| View previous topic :: View next topic |
| Author |
Message |
ko-pach
Voice
Joined: 09 Aug 2006
Posts: 4
|
 Posted: Wed Aug 09, 2006 10:06 am Post subject: Anti-Socks v1.1 TCL need hack |
 |
|
I found a cool script checking users on-join for open proxyes, socks 4 & 5.
I't work fine, but only one port is used for checking.
Can somebody make a variables port to check.
For example: host:port 1;2;3 ... (87.252.161.42:8080 .. 87.252.161.42:1080 .. etc)
Sorry for my bad english, and thanks advanced
| Code: |
############################ Anti-Socks v1.1 #############################
# by Cashflo #
# Cashflo@GalaxyNet.Org #
# http://www.galaxynet.org/ircops/cashflo.html #
# Final Beta tested on Eggdrop1.3.23/26 w/ tcl8.0/1 #
# Copyright (c) 1999 Cashflo All Rights Reserved. #
##########################################################################
# The first real anti socks/wingate scanner out there for tcl, connects #
#per RFC and see's if server responds with no authorization required. No#
#scanning Telnet ports which could be a possible security threat, or just#
#seeing if 1080 is open which could be a nukenapper. Actually tries to #
# connect as a sock client to the server, and sees if a no authorization #
#needed responce is returned. Works for both socks4 and socks5. Script #
# is capable of checking for socks, via dcc, msg, pub, by any user & a #
#option to allow any IrcOp to be able to scan via msg & pub, as well as a#
# option to have the bot scan scan server connections as a local IrcOp #
# connection monitor and be able to k-line and or local wallop on socks. #
#Script can Ban/onotice/log/lwallop on cooresponding automatic Triggers. #
##########################################################################
# Any problems or suggestions please contact me on irc or e-mail. #
# Same goes for if you want to edit this script or use parts of it. #
##########################################################################
# GalaxyNet Eggdrop's also check out glxauth*.tcl.gz avaliable on sodre. #
# Script has been edited to support galaxynet auth if it is loaded, but #
# make sure in config source line for glxauth comes before anti-socks. #
##########################################################################
# Special Thanks to: Andyh, Fwibbly & of course Gawyn (as always) #
# For helping me w/ rfc1928 and such. #
##########################################################################
# This script Requires, tcl8.0+ and if you don't edit main.c yourself #
# you need eggdrop1.3.23+, reason for this is because Tcl_DoOneEvent was #
# put in main.c on 1.3.23, if running a earlier version you are going to #
# have to compile it yourself by searching main.c for the following line #
#"debug0("main: entering loop");", below that line is the main while loop#
#inside the while loop add the following "Tcl_DoOneEvent(TCL_DONT_WAIT);"#
# After saving those changes to main.c, remake/compile the bot, and then #
# go to line 260 about in this script and remove scanning for 1.3.23+ #
#And also make sure to compile in bind raw if pre 1.3.* via src/eggdrop.h#
#line 86 "#define bind raw" in 1.1.5, not sure if will elimiate all probs#
# Bottom line, I recommend and its easier if you upgrade to 1.3.* #
# but in any case you are going to need tcl 8.0 or greater!!! #
##########################################################################
# .socks <host/nick> - manually check socks via dcc. #
# /msg bot socks <host/nick> - manually check for socks via msg. #
# !socks <host/nick> - Manually check for socks via channel. #
# .sockshelp [command] - List of commands w/ syntax, or info on [command]#
# .sockset <command> - Changes setting temp on <command>. #
# .showsocks [all/last #n/search phrase] - Scans socks log based on arg. #
# .viewset [setting] - shows you all values or a specific settings value.#
##########################################################################
# Important to GalaxyNet Users!! if you are running GlxAuth 2.2 or less, #
# make sure this script is loaded in config AFTER glxauth is loaded. #
##########################################################################
# If you are running this as a IrcOp'ed Connection Monitor, please make #
# Sure your bot is secure, ie. remove .tcl and any scripts that you are #
# not 100% sure are secured, and won't let anyone send raw data to server#
# Also watch who you let into bot, and limit access and amount of users #
# on the bot. I will not be held liable for anything, including but not #
# limited to problems resulting from badly configured oper'ed bots. #
##########################################################################
# Don't forget to check for updates, either on ftp's or on GalaxyNet IRC #
# network /ctcp glxauth cdcc list This is latest as of 4/23/99 #
##########################################################################
# This Script Does the Following:
# 01) Scans for socks on:
# A) Join.
# B) Connections.
# C) Dcc via .socks <host/nick>.
# D) Msg via /msg bot socks <host/nick>.
# E) Pub via !socks <host/nick>.
# 02) On Open Socks:
# A) Bans if on join.
# B) Can k-line if connect.
# C) Can lwallop if connect.
# D) Can log to file.
# E) Can ONOTICE if on join.
# F) Report back to you open socks.
# 03) Exempt:
# A) Can exempt channels from on join checking.
# B) Can exempt hosts from on join and connect checking.
# C) Can exempt flags from on join checking and on connect checking.
# 04) Connection Times Out After 15seconds.
# 05) Connection is asyncrous which means bot is not blocked while waiting for reply.
# 06) Bot tries to /oper if $onick/$opass/$sockconnect are all set.
# 07) Checks to make sure proper version of eggdrop and tcl is being run.
# 08) Help via .sockshelp:
# A) .sockshelp.
# B) .sockshelp socks.
# C) .sockshelp showsocks.
# D) .sockshelp sockshelp.
# 09) Show list of open socks that where logged.
# 10) Change settings via .sockset:
# A) Socks scan on join.
# B) Exempt channels fron on join scanning.
# C) Time to ban someone on join socks.
# D) Hosts exempt from on join and on connect scanning.
# E) Flags exempt from on join scanning.
# F) Turn on or off or change file that socks are logged to.
# G) Allow anyone umode +O (IrcOp) to scan for socks.
# H) Turn on or off socks checking on connect.
# I) Turn on or off lwalloping on open socks on connect.
# J) Turn on or off auto k-line of open socks on connect.
# K) Change bots o-line Nick.
# L) Change bots o-line Pass.
# M) Turn on or off onoticing on open socks on join.
# 11) View settings via .viewset [setting].
# 12) Delete sockslog via .delsocks.
# ---v1.1---
# 13) Option to send out onotice (notice to ops) when a wingate on join.
# 14) Fixed socks 4 scanning, before was just seeing if it was a socks4 now see's if its
#opened via another connection attempt.
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! #
# !!!!!!!!!!!!!!!!!!!!!!!!----- SET THE FOLLOWING SETTINGS -----!!!!!!!!!!!!!!!!!!!!!! #
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! #
# --- On Join Stuff ---
# Check socks on join, not including exempt channels (0 Off/ 1 On)
set sockjoin 1
# Channels to exempt from sock scanning on join. (if sockjoin is on)
set sockchans { "#sock_exempt_chan1" "#sock_exempt_chan2" }
# time to ban hosts for on open socks. (in minutes).
set bantime 60
# Send out a ONotice (Notice to ops) on a oepn sock on join? (0 Off/ 1 On).
set socknotice 0
# --- Exempt Stuff ---
# Hosts (NOT USERS@HOST) to be exempt from sock scanning on join and or on client connetions.
set sockhosts {
}
# Flags that are exempt from scanning on join and on connect by matching a handle
#against the host and seeing if it contains ANY of these flags.
set sockflags "f o m n"
# --- End Exempt Stuff ---
# File to log open socks to, set to "" for no logging.
set socklog "socks.log"
# Allow any IrcOp to /msg bot socks <host/nick> and check it for them (0 Off/ 1 On)
set sockoper 1
# --- Oper Bot Connection Monitor... (Below requires bot to have a o line) ---
# Sock Check connection notices (0 Off/ 1 On) (Requires bot to have o line)
set sockconnect 0
# Local wallop on open socks (0 Off/ 1 On) ( Requires bot to have a local o line & $sockconnect = 1)
set socklwall 0
# Auto k-line open sock hosts (0 Off / 1 On) (Requires bot to have a local o line & $sockconnect = 1)
set akline 0
# Oline nickname (leave set to "" if no o-line) (Make sure to add in ircd.conf onick & opass w/ proper host)
set onick ""
# o-line password (leave set to "" if no o-line)
set opass ""
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! #
# !!!!!!!!!!!!!!!!!!!!!!----- DO NOT EDIT BELOW HERE-----!!!!!!!!!!!!!!!!!!!!!!!! #
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! #
# Make sure no vars got deleted.
if {![info exists sockjoin]} { set sockjoin 1 }; if {![info exists sockchans]} { set sockchans "" }
if {![info exists bantime]} { set bantime 60 }; if {![info exists sockhost]} { set sockhost "" }
if {![info exists sockflags]} { set sockflags "f o m n" }; if {![info exists socklog]} { set socklog "socks.log" }
if {![info exists sockoper]} { set sockoper 1 }; if {![info exists sockconnect]} { set sockconnect 0 }
if {![info exists socklwall]} { set socklwall 0 }; if {![info exists akline]} { set akline 0 }
if {![info exists onick]} { set onick "" }; if {![info exists opass]} { set opass "" }
if {![info exists socknotice]} { set socknotice0 }; set isircop 0
if {[info exists timeout]} { unset timeout }; if {[info exists ohost]} { unset ohost }
if {[info exists nthing]} { unset nthing }
# Version info
set sockver "1.1"
# Very basic encryption.
if {$opass != ""} { set opass [encrypt $sockver $opass] }
# Help arrays
set sockshelp(socks) [list "o/oper" ".socks <host/nick> | /msg $botnick socks <host/nick> | !socks <host/nick>" "Manually scans <host/nick> for open socks. Or if \$opersock is set on, will let any IrcOp check for open socks"]
set sockshelp(showsocks) [list "o" ".showsocks \[all/last #/search phrase\]" "Outputs data from log file based on options, if no option is given shows all:
[format %-18s ".showsocks \[n\]"] - Last n open socks recorded.
[format %-18s ".showsocks all"] - Shows all entries from socks log.
[format %-18s ".showsocks \[phrase\]"] - Scans log for entries containing phrase"]
set sockshelp(sockshelp) [list "all" ".sockshelp \[command\]" "Shows syntax of all comamnds if no \[command\] is specified, otherwise shows detailed help on command"]
set sockshelp(viewset) [list "o" ".viewset \[setting\]" "View all or a specifc settings value"]
set sockshelp(delsocks) [list "m" ".delsocks" "Clear the sockslog file"]
set sockshelp(sockset) [list "m" ".sockset <setting> \[new setting\]" "Change settings or of no newset show current setting:
[format %-21s \026\[command\]\026] \026Info\026
[format %-20s "akline <0/1>"] Turn on or off auto k-line of open socks on connect.
[format %-20s "bantime \[time\]"] Time to ban someone on join socks
if no time is specified then banning is disabled.
if bantime is 0 then bans become perm.
[format %-20s "onick <o nick>"] Change bots o-line Nick.
[format %-20s "opass <o pass>"] Change bots o-line Pass.
[format %-20s "+sockchan <#channel>"] Add a chan to exempts on join scanning.
[format %-20s "-sockchan <#channel>"] Delete a channel from exempt of join scanning.
[format %-20s "sockconnect <0/1>"] Turn on or off socks checking on connect.
[format %-20s "+sockhost <host>"] Adds a Host to exempt from on join and on connect scanning.
[format %-20s "-sockhost <host>"] Deletes a exempt host from on join and connect scanning.
[format %-20s "+sockflag <flag>"] Adds a flags to exempt flags from on join scanning.
[format %-20s "-sockflag <flag>"] Deletes a exempt flag.
[format %-20s "sockjoin <0/1>"] Socks scan on join.
[format %-20s "socklog \[file\]"] Change file that socks are logged to, if no file specifed then shuts it off.
[format %-20s "socklwall <0/1>"] Turn on or off lwalloping on open socks on connect.
[format %-20s "socknotice <0/1>"] Turn on or off sending out a notice to all ops on channel on a on join open socks.
[format %-20s "sockoper <0/1>"] Allow anyone umode +O (IrcOp) to scan for socks"]
# See if person can handle script.
if {![info exists numversion] || ($numversion < 1032300)} {
if {[string range $version 0 2] != "1.3"} {
putlog "*** Can't load anti-socks -- At least Eggdrop v1.3.23 required"
return 0
}
}
if {(![info exists tcl_version] || $tcl_version < 8.0)} {
putlog "*** Can't load anti-socks -- Need at least tcl 8.0"
return 0
}
# Set settings needed if user is set to check socks on connection msgs.
if {$sockconnect} {
if {[info exists gaccess]} { catch {unbind raw - notice raw_notice} } ;# Support for GalaxyNet Auth.
bind raw - NOTICE raw_connect
if {($onick != "" && $opass != "")} {
set init-server { sock-init }
}
}
# Listening port stuff for a socks4 connection request....
if {[info exists v4sock]} { catch {close $v4sock}; unset v4sock }; # Delete/close previous sock server
proc getconnect {sock addr port} { catch {close $sock} }; # Proc for a incoming sock4 check.
set v4port "2[rand 9][rand 9][rand 9]"; # set the incoming port to a random port between 2000-2999
# Setup a incoming server socket for sock4 scanning, if port is unavaliable try another.
set x 0
while {$x == 0} { if {![catch {set v4sock [socket -server getconnect $v4port]}]} { set x 1 } }
# Now a IrcOp.
bind raw - 381 raw_nowop
proc raw_nowop {from keyword arg} {
global akline botnick isircop server socklwall sockver version
if {[lindex $arg 0] == $botnick} {
set isircop 1
set end ""
if {$socklwall} { set end [append end ". Local Wallops sent on open socks"] }
if {$akline} { set end [append end ". Auto K-line set on open socks"] }
set cmsg "\026Anti-Socks Connection Monitor v$sockver\026 on Eggdrop[lindex $version 0] by Cashflo <Cashflo@GalaxyNet.org> Is running on $server$end."
putserv "LWALLOPS :$cmsg"
}
}
proc sock-init {} {
global akline botnick gaccess onick opass server sockconnect socklwall sockver version
if {$sockconnect} {
# See if bot is a oper."
putserv "whois $botnick"
# Oper bot
putserv "oper $onick [decrypt $sockver $opass]"
# Support for GalaxyNet Auth.
if {[info exists gaccess]} {
catch {init-server}
}
}
}
# Join Checking Proc.
if {$sockjoin} {bind join - * join_sock}
proc join_sock {nick userhost handle channel} {
global sockchans sockflags sockhosts
# Exempt channel
if {[lsearch -glob $sockchans $channel] != -1} { return 0 }
set host [lindex [split $userhost @] 1]
# Exempt hosts
foreach pattern $sockhosts {
if {[string match $pattern $host]} { return 1 }
}
# Exempt flag
foreach exflag $sockflags {
if {[matchattr $handle $exflag]} { return 0 }
}
wingate $host join $channel $nick
}
# --- DCC Procs ---
# Dcc Help
bind dcc - sockshelp dcc_sockshelp
bind dcc - sockhelp dcc_sockshelp
proc dcc_sockshelp {hand idx arg} {
global sockshelp sockver version
set arg [lindex $arg 0]
putdcc $idx "---- \026Anti-Socks v$sockver on eggdrop[lindex $version 0]\026 ----"
set list "delsocks socks sockshelp sockset showsocks viewset"
if {$arg == ""} {
foreach command $list {
putdcc $idx "[lindex $sockshelp($command) 1]"
}
putdcc $idx " "
putdcc $idx "\026\002.sockshelp <command> for more info.\002\026"
} else {
if {[string index $arg 0] == "."} {
set arg [lindex [split $arg .] 1]
}
set arg [string tolower $arg]
if {[catch {set test $sockshelp($arg)}]} {
putdcc $idx "$arg is not a valid command, .sockhelp for list of commands."
return 1
}
putdcc $idx "\002Command\002: $arg"
putdcc $idx "\002Flag\002: [lindex $sockshelp($arg) 0]"
putdcc $idx "\002Syntax\002: [lindex $sockshelp($arg) 1]"
putdcc $idx "\002Summary\002: [lindex $sockshelp($arg) 2]."
}
return 1
}
# Dcc command to show list of takeovers from logfile.
bind dcc o showsocks dcc_showsocks
proc dcc_showsocks {hand idx arg} {
global socklog
if {$socklog != ""} {
# See if user specified a number of socks to show from last
if {($arg != "" && $arg != "all")} {
# See if they entered .showsocks #1, instead of .showsocks 1, if so weed out the leading #.
if {[string index $arg 0] == "#" && [regexp "^\[0-9\]+$" [string range $arg 1 end]]} {
set arg [string range $arg 1 end]
}
# If they entered a number, show last $arg socks recorded.
if {[regexp "^\[0-9\]+$" $arg]} {
set tail ""
putdcc $idx "Last $arg socks recorded."
catch {set tail [exec tail -n $arg $socklog]}
putdcc $idx "$tail"
} else {
# Scan logfile for the string
putdcc $idx "Scaning Open Socks Log for $arg."
set grep ""
catch {set grep [exec grep $arg $socklog]}
if {$grep != ""} {
putdcc $idx "$grep"
} else {
putdcc $idx "$arg was not located in socks log. Use \".sockshelp showsocks\" for assistance."
}
}
} else {
# If you did'nt enter any arg or was all, spit out the full socks log
putdcc $idx "You did'nt specify the last # of open socks, showing all."
set fd [open $socklog]
set count -1
while {![eof $fd]} {
putdcc $idx [gets $fd]
set count [expr $count + 1]
}
close $fd
}
if {[info exists count]} {
putdcc $idx "$count entries in sock log $socklog."
}
} else {
putdcc $idx "Log file does not exist."
}
return 1
}
# Dcc command to clear the socks logfile.
bind dcc m delsocks dcc_delsocks
proc dcc_delsocks {hand idx arg} {
global socklog
if {[file exists $socklog]} {
set x [open $socklog w]
catch {close $x}
putdcc $idx "Deleted the open socks logfile."
} else {
putdcc $idx "Socks log does not exist."
}
return 1
}
# Dcc to temp change settings till a rehash.
bind dcc m sockset dcc_sockset
proc dcc_sockset {hand idx arg} {
global akline bantime onick opass sockjoin sockchans sockconnect sockflags sockhosts socklwall socklog socknotice sockoper
set list "akline bantime onick opass sockconnect sockjoin socklog socklwall socknotice sockoper +sockchan -sockchan +sockflag -sockflag +sockhost -sockhost"
global botnick gaccess isircop sockver version
putdcc $idx "\026Setting for Anti-Socks v$sockver on eggdrop[lindex $version 0].\026"
if {$arg != ""} {
set arg [string tolower $arg]
set setting [lindex $arg 0]
set newset [lrange $arg 1 end]
if {[lsearch -exact [string tolower $list] ${setting}] != -1} {
# Can't have -'s in switch statement.....
if {(${setting} == "-sockchan" || ${setting} == "-sockflag" || ${setting} == "-sockhost")} {
if {$setting == "-sockchan"} {
if {$newset != ""} {
if {[lsearch -exact [string tolower $sockchans] $newset] != -1} {
for {set loopvar 0} {$loopvar < [llength $sockchans]} {incr loopvar} {
if {$newset == [string tolower [lindex $sockchans $loopvar]]} {
set sockchans [lreplace $sockchans $loopvar $loopvar]
}
}
putdcc $idx "Removed $newset from list of exempt channels."
} else {
putdcc $idx "$newset is not a exempt channel, can not remove it."
}
} else {
putdcc $idx "\002Syntax\002: .sockset -sockchan <#channel>."
putdcc $idx "Left sockchans on $sockchans."
}
} elseif {$setting == "-sockflag"} {
if {$newset != ""} {
if {[lsearch -exact [string tolower $sockflags] $newset] != -1} {
for {set loopvar 0} {$loopvar < [llength $sockflags]} {incr loopvar 1} {
if {$newset == [string tolower [lindex $sockflags $loopvar]]} {
set sockflags [lreplace $sockflags $loopvar $loopvar]
}
}
putdcc $idx "Removed $newset from list of exempt flags."
} else {
putdcc $idx "$newset is not a exempt flag from sock scanning."
}
} else {
putdcc $idx "\002Syntax\002: .sockset -sockflag <flag>. For Further Assistance \".sockshelp -sockflag\""
putdcc $idx "Left sockflags on $sockflags."
}
} elseif {$setting == "-sockhost"} {
if {$newset != ""} {
if {[lsearch -exact [string tolower $sockhosts] $newset] != -1} {
for {set loopvar 0} {$loopvar < [llength $sockhosts]} {incr loopvar 1} {
if {$newset == [string tolower [lindex $sockhosts $loopvar]]} {
set sockhosts [lreplace $sockhosts $loopvar $loopvar]
}
}
if {$isircop} { putserv "LWALLOPS :$hand removed exempt host $newset." }
putdcc $idx "Removed $newset from list of exempt hosts."
} else {
putdcc $idx "$newset is not a exempt host from sock scanning."
}
} else {
putdcc $idx "\002Syntax\002: .sockset -sockhost <host>. \".sockshelp -sockhost\" for further assistance."
putdcc $idx "Left sockhosts on $sockhosts."
}
}
return 1
}
# Setting is already set to that...
if {[string first + $setting] != 0 && $newset == [expr $$setting]} {
putdcc $idx "\002Already Set\002: $setting is already set to $newset."
putdcc $idx ".sockhelp sockset for commands."
return 1
}
# Switch for rest of commands.....
switch ${setting} {
"akline" {
if {($newset == 0 || $newset == 1)} {
set akline $newset
putdcc $idx "Set Auto-Kline to $akline"
if {$isircop} {putserv "LWALLOPS :Auto K-line changed to $akline by $hand"}
} else {
putdcc $idx "\002Syntax\002: .sockset akline <0/1>. Left auto k-line on $akline."
}
}
"bantime" {
if {[regexp "^\[0-9\]+$" $newset]} {
set bantime $newset
if {$bantime == 0} {
putdcc $idx "Made Bantime perm."
} elseif {$bantime == ""} {
putdcc $idx "Shut off banning."
} else {
putdcc $idx "Set Bantime to $bantime."
}
} elseif {$newset == ""} {
set bantime $newset
putdcc $idx "Shut off banning"
} else {
putdcc $idx "\002Syntax\002: .sockset bantime <time in minutes>. Left bantime on $bantime."
}
}
"onick" {
if {$newset != ""} {
set onick $newset
if {$isircop} { putserv "LWALLOPS :$hand changed my O-Line Name to $onick."}
putdcc $idx "Set onick to $onick."
} else {
putdcc $idx "\002Syntax\002: .sockset onick <o-line nick>. Left O-line Nick on $onick."
}
}
"opass" {
if {$newset != ""} {
set opass [encrypt $sockver $newset]
if {$isircop} { putserv "LWALLOPS :$hand changed my O-Line Pass." }
putdcc $idx "Set opass to $opass."
} else {
putdcc $idx "\002Syntax\002: .sockset opass <o-line pass>."
}
}
"sockconnect" {
if {($newset == 0 || $newset == 1)} {
set sockconnect $newset
if {$newset == 0} {
if {$isircop} {
putserv "LWALLOPS :$hand turned off scanning on connect."
putserv "MODE $botnick -o"
}
catch {unbind raw - NOTICE raw_connect}
if {[info exists gaccess]} { bind raw - notice raw_notice } ;# Support for GlxAuth
} else {
if {[info exists gaccess]} { catch {unbind raw - notice raw_notice } } ;# Glxauth Support
catch {bind raw - NOTICE raw_connect}
sock-init
if {$isircop} {putserv "LWALLOPS :$hand turned on sock scanning on connect."}
}
putdcc $idx "Set sock scanning on connect to $sockconnect."
} else {
putdcc $idx "\002Syntax\002: .sockset sockconnect <0/1>. Left sock scanning on client connect on $sockconnect."
}
}
"sockjoin" {
if {($newset == 0 || $newset == 1)} {
if {$newset == 1 && $sockjoin == 0 } {
catch {bind join - * join_sock}
} elseif {$newset == 0 && $sockjoin == 1} {
catch {unbind join - * join_sock}
}
set sockjoin $newset
putdcc $idx "Set sockjoin to $sockjoin."
} else {
putdcc $idx "\002Syntax\002: .sockset sockjoin <0/1>. Left sock scanning on join on $sockjoin."
}
}
"socklog" {
if {$newset == ""} {
set socklog $newset
putdcc $idx "Turned off sock logging."
} else {
set socklog $newset
putdcc $idx "Set Sock Log File to $newset."
}
}
"socklwall" {
if {($newset == 0 || $newset == 1)} {
set socklwall $newset
putdcc $idx "Changed Sock Lwalloping to $socklwall."
if {$isircop} {putserv "LWALLOPS :$hand changed open sock lwalloping to $socklwall."}
} else {
putdcc $idx "\002Syntax\002: .sockset socklwall <0/1>. Left socklwall on $socklwall."
}
}
"socknotice" {
if {($newset == 0 || $newset == 1)} {
set socknotice $newset
putdcc $idx "Changed Sock Op Noticing to $socknotice."
} else {
putdcc $idx "\002Syntax\002: .sockset socknotice <0/1>. Left socknotice on $socknotice."
}
}
"sockoper" {
if {($newset == 0 || $newset == 1)} {
set sockoper $newset
putdcc $idx "Set Allow any IrcOp to sock check to $sockoper."
} else {
putdcc $idx "\002Syntax\002: .sockset sockoper <0/1>. Left Allow any IrcOp to check for socks on $sockoper."
}
}
"+sockchan" {
if {$newset != ""} {
if {[lsearch -exact [string tolower $sockchans] $newset] == -1} {
set sockchans [append sockchans " $newset"]
putdcc $idx "Added $newset to list of exempt channels."
} else {
putdcc $idx "$newset is already a exempt channel from sock scanning."
}
} else {
putdcc $idx "\002Syntax\002: .sockset +sockchan <#channel>."
putdcc $idx "Left Exempt Channels on: $sockchans"
}
}
"+sockflag" {
if {$newset != ""} {
if {[lsearch -exact [string tolower $sockflags] $newset] == -1} {
set sockflags [append sockflags " $newset"]
putdcc $idx "Added $newset to list of exempt flags from on join socks scanning."
} else {
putdcc $idx "$newset is already a exempt flag from on join socks scanning."
}
} else {
putdcc $idx "\002Syntax\002: .sockset +sockflag <exempt flag>."
putdcc $idx "Left sockflags on: $sockflags"
}
}
"+sockhost" {
if {$newset != ""} {
if {[lsearch -exact [string tolower $sockhosts] $newset] == -1} {
set sockhosts [append sockhosts " $newset"]
if {$isircop} { putserv "LWALLOPS :$hand exempted host $newset." }
putdcc $idx "Added $newset to list of exempt hosts."
} else {
putdcc $idx "$newset is already a exempt host from sock scanning."
}
} else {
putdcc $idx "\002Syntax\002: .sockset +sockhost <exempt sock-host>."
putdcc $idx "Left sockhosts on $sockhosts."
}
}
}
} else {
putdcc $idx "You did not enter: $list"
}
} else {
putdcc $idx "\002Syntax\002: .sockset <arg> \[setting\]."
putdcc $idx "Valid commands are: $list."
putdcc $idx "\026\".sockshelp sockset\" for further assistance.\026"
}
return 1
}
# Dcc To show settings.
bind dcc o viewset dcc_viewset
proc dcc_viewset {hand idx arg} {
set list "akline bantime onick opass sockjoin sockchans sockconnect sockflags sockhosts socklwall socklog sockoper"
putdcc $idx "\026-------- Current Settings --------\026 "
putdcc $idx "\002Setting Value\002 "
if {$arg == ""} {
foreach setting $list {
global $setting
set value [expr $$setting]
if {$setting == "opass"} {
if {$value != ""} {
putdcc $idx "[format %-28s $setting] *IS SET*"
} else {
putdcc $idx "[format %-28s $setting] *NOT SET*"
}
continue
}
putdcc $idx "[format %-28s $setting] $value"
}
} else {
if {[lsearch -exact $list [string tolower $arg]] != -1} {
global $arg
if {$arg != "opass"} {
set value [expr $$arg]
putdcc $idx "[format %-28s $arg] $value"
} else {
putdcc $idx "O-Line Password Setting is not viewable."
}
} else {
putdcc $idx "Not a valid setting."
putdcc $idx "Valid settings are: $list."
}
}
return 1
}
# Dcc sock checking.
bind dcc o socks dcc_socks
bind dcc o sock dcc_socks
bind dcc o wingate dcc_socks
proc dcc_socks {hand idx arg} {
global nthing
if {[info exists nidx]} { unset nidx }
set host [lindex $arg 0]
if {$host != ""} {
# Get users host.
if {[llength [split $arg .]] == 1} {
putserv "userhost [lindex $arg 0]"
set nthing $idx
return 1
}
# Format was a nick.
putdcc $idx "\002SCANNING\002: $host for open socks."
wingate $host dcc $idx
} else {
putdcc $idx "\002Syntax\002: .socks <host/nick>. \".sockshelp socks\" for more info."
}
return 1
}
# --- Msg Procs ---
# msg for wingate checking
bind msg - socks msg_socks
bind msg - sock msg_socks
bind msg - wingate msg_socks
proc msg_socks {nick userhost handle arg} {
global nthing ohost sockoper
if {[info exists ohost]} { unset ohost }
if {[info exists nthing]} { unset nthing }
if {[matchattr $handle o]} {
set host [lindex $arg 0]
if {$host != ""} {
# Get users host.
if {[llength [split $arg .]] == 1} {
putserv "userhost [lindex $arg 0]"
set nthing $nick
return 1
}
putserv "NOTICE $nick :\002SCANNING\002: $host for open socks."
wingate $host msg $nick
} else {
putserv "NOTICE $nick :\002Syntax\002: .socks <host/nick>."
}
} elseif {$sockoper} {
set ohost [lindex $arg 0]
if {$ohost != ""} {
set ohost "msg $ohost"
putserv "WHOIS $nick"
} else {
putserv "NOTICE $nick :\002Syntax\002: .socks <host/nick>."
}
}
return 1
}
# A IrcOp msging bot who does not have access or bot seeing if it is a oper on rehash.
if {$sockoper} { bind raw - 313 raw_oper }
proc raw_oper {from keyword arg} {
global botnick isircop nthing ohost
# Ohost = type host [channel]
if {[info exists ohost]} {
if {[llength [split [lindex $ohost 1] .]] == 1} {
putserv "userhost [lindex $ohost 1]"
if {[lindex $ohost 0] == "pub"} {
set nthing [lindex $ohost 2]
} elseif {[lindex $ohost 0] == "msg" } { set nthing [lindex $arg 1] }
return 1
}
set msg "\002SCANNING\002: [lindex $ohost 1] for open socks."
if {[lindex $ohost 0] == "msg"} {
putserv "NOTICE [lindex $arg 1] :$msg"
set whereto [lindex $arg 1]
} elseif {[lindex $ohost 0] == "pub"} {
putserv "PRIVMSG [lindex $ohost 2] :$msg"
set whereto [lindex $ohost 2]
}
wingate [lindex $ohost 1] [lindex $ohost 0] $whereto
unset ohost
} elseif {[lindex $arg 1] == $botnick} {
set isircop 1
}
}
# userhost reply from a user......
bind raw - 302 raw_isuser
proc raw_isuser {from keyword arg} {
global nthing
if {[info exists nthing]} {
set host [lindex [split [lindex [split [lindex $arg 1] =] 1] @] 1]
if {$host != ""} {
set msg "\002SCANNING\002: Scanning $host ([string trimright [string trimleft [lindex [split [lindex $arg 1] =] 0] :] *]) for open socks."
} else {
set msg "\002Not Online\002: User is not online"
}
if {[regexp "^\[0-9\]+$" $nthing]} {
putdcc $nthing "$msg"
set type "dcc"
} elseif {[string first # $nthing] == 0} {
putserv "PRIVMSG $nthing :$msg"
set type "pub"
} else {
putserv "NOTICE $nthing :$msg"
set type "msg"
}
if {[lrange $msg 2 end] != "User is not online"} { wingate $host $type $nthing }
unset nthing
}
return 1
}
# Public command !socks <host>
bind pub - !socks pub_socks
bind pub - !sock pub_socks
proc pub_socks {nick userhost handle channel arg} {
global nthing ohost sockoper
if {[matchattr $handle o]} {
set host [lindex $arg 0]
if {$host != ""} {
# Get users host.
if {[llength [split $arg .]] == 1} {
putserv "userhost [lindex $arg 0]"
set nthing $channel
return 1
}
putserv "PRIVMSG $channel :\002SCANNING\002: $host for open socks."
wingate $host pub $channel
} else {
putserv "NOTICE $nick :\002Syntax\002: !socks <host/nick>."
}
} elseif {$sockoper} {
set ohost [lindex $arg 0]
if {$ohost != ""} {
set ohost "pub $ohost $channel"
putserv "WHOIS $nick"
} else {
putserv "NOTICE $nick :\002Syntax\002: !socks <host/nick>."
}
}
return 1
}
# Connection msgs
proc raw_connect {from keyword arg} {
global akline gaccess orawscript sockflags sockhosts
if {[lindex [split [string tolower $from] @] 1] == "" && [lrange $arg 4 5] == "Client connecting:"} {
set userhost [split [string trimright [string trimleft [lindex $arg 7] (] )] @]
set user [lindex $userhost 0]; set host [lindex $userhost 1]
# Exempt hosts
foreach pattern $sockhosts {
if {[string match $pattern $host]} { return 1 }
}
# Exempt flag
set handle [finduser [lindex $arg 6]!$user@$host]
if {$handle != "*"} {
foreach exflag $sockflags {
if {[matchattr $handle $exflag]} { return 1 }
}
}
# Get the reply of wingate
wingate $host connect
}
if {[info exists gaccess]} { catch {raw_notice $from $keyword $arg} } ;# Support for GlxAuth
return 1
}
# Scanner.
proc wingate {host type args} {
global timeout
set args [join $args " "]
# Not a valid host.
if {[catch {set sock [socket -async $host 20492]}]} {
if {$type == "dcc"} { putdcc [lindex $args 0] "\002Not Valid\002: Unable to connect to $host." }
if {$type == "msg"} { putserv "NOTICE [lindex $args 0] :\002Not Valid\002: Unable to connect to $host." }
if {$type == "pub"} { putserv "PRIVMSG [lindex $args 0] :\002Not Valid\002: Unable to connect to $host." }
return 0
}
fileevent $sock writable [list gotconnect $sock $host $type $args] ;# wait for connect.
fileevent $sock readable [list gotread $sock $host $type $args] ;#wait for responce.
# Timeout after 15seconds
set timeout($sock) ""
utimer 15 "timeout $sock $host $type $args"
}
# Connection timed out.
proc timeout {sock host type args} {
global timeout
if {[info exists timeout($sock)]} {
unset timeout($sock)
fileevent $sock writable {} ;# remove previous handler
fileevent $sock readable {} ;# remove previous handler
close $sock ;# close the socket
if {$type == "dcc"} { putdcc [lindex $args 0] "\002TIME OUT\002: Timeout on connection to $host." }
if {$type == "msg"} { putserv "NOTICE [lindex $args 0] :\002TIME OUT\002: Timeout on connection to $host." }
if {$type == "pub"} { putserv "PRIVMSG [lindex $args 0] :\002TIME OUT\002: Timeout on connect to $host." }
}
return 0
}
# Successfully connected, send data.
proc gotconnect {sock host type args} {
global botname timeout v4port
set args [join $args " "]
# Send it request to connect, if its rejected (broken pipe) ports are not open.
# 5 = SOCKS5/ 1 = I know 1 authentication methods/ 0 the one i know is 'none' as in completely open
fconfigure $sock -translation binary -buffering none -blocking 1 ;# configure the connection.
fileevent $sock writable {} ;# remove previous handler
# Send out the data, if can not send, no socks.
if {[lindex $args end] == "v4"} {
set data "[binary format "ccSI" 4 1 $v4port [myip]][exec whoami][binary format c 0]"
} else {
set data "[binary format ccc 5 1 0]"
}
if {[catch {puts $sock $data}]} {
if {$type == "dcc"} { putdcc [lindex $args 0] "\002NO SOCKS\002: not a socks host $host." }
if {$type == "msg"} { putserv "NOTICE [lindex $args 0] :\002NO SOCKS\002: not a socks host $host."}
if {$type == "pub"} { putserv "PRIVMSG [lindex $args 0] :\002NO SOCKS\002: not a socks host $host." }
if {[info exists timeout($sock)]} { unset timeout($sock) }
catch {close $sock}
}
}
# Got reply.
proc gotread {sock host type args} {
global akline bantime botnick socklog socklwall socknotice timeout
set args [join $args " "]
if {[info exists timeout($sock)]} { unset timeout($sock) }
foreach timer [utimers] {
if {([lindex [lindex $timer 1] 0] == "timeout" && [lindex [lindex $timer 1] 1] == $sock)} { killutimer [lindex $timer 2] }
}
# Read in 2 bytes of data from reply. was hh
catch {binary scan [read $sock 2] cc reply reply2}
fileevent $sock readable {} ;# remove previous handler
catch {close $sock}
# Got 2bytes of reply
if {([info exists reply] && [info exists reply2])} {
if {$reply == 0} { set reply 4 }
# Is sock4 or sock5
if {$reply == 4 || $reply == 5} {
# Reply was is a socks4 w/ error msg, connect as socks4 and see if open.
if {$reply == 4 && $reply2 == 91} {
# If connection is still not granted after second attempt, give up.....
if {[lindex $args end] != "v4"} {
set lastv4time [unixtime]; set lastv4host $host
wingate $host $type $args v4
return 0
}
}
# no auth is required. (90 = sock4, 0 = sock5)
if {($reply == 4 && $reply2 == 90 || $reply == 5 && $reply2 == 0)} {
set msg "\002OPEN\002: Socks v$reply found at $host."
if {$type == "join"} {
putserv "kick [lindex $args 0] [lindex $args 1] :Open socks v$reply found on $host!"
if {$bantime != ""} { newban *!*@${host} $botnick "Open socks v$reply found on $host!" $bantime }
} elseif {$type == "connect"} {
if {$akline} {
append msg " K-line Auto Activated on host."
putserv "KLINE *@${host} :Open Socks v$reply."
}
}
# Log wingates.
if {$socklog != ""} {
set x [open $socklog a+]
puts $x "[date] [time] - $host"
close $x
}
# Secure socks
} else {
set msg "\002SECURE SOCKS\002: $host is a socks v$reply but authentication is required."
}
# Unknown reply
} else {
set msg "\002UNKNOWN\002: $host gave a unrecognized reply."
}
# No socks.
} else {
if {$type != "join" && $type != "connect"} { set msg "\002NO SOCKS\002: not a socks host $host." }
}
# Send out warning messages.
if {![info exist msg]} { return 0 }
if {$type == "dcc"} {
putdcc [lindex $args 0] "$msg"
} elseif {$type == "msg"} {
putserv "NOTICE [lindex $args 0] :$msg"
} elseif {$type == "pub"} {
putserv "PRIVMSG [lindex $args 0] :$msg"
} elseif {$type == "connect" && $socklwall} {
putserv "LWALLOPS :$msg"
} elseif {$type == "join" && $socknotice} {
#Set max nicks at a time, and what amount up to, and list of nicks.
set numnicks 5; set oplist ""; set noticelist ""
foreach nick [chanlist [lindex $args 0]] {
# don't notice who's not op, the bot itself and other bots
if {([isop $nick [lindex $args 0]] && $nick != $botnick)} {
incr numnicks
# Add next op
lappend noticelist $nick
# List of nicks is full, output then go on to next set of nicks.
if {$numnicks == $maxnicks} {
# Add a comma between each nick for outputting.
regsub -all " " $noticelist "," noticelist
puthelp "NOTICE $noticelist :$msg ([lindex $args 1])"
# Reset settings back for next group of nicks
set numnicks 0; set noticelist ""
}
}
}
# Leftover nicks
if {$noticelist != ""} {
regsub -all " " $noticelist "," noticelist
putserv "NOTICE $noticelist :$msg ([lindex $args 1])"
}
}
}
putlog "\002Anti-Socks v$sockver TCL\002 by Cashflo <Cashflo@GalaxyNet.Org> Loaded. \".sockshelp\" For Assistance"
|
|
|
| Back to top |
|
 |
Callisto
Halfop
Joined: 13 Mar 2005
Posts: 86
|
| Posted: Wed Aug 09, 2006 10:38 am Post subject: |
|
|
I prefer the script found here [url] http://www.jamesoff.net/projects/eggdrop/proxycheck.tcl [/url]
This uses a DNSBL to check for proxies so it is pretty much kept up to date.
One warning though, if your network partially masks host info this may not work unless you can give your bot an Oline.
Good luck
Callisto |
|
| Back to top |
|
|
ko-pach
Voice
Joined: 09 Aug 2006
Posts: 4
|
| Posted: Wed Aug 09, 2006 11:08 am Post subject: |
|
|
I'm using this script too, but its a RBL checker
set proxycheck_rbls { "cbl.abuseat.org" "opm.blitzed.org" "dnsbl.ahbl.org" }
This one I'm posting is checking the host directly, and after host reply, if there is an open proxy or socks 4&5 bot making ban user/host.
I need modification to checking host via different ports, the Anti-Proxy tcl now working only with one port. See below:
# Not a valid host.
if {[catch {set sock [socket -async $host 20492]}]} { ..
I'm set for now this port, but need variables to checking more ports per host. |
|
| Back to top |
|
|
krimson
Halfop
Joined: 19 Apr 2006
Posts: 86
|
| Posted: Wed Aug 09, 2006 2:44 pm Post subject: |
|
|
| note to ko-pach: when posting any type of code, please enclose it between [code] brackets.. especially when posting something that large |
|
| Back to top |
|
|
caesar
Mint Rubber
Joined: 14 Oct 2001
Posts: 3741
Location: Mint Factory
|
| Posted: Wed Aug 09, 2006 3:47 pm Post subject: |
|
|
* fixed *
* on topic *
user had posted long time ago some pice of code to test for open ports without blocking and was quite nice. You should do a forum search cos your script it's WAY to big and I honestly doubt someone will even read it.
_________________
Once the game is over, the king and the pawn go back in the same box. |
|
| Back to top |
|
|
ko-pach
Voice
Joined: 09 Aug 2006
Posts: 4
|
| Posted: Wed Aug 09, 2006 8:30 pm Post subject: |
|
|
Sorry guys, i was used a BBCode code, but don't used a /code. Sorry too for a big code, next time i will give a link to the file. I'm new in TCL, never scripting in this language, but i thing the peace of code checking open proxyes is:
| Code: | # Not a valid host.
if {[catch {set sock [socket -async $host 20492]}]} {
if {$type == "dcc"} { putdcc [lindex $args 0] "\002Not Valid\002: Unable to connect to $host." }
if {$type == "msg"} { putserv "NOTICE [lindex $args 0] :\002Not Valid\002: Unable to connect to $host." }
if {$type == "pub"} { putserv "PRIVMSG [lindex $args 0] :\002Not Valid\002: Unable to connect to $host." }
return 0
}
fileevent $sock writable [list gotconnect $sock $host $type $args] ;# wait for connect.
fileevent $sock readable [list gotread $sock $host $type $args] ;#wait for responce. |
You will see a number 20492, thath's the port now script checks for open proxyes and work realy fine. Need variable to checking not only this port but more ports, user definied.
BTW, sorry caesar, I was searching the forum and user user posted topics, but nothing found.
I thing most users of eggdrop will be interesting to using this script to check each user joining they channel who using an open proxy.
If there are an option to check fo open proxyes without using a port will be really fine, just using a proxy/socks reply -> this is an proxy or socks .. (free to use, not used with account) and making a ban. This is really different of RBL checking
Thanks, reggards |
|
| Back to top |
|
|
rosc2112
Revered One
Joined: 19 Feb 2006
Posts: 1454
Location: Northeast Pennsylvania
|
| Posted: Thu Aug 10, 2006 12:20 am Post subject: |
|
|
You could make a global variable up near the top of the script, outside of any proc{}'s and then in the section of code you quoted, make it use a foreach:
| Code: |
###############################################################################################################
# set this to the port numbers you want scanned, space seperated list:
set proxyports "20492 0 1 2 3"
proc wingate {host type args} {
global timeout proxyports
set args [join $args " "]
# Not a valid host.
foreach portnumber $proxyports {
if {[catch {set sock [socket -async $host $portnumber]}]} {
if {$type == "dcc"} { putdcc [lindex $args 0] "\002Not Valid\002: unable to connect to $host." }
if {$type == "msg"} { putserv "NOTICE [lindex $args 0] :\002Not Valid\002: Unable to connect to $host." }
if {$type == "pub"} { putserv "PRIVMSG [lindex $args 0] :\002Not Valid\002: Unable to connect to $host." }
#return 0
continue
}
fileevent $sock writable [list gotconnect $sock $host $type $args] ;# wait for connect.
fileevent $sock readable [list gotread $sock $host $type $args] ;#wait for responce.
# Timeout after 15 seconds
set timeout($sock) ""
utimer 15 "timeout $sock $host $type $args"
}
}
|
Should work, haven't test, prolly needs tweaking. |
|
| Back to top |
|
|
ko-pach
Voice
Joined: 09 Aug 2006
Posts: 4
|
| Posted: Fri Aug 11, 2006 9:46 am Post subject: |
|
|
| Thanks rosc2112, now it's work exactly what I want. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
