^OrgID:[ ]+APNIC$" "$OUTFILE"; then
APNICquery "$IPADDR"
elif grep -E "^OrgID:[ ]+LACNIC$" "$OUTFILE"; then
LACNICquery "$IPADDR"
fi
fi
#@ ---------------------------------------------------------------
# Try also:
# wget http://logi.cc/nw/whois.php3?ACTION=doQuery&amp;DOMAIN=$IPADDR
#@ ---------------------------------------------------------------
# We've now finished the querying.
# Echo a copy of the final result to the screen.
cat $OUTFILE
# Or "less $OUTFILE" . . .
exit 0
#@ ABS Guide author comments:
#@ Nothing fancy here, but still a very useful tool for hunting spammers.
#@ Sure, the script can be cleaned up a bit (exercise for reader),
#@+ but still, it's a nice piece of coding by Walter Dnes.