From Crimson Madrill, 5 Months ago, written in Plain Text.
  1. #!/bin/bash
  2. # Enumerate paired ip ranges
  3. #set -x
  4. # Public google ip ranges:
  5. # NOTE: List does not include x.x.x.(0|255), as theyre reserved
  6. declare -gra pubips=('64.233.160.1' '64.233.191.254'
  7.         '66.102.0.1' '66.102.15.254'
  8.         '66.249.64.1' '66.249.95.254'
  9.         '72.14.192.1' '72.14.255.254'
  10.         '74.125.0.1' '74.125.255.254'
  11.         '209.85.128.1' '209.85.255.254'
  12.         '216.239.32.1' '216.239.63.254'
  13. )
  14.  
  15. # Possible bot ranges:
  16. # NOTE: List does not include x.x.x.(0|255), as theyre reserved
  17. declare -gra botips=('64.68.90.1' '64.68.90.254'
  18.         '64.233.173.193' '64.233.173.254'
  19.         '66.249.64.1' '66.249.79.254'
  20.         '216.239.33.96' '216.239.59.128'
  21. )
  22.  
  23. # Random dns servers to query
  24. declare -gra nslist=("@77.68.45.119" "@217.65.214.149" "@109.73.88.54" "@203.69.82.85" "@77.68.45.148" "@203.92.71.73"
  25.   "@147.91.20.67" "@93.82.199.106" "@207.80.115.200" "@61.60.85.66" "@213.68.194.51" "@87.98.175.85"
  26.   "@195.54.183.56" "@203.69.82.85" "@107.6.11.161" "@193.86.4.133" "@81.9.21.142" "@79.99.122.165"
  27.   "@61.85.1.206" "@195.78.239.42" "@59.99.245.111" "@195.66.138.27" "@195.66.138.26" "@91.85.228.78"
  28.   "@179.60.216.250" "@91.83.165.219" "@59.5.101.244" "@61.78.109.138" "@195.54.182.166" "@87.98.165.2"
  29.   "@61.63.14.15" "@91.98.97.205" "@219.84.192.250" "@217.77.68.130" "@213.5.120.2" "@203.70.40.132"
  30.   "@125.7.116.247" "@37.59.99.137" "@195.88.192.10" "@77.85.169.78" "@213.8.5.220" "@207.62.90.10"
  31.   "@211.5.230.84" "@217.68.21.208" "@93.94.222.254" "@69.84.129.105" "@211.9.57.17" "@201.54.249.65"
  32.   "@109.86.169.241" "@115.64.12.63" "@217.69.98.210"
  33. )
  34.  
  35. usage(){
  36.   m="${0##*/}: A mess of shell to throw \`dig(1)\` at ip ranges. Originally to discover GoofleNS,\n"
  37.   m+="   its is now Harder Better Faster Mayonez. Join us in the war against Goofle, Commerade!\n"
  38.   m+="   Please note the format of the you feed it with -l. The ranges are built from a list\n"
  39.   m+="   of ip addresses. The correct format is \`'1.1.1.1' '1.1.1.254' ...\` to scan the\n"
  40.   m+="   entire last octet of 1.1.1.x. The -l option reads with mapfile.\n"
  41.   m+="Usage: ${0##*/} [-b|--bots] [-l|--list] [-h|help] [-s|--nsscan]\n"
  42.   m+="    -b|--bots                  include a list of possible goofbot ips\n"
  43.   m+="    -h|--help                  print this help message\n"
  44.   m+="    -l|--list <BASH_ARRAY>     use a different list of ranges\n"
  45.   printf -- "%s" "${m[@]}"
  46. }
  47.  
  48.  
  49. bail(){
  50.   printf -- "\033[31m%s\033[0m\n" "$@" >&2
  51.   exit 1
  52. }
  53.  
  54.  
  55. traverse(){
  56.   # desc: enumerate ipv4 ranges by octet
  57.   # usage: traverse <FROMIP>,<TOIP>
  58.  
  59.   declare +g t
  60.  
  61.   while read -r t; do
  62.   awk -v s="${t%%,*}" -v e="${t##*,}" '
  63.     BEGIN{ORS="";split(s, start, ".");split(e, end, ".")
  64.       for(o1=start[1];o1<=end[1];o1++) {
  65.         for(o2=start[2];o2<=end[2];o2++) {
  66.           for(o3=start[3];o3<=end[3];o3++) {
  67.             for(o4=start[4];o4<=end[4];o4++) {
  68.               printf("%s.%s.%s.%s\n", o1, o2, o3, o4)
  69.       }}}}
  70.     }'
  71.   done <"$@"
  72. }
  73.  
  74.  
  75. tuplicate(){
  76.   # desc: step through list and print comma joined pairs
  77.   # usage: tuplicate <ARRAY>
  78.  
  79.   declare +g -i len l r
  80.   declare +g -a j=()
  81.   mapfile -d " " -t j <<<"$@"
  82.   l=0 len="${#j[*]}"
  83.  
  84.   for ((r=1;r<=len;r=r+2,l=l+2)); do
  85.     printf "%s,%s\n" "${j[$l]}" "${j[$r]}"
  86.   done
  87. }
  88.  
  89.  
  90. parallel() {
  91.   # desc: run queries in parallel
  92.   # usage: parallel NJOBS COMMAND [COMMANDARGS]
  93.  
  94.   declare +x -ig tik
  95.   declare +g -i j w i
  96.   declare +g s tty _r r ns
  97.  
  98.   tik=1; tty="$(tty)"; j="$1"
  99.   eval "f(){ $2 \"\$@\"; }"
  100.   shift 2
  101.   s=("$@")
  102.  
  103.   for (( w = 0; w < j; ++w )); do
  104.     for (( i = w; i < ${#s[@]}; i += j )); do
  105.       printf "%d\n" "$tik" >"$tty"
  106.       delay "$tik"
  107.       _r="${#nslist[@]}"; r="$((RANDOM%_r))"; ns="${nslist[$r]}"
  108.       f "$ns" "${s[i]}"
  109.       let tik++
  110.     done &
  111.   done
  112.  
  113.   wait
  114. }
  115.  
  116.  
  117. delay(){
  118.   # desc: sleep a """random""" amount of time. from 0.2s to 62.2s
  119.   # usage: delay <NUMBER>
  120.  
  121.   declare +g s i w
  122.  
  123.   # m is seed/trigger for long pause
  124.   s="0.2" m="${RANDOM:${#1}:5}${1::3}"
  125.  
  126.   # Once every w stepwidth return (s+w*10/)8 else return s
  127.   # The trick is x%y==0 which is only true once every y.
  128.   for w in "3" "8" "1${RANDOM::1}"; do
  129.     # s=sleeplen w=width m=mod  @regA=padding @regB=stepper
  130.     #            (s+w*10)%8               m%w             mod!=0 && s=s    mod=0 && print
  131.     s="$( dc <<<"$s $w 10 8 % * + sa c    $m $w % sb c    lb 0 !=a c $s    lb 0 =a p" )"
  132.   done
  133.  
  134.   sleep "${s}s"
  135.   return 0
  136. }
  137.  
  138.  
  139. shovel(){
  140.   # desc: the `shovel()` that does the `dig` queries. if no NS given, uses system default
  141.   # usage: shovel [<NAMESERVER>] <ADDR>
  142.  
  143.   fetchdirt(){
  144.     # desc: subfunc to call `dig`. for sanity...
  145.     # usage: fetchdirt [<NAMESERV>] <ADDR>
  146.     command \
  147.       dig +noall +onesoa +timeout=12 +tries=1 +fail \
  148.           "$1" -x "$2" -t PTR +short \
  149.           -q "$3".in-addr.arpa. +noshort +answer +authority \
  150.             | awk -v addr="$2" '{if($4~/PTR/) {printf("PTR=[%s]\n",$0)}
  151.                                    else {printf("XX-NO-PTR=[%s]\n",addr)}}
  152.                                 {if($4~/SOA/) {printf("SOA=[%s]\n\n", $0)}
  153.                                    else {printf("XX-NO-SOA=[%s]\n\n",addr)}}'
  154.     # return "highest" error. ussually -127
  155.     mapfile -t ret < <(sort -r <(tr " " "\n" <<<"${PIPESTATUS[@]}" ))
  156.     return "${ret[0]}"
  157.   }
  158.  
  159.  
  160.   [[ -z "$1" ]] && return
  161.  
  162.   # Address, Nameserv, Zeddress
  163.   # The fucked up ${2:+$1} is for `shovel()` varargs
  164.   declare +g a ns z
  165.   a="${2:-$1}" ns="${2:+$1}"
  166.   z="$(awk -v ip="$a" 'BEGIN{FS=OFS=".";$0=ip;print $4,$3,$2,$1}')"
  167.   shift
  168.  
  169.   # If no match, recurse!
  170.   fetchdirt "${ns:-+nocmd}" "${a:-0}" "$z" \
  171.     && shovel "$1" \
  172.     || return 0
  173. }
  174.  
  175.  
  176.  
  177.  
  178.  
  179. # /* BEGIN MAIN */
  180.  
  181. declare +g -a nslist=() iplist=()
  182. declare +x -rgi sdate
  183.  
  184. trap 'jobs -p|while read -r j; do kill -9 "$j"; done' EXIT
  185.  
  186. while (($#)); do
  187.   [[ "$1" =~ -(l|-list) ]] && mapfile -t nslist <<<"$2" && shift 2
  188.   [[ "$1" =~ -(b|-bots) ]] && mapfile -t iplist <<<"${pubips[@]}" <<<"${botips[@]}" && shift
  189.   [[ "$1" =~ -(h|-help|\?) ]] && usage && shift && exit
  190. done
  191.  
  192. sdate="$(date +%s)"
  193. date > ~/gfree."$sdate"
  194.  
  195.  
  196. # YEEEE now thats how we do
  197. mapfile -t address < <(shuf <(traverse <(tuplicate "${iplist[*]}")))
  198.  
  199. parallel 8 shovel "${address[@]}" >> ~/gfree."$sdate"
  200.  
  201. exit
  202.  
  203. # Before the above majesty!
  204. ##################
  205. #declare +x -rg sdate="$(date +%s)"
  206. #declare +x -ig tik=1
  207. #declare +x -g last="${#address[@]}"
  208. #declare _r r ns addr
  209. #
  210. #date > ~/gfree."$sdate"
  211. #
  212. #for addr in "${address[@]}"; do
  213. #  _r="${#nslist[@]}" r="$((RANDOM%_r))" ns="${nslist[$r]}"
  214. #
  215. #  delay "$tik"
  216. #  shovel "$ns" "$a" >> ~/gfree."$sdate"
  217. #
  218. #  let tik++
  219. #done
captcha