| View previous topic :: View next topic |
| Author |
Message |
nsrafk Halfop
Joined: 11 May 2007 Posts: 73
|
Posted: Sun Jun 03, 2007 6:10 pm Post subject: Need some kind of anti-proxy script. (have tried many) |
|
|
Hi.
Im in deeply need of a anti-proxy/trojan script. I've tried a couple of different ones, but nothing seems to work these days since the scripts is from 2003-2004. Can't seem to find any up-to-date ones. If anybody would be able to help me getting an actually working script, i'd be happy!
And for the record, yes i have tried the two in the tcl archive.
Thanks! |
|
| Back to top |
|
 |
Sir_Fz Revered One

Joined: 27 Apr 2003 Posts: 3793 Location: Lebanon
|
Posted: Sun Jun 03, 2007 6:17 pm Post subject: |
|
|
What have changed since 2003-2004? It's still the same, if the port is open then it's a proxy... _________________ Follow me on GitHub
- Opposing
Public Tcl scripts |
|
| Back to top |
|
 |
nsrafk Halfop
Joined: 11 May 2007 Posts: 73
|
Posted: Sun Jun 03, 2007 6:35 pm Post subject: |
|
|
| Code: | # open proxy checker for eggdrop
# (c) James Seward 2003/4
# version 1.0
# http://www.jamesoff.net/projects/eggdrop
# james@jamesoff.net
# Released under the GPL
## INSTRUCTIONS
###############################################################################
# This script will check the hosts of people joining channels against one or
# RBLs. Choose your RBLs wisely, some of them list DIALUP SPACE and that would
# be a bad thing to be matching your IRC users against :P
#
# Enable the 'proxycheck' flag for channels you want the script active on
# --> .chanset #somechannel +proxycheck
#
# Users who are +o, +v, or +f in your bot (local or global) won't be checked.
#
# Turn on console level d on the partyline to see some debug from the script
# --> .console +d (to enable)
# --> .console -d (to disable)
## CONFIG
###############################################################################
# space-separated list of RBLs to look in
set proxycheck_rbls { "cbl.abuseat.org" "opm.blitzed.org" "dnsbl.ahbl.org" }
# time in minutes to ban for
set proxycheck_bantime 15
# stop editing here unless you're TCL-proof
## CODE
###############################################################################
#add our channel flag
setudef flag proxycheck
#bind our events
bind join - *!*@* proxycheck_join
#swing your pants
# catch joins
proc proxycheck_join { nick host handle channel } {
#check we're active
if {![channel get $channel proxycheck]} {
return 0
}
#don't apply to friends, voices, ops
if {[matchattr $handle fov|fov $channel]} {
return 0
}
#get the actual host
regexp ".+@(.+)" $host matches newhost
if [regexp {[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$} $newhost] {
#it's a numeric host, skip the lookup
proxycheck_check2 $newhost $newhost 1 $nick $newhost $channel
} else {
putloglev d * "proxycheck: doing dns lookup on $newhost to get IP"
dnslookup $newhost proxycheck_check2 $nick $newhost $channel
}
}
# first callback (runs RBL checks)
proc proxycheck_check2 { ip host status nick orighost channel } {
global proxycheck_rbls
if {$status} {
putloglev d * "proxycheck: $host resolves to $ip"
# reverse the IP
regexp {([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3})} $ip matches a b c d
set newip "$d.$c.$b.$a"
# look it up in the rbls
foreach rbl $proxycheck_rbls {
putloglev d * "proxycheck: looking up $newip.$rbl"
dnslookup "$newip.$rbl" proxycheck_check3 $nick $host $channel $rbl
}
} else {
putlog "proxycheck: Couldn't resolve $host. (No further action taken.)"
}
}
# second callback (catches RBL results)
proc proxycheck_check3 { ip host status nick orighost channel rbl } {
global proxycheck_bantime
if {$status} {
putlog "proxycheck: got host $host = ip $ip from RBL $rbl ... banning"
newchanban $channel "*@$orighost" "proxychk" "proxycheck: $rbl" $proxycheck_bantime
}
#if we didn't get a host, they're not in RBL
}
putlog "proxycheck 1.0 by JamesOff loaded" |
That's what im using right now - only problem is this @ partyline:
(00:03:09) (fel1cia) [00:03] DNS resolved my.ganja.nl to 85.93.9.59
(00:03:09) (fel1cia) [00:03] proxycheck: my.ganja.nl resolves to 85.93.9.59
(00:03:09) (fel1cia) [00:03] proxycheck: looking up 59.9.93.85.cbl.abuseat.org
(00:03:09) (fel1cia) [00:03] proxycheck: looking up 59.9.93.85.opm.blitzed.org
(00:03:09) (fel1cia) [00:03] proxycheck: looking up 59.9.93.85.dnsbl.ahbl.org
(00:03:09) (fel1cia) [00:03] DNS resolve failed for 59.9.93.85.dnsbl.ahbl.org
(00:03:09) (fel1cia) [00:03] DNS resolve failed for 59.9.93.85.cbl.abuseat.org
(00:03:10) (fel1cia) [00:03] #Nosser: mode change '+o phiL' by |PRINCE|!nsrafk@finds.hacking.quite.c00l.info
(00:03:51) (fel1cia) [00:03] DNS resolve failed for 59.9.93.85.opm.blitzed.org
--- I guess that means it doesnt work
Anything i can do to make this script work? |
|
| Back to top |
|
 |
nml375 Revered One
Joined: 04 Aug 2006 Posts: 2857
|
Posted: Sun Jun 03, 2007 6:59 pm Post subject: |
|
|
Actually, it just means that 85.93.9.59 is not found in any of the dns-blacklists you use, and thus most likely is not a well-known open-proxy.. _________________ NML_375, idling at #eggdrop@IrcNET |
|
| Back to top |
|
 |
nsrafk Halfop
Joined: 11 May 2007 Posts: 73
|
Posted: Sun Jun 03, 2007 7:47 pm Post subject: |
|
|
Omg lol. Sorry. I thought the rbls didnt exist anymore. Jesus Btw, any suggestions which RBL's i should add to the list ^^ ? |
|
| Back to top |
|
 |
awyeah Revered One

Joined: 26 Apr 2004 Posts: 1580 Location: Switzerland
|
Posted: Tue Jun 05, 2007 12:12 am Post subject: |
|
|
Btw this RBL script is very unaccurate. Not to say the script, but the database of ip's they have, the rbl database websites, yeap. I used these rbl urls to check the script once.
| Code: |
#Space-separated list of RBLs to look in
set proxycheck_rbls {
"cbl.abuseat.org"
"www.dronebl.org"
"moensted.dk/spam/no-more-funn/"
}
|
_________________ ·awyeah·
==================================
Facebook: jawad@idsia.ch (Jay Dee)
PS: Guys, I don't accept script helps or requests personally anymore.
================================== |
|
| Back to top |
|
 |
|