This is the new home of the egghelp.org community forum.
All data has been migrated (including user logins/passwords) to a new phpBB version.


For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.

scan ip from a proxy scanner site

Requests for complete scripts or modifications/fixes for scripts you didn't write. Response not guaranteed, and no thread bumping!
User avatar
CrazyCat
Revered One
Posts: 1216
Joined: Sun Jan 13, 2002 8:00 pm
Location: France
Contact:

Post by CrazyCat »

Check https://tools.eggdrop.fr/privatebin/?40 ... 5DxPazBmet

I've added wlcountries variable, which is a list of countries code (I put NP for Nepal and FR for France, you can add more), modified the http query to add the countryCode in the answer and added a check to bypass the iplog proc if the IP come from one of the white-listed countries.
User avatar
TimeRider
Voice
Posts: 28
Joined: Tue Jul 07, 2020 3:46 pm
Contact:

Post by TimeRider »

Thank you CrazyCat! The script is working as expected. :)
User avatar
TimeRider
Voice
Posts: 28
Joined: Tue Jul 07, 2020 3:46 pm
Contact:

Post by TimeRider »

Hello CrazyCat,

I am bumping this thread because I want to make 2 Anti-VPN TCL script work as it will be helpful to ban the connection one VPN scanner can't detect and the limit of scanning will be increased from 2 Anti-VPN TCL scripts.

The one you already made works well, https://tools.eggdrop.fr/privatebin/?40 ... 5DxPazBmet

What I want now is a new same TCL script where I would use a different bind like !antiproxy or .antiproxy And it will scan the IPs from proxycheck.io with the API key But will also add exception scans or will not scan IPs of the country Nepal (NP).

Thank you!
User avatar
TimeRider
Voice
Posts: 28
Joined: Tue Jul 07, 2020 3:46 pm
Contact:

Post by TimeRider »

CrazyCat wrote:Not tested (the write/read file come from another of my scripts):

Code: Select all

package require http

namespace eval pchecker {

	# proxycheck.io api key
	variable pckey "xxxxxx-xxxxxx-xxxxxx-xxxxxxxx"

	# gzline message
	variable gmsg "Sorry, VPN are not allowed"

	# List of IP not checked
	variable whitelist {}

	# List of blacklisted IP
	variable blacklist {}
	
	variable pcheckerwl "scripts/pcheckerwl.txt"

	# To enable on a chan, think to do
	# .chanset #chan +scanip
	setudef flag scanip

	bind join - * ::pchecker::whois
	bind raw - 378 ::pchecker::ipcheck
	bind pub - !add ::pchecker::ipadd
	bind pub - !rem ::pchecker::iprem

	proc whois {nick uhost handle chan} {
		if {![channel get $chan scanip]} { return }
		if {[isbotnick $nick]} { return }
		putquick "WHOIS $nick"
	}

	proc ipadd {nick uhost handle chan text} {
		if {[lsearch $::pchecker::whitelist $text] == -1} {
			lappend ::pchecker::whitelist $text
		}
		::pchecker::l2file $::pchecker::whitelist $::pchecker::pcheckerwl
	}
	
	proc iprem {nick uhost handle chan text} {
		set n [lsearch $::pchecker::whitelist $text]
		if {$n != -1} {
			set ::pchecker::whitelist [lreplace $::pchecker::whitelist $n $n]
			::pchecker::l2file $::pchecker::whitelist $::pchecker::pcheckerwl
		}
	}
	
	proc ipcheck {frm key text} {
		set ip [lindex [split $text " "] end]
		foreach w $::pchecker::whitelist {
			if {[string match $w $text]} { return }
		}
		foreach b $::pchecker::blacklist {
			if {[string match $w $text]} {
				putquick "GLINE *@$ip +7d :$::pchecker::gmsg"
				return
			}
		}
		::pchecker::isvpn $ip
	}

	proc json2dict {JSONtext} {
		string range [string trim [string trimleft [string map {\t {} \n {} \r {} , { } : { } \[ \{ \] \}} $JSONtext] {\uFEFF}]] 1 end-1
	}

	proc isvpn {ip} {
		::http::config -useragent "lynx"
		set pcheck [::http::geturl http://api.isproxyip.com/v1/check.php?key=$::pchecker::pckey&ip=${ip}&format=json]
		set data [json2dict [::http::data $pcheck]]
		if {[dict get $data status] eq "success"} {
			set proxy [dict get $data proxy]
			if {$proxy == 1 } {
				lappend $::pchecker::blacklist $ip
				putquick "GLINE *@$ip +7d :$::pchecker::gmsg"
			}
		}
		::http::cleanup $pcheck
	}

	proc l2file {olist dfile} {
		set fo [open $dfile w]
		puts $fo [join $olist "\n"]
		close $fo
	}
	
	proc f2list {dfile} {
		set fi [open $dfile r]
		set olist [split [read -nonewline $fi] "\n"]
		close $fi
		return $olist
	}
	
	set ::pchecker::whitelist [::pchecker::f2list $::pchecker::pcheckerwl]
	
}
CrazyCat, this script is generating an error now: Tcl error [::pchecker::ipcheck]: Illegal characters in URL path

Could you please fix it?
User avatar
FmX
Voice
Posts: 30
Joined: Wed Dec 06, 2006 12:42 pm

Re: scan ip from a proxy scanner site

Post by FmX »

Bringing up a bit of an old topic. I tried this script but I get the following error:
Tcl error [::pchecker::ipcheck]: Illegal characters in URL path

Client connection is this way:
[09:40:42] Connect: (Chat@1005633945813123113.discord.com) [53.92.95.41] [vhost: 3D6263FF.C15E8851.D7BC4C45.IP] [secure] [country: DE] [reputation: 0] [security-groups: unknown-users,webirc-users]
Connect: (webirc@62-73-100-175.ip.btc-net.bg) [62.73.100.175] [vhost: 306D8AA.C305ADBD.62D3FB63.IP] [class: clients] [secure: TLSv1.3-TLS_CHACHA20_POLY1305_SHA256] [country: BG] [reputation: 5] [security-groups: unknown-users,webirc-users,tls-and-known-users,tls-users]

Maybe the script need to read IPs from brackets [] ?
This is UnrealIRCD.
User avatar
CrazyCat
Revered One
Posts: 1216
Joined: Sun Jan 13, 2002 8:00 pm
Location: France
Contact:

Re: scan ip from a proxy scanner site

Post by CrazyCat »

Just before the line
::http::config -useragent "lynx"
add
putlog "Checking: $ip"
User avatar
FmX
Voice
Posts: 30
Joined: Wed Dec 06, 2006 12:42 pm

Re: scan ip from a proxy scanner site

Post by FmX »

Still gives error:
[11:06:22] <ATAS> [09:06:21] Tcl error [::pchecker::ipcheck]: Illegal characters in URL path
[11:06:22] <ATAS> [09:06:21] -NOTICE- connect.LOCAL_CLIENT_CONNECT [info] Client connecting: obssesedwithme (Chat@1143552215554986125.discord.com) [53.98.128.141] [vhost: Portal-F5EDA4FF.discord.com] [class: clients] [country: DE] [reputation: 0] [security-groups: unknown-users,webirc-users]
[11:06:22] <ATAS> [09:06:21] Checking: 53.98.128.141
[11:06:22] <ATAS> [09:06:21] Tcl error [::pchecker::ipcheck]: Illegal characters in URL path
[11:06:22] <ATAS> [09:06:21] -NOTICE- connect.REMOTE_CLIENT_CONNECT [info] Client connecting: obssesedwithme (Chat@1143552215554986125.discord.com) [53.98.128.141] [vhost: 90A44659.6F5C8A2F.4EB8A045.IP] [secure] [country: DE] [reputation: 0] [security-groups: unknown-users,webirc-users]
User avatar
FmX
Voice
Posts: 30
Joined: Wed Dec 06, 2006 12:42 pm

Re: scan ip from a proxy scanner site

Post by FmX »

My bad, there is space in api key that i missed. Everything wokrs fine. Thank you :)

and 1 latest request. Can you make to not scanning IPs start with 53.*
User avatar
CrazyCat
Revered One
Posts: 1216
Joined: Sun Jan 13, 2002 8:00 pm
Location: France
Contact:

Re: scan ip from a proxy scanner site

Post by CrazyCat »

FmX wrote: Tue Jan 30, 2024 5:18 am and 1 latest request. Can you make to not scanning IPs start with 53.*
Just replace:
   ::pchecker::isvpn $ip
}
With:
   if {[string first "53." $ip]==0} { return }
   ::pchecker::isvpn $ip
}
User avatar
FmX
Voice
Posts: 30
Joined: Wed Dec 06, 2006 12:42 pm

Re: scan ip from a proxy scanner site

Post by FmX »

Everything is fine now. Thanks mate. I have 1 more request but i will try alone to figure out how to achieve it. After Gline i want to report in certain channel nick and IP who was glined. now i will try to do it myself
User avatar
FmX
Voice
Posts: 30
Joined: Wed Dec 06, 2006 12:42 pm

Re: scan ip from a proxy scanner site

Post by FmX »

 ::pchecker::isvpn $ip $unick
proc isvpn {ip unick} 
putquick "PRIVMSG #test33 :$unick *@$ip +7d :$::pchecker::gmsg"
is that good CrazyCat ?
User avatar
CrazyCat
Revered One
Posts: 1216
Joined: Sun Jan 13, 2002 8:00 pm
Location: France
Contact:

Re: scan ip from a proxy scanner site

Post by CrazyCat »

What is $unick ? How do you get it ?
User avatar
FmX
Voice
Posts: 30
Joined: Wed Dec 06, 2006 12:42 pm

Re: scan ip from a proxy scanner site

Post by FmX »

proc ipcheck {frm key text} {
		if {[string match *!*@* $frm] || ![string match -nocase "*client connecting*" $text]} { return }
		regexp {:\ ([^ ]+)\s\(([^@]+)@([^\)])+\)\s\[([^\]]+)} $text - unick ident host ip 
User avatar
CrazyCat
Revered One
Posts: 1216
Joined: Sun Jan 13, 2002 8:00 pm
Location: France
Contact:

Re: scan ip from a proxy scanner site

Post by CrazyCat »

So it may work.

Why don't you try and just ask when you have an error ?
Post Reply