From 44d243ea4053564083ed3fc09e9588951ede965c Mon Sep 17 00:00:00 2001 From: William Desportes Date: Sat, 5 Apr 2025 15:30:41 +0200 Subject: [PATCH] Drop old scripts --- scripts/extract-scanner-ips.sh | 76 ---------------------------------- scripts/make-stretchoid.sh | 39 ----------------- 2 files changed, 115 deletions(-) delete mode 100755 scripts/extract-scanner-ips.sh delete mode 100755 scripts/make-stretchoid.sh diff --git a/scripts/extract-scanner-ips.sh b/scripts/extract-scanner-ips.sh deleted file mode 100755 index ba07155..0000000 --- a/scripts/extract-scanner-ips.sh +++ /dev/null @@ -1,76 +0,0 @@ -#!/bin/sh - -set -eux - -grep -v -F ":" digitalocean_announced_ips.txt | xargs -I {} sh -c "echo '{} # $(dig +short -x {})'" > digitalocean_announced_ips_with_reverse.txt - - -# Fetch all reverse DNS addresses -# ns3.digitalocean.com = 198.41.222.173 -cat digitalocean_announced_ips_full.txt | xargs -n 1 -P 40 dig @198.41.222.173 +short +time=5 +tries=10 -x > digitalocean_announced_ips_full_reverse.txt - -# Test command -# cat digitalocean_announced_reverse_dns.txt | grep -v -F "ip6.arpa" | sed 's/.in-addr.arpa//' | awk -F. '{print $3"." $2"."$1}' | sort | less - -# A sample -#cat digitalocean_announced_ips_full.txt | xargs -n 1 -P 40 dig @198.41.222.173 +short +time=5 +tries=10 -x > digitalocean_announced_ips_full_reverse.txt - -cat digitalocean_announced_ips_full.txt | xargs -P 40 -I {} sh -c 'set -eu;rev="$(dig @198.41.222.173 +short +time=5 +tries=10 -x {})";echo "{} # $rev";' > digitalocean_announced_ips_full_reverse_better.txt - - -grep -F -x -v -f digitalocean_announced_ips_full_reverse_better_only_ips.txt digitalocean_announced_ips_full.txt -sed -i 's/ # $//' digitalocean_announced_ips_full_reverse_better.txt -sort digitalocean_announced_ips_full_reverse_better.txt > digitalocean_announced_ips_full_reverse_better2.txt -mv digitalocean_announced_ips_full_reverse_better2.txt digitalocean_announced_ips_full_reverse_better.txt - -diff -u digitalocean_announced_ips_full_reverse_better_only_ips.txt digitalocean_announced_ips_full.txt | delta -cut -d ' ' -f 1 digitalocean_announced_ips_full_reverse_better.txt > digitalocean_announced_ips_full_reverse_better_only_ips.txt - -# Find all results -grep -F "stretchoid" digitalocean_announced_ips_full_reverse_better.txt | cut -d " " -f 3 | sort - - -# Find all ranges -grep -F "stretchoid" digitalocean_announced_ips_full_reverse_better.txt | cut -d " " -f 1 | cut -d '.' -f -3 | sort | uniq - - -# Make a list of search keys -grep -F "stretchoid" digitalocean_announced_ips_full_reverse_better.txt | cut -d " " -f 1 | cut -d '.' -f -3 | sort | uniq > found_ranges.txt - -# Find all ranges to re-scan -cat found_ranges.txt | xargs -I {} grep -F "{}" digitalocean_announced_ips.txt | sort - -# Compare with debian-scripts -grep -F "add stretchoid" stretchoid.ipset | cut -d ' ' -f 3 | cut -d '.' -f -3 | sort | uniq > found_ranges.txt -cat found_ranges.txt | xargs -I {} grep -F "{}" digitalocean_announced_ips.txt | sort > stretchoid_ranges_debian_scripts.txt - - -# Re scan -dig -4 +noauthority +noadditional +nostats -x 107.170.202.77 @1.0.0.1 - -cat stretchoid_ranges.txt | xargs -n1 prips | uniq | sort -V > stretchoid_possible_ips.txt -cat binaryedge_ranges.txt | xargs -n1 prips | uniq | sort -V > binaryedge_digitalocean_possible_ips.txt - -# With failure handling -cat stretchoid_digitalocean_possible_ips.txt | xargs -P 50 -I {} bash -c 'set -eu;rev="$(dig @9.9.9.9 +short +time=1 +tries=1 -x {})"; if [[ "$rev" == *";;"* ]]; then sleep 1; rev="$(dig @8.8.8.8 +short +time=1 +tries=1 -x {})"; fi; echo "{} # $rev";' 1> stretchoid_revisions/v5.txt - -grep -F "stretchoid" stretchoid_revisions/v5.txt | sort > stretchoid_revisions/v5.sorted.txt -mv stretchoid_revisions/v5.sorted.txt stretchoid_revisions/v5.txt - -# Reverse the file -awk -F'#' '{print $2" # "$1}' OFS=, "stretchoid_revisions/v5.txt" | awk '{$1=$1;print}' | sort > stretchoid_revisions/v5-reversed.txt - -# Build the count per name per ip -cat stretchoid_revisions/v*-reversed.txt | sort | uniq -c > stretchoid_revisions/count-reversed.txt -# Same but sorted not by name but by count -cat stretchoid_revisions/v*-reversed.txt | sort | uniq -c | sort > stretchoid_revisions/count-reversed.txt - -# Generate the list of full IPs of stretchoid -cat stretchoid_revisions/v*-reversed.txt | sort | uniq | awk -F'#' '{print $2" # "$1}' OFS='#' | awk '{$1=$1;print}' > ../stretchoid.txt - - - -# Find missing CIDRs from the IPS found in the revisions using the announced prefix list -cat binaryedge_revisions/v*-reversed.txt | LC_ALL=C.UTF-8 sort -t "-" -n | uniq | cut -d ' ' -f 3 | sort -V | cut -d " " -f 1 | cut -d '.' -f -3 | sort | uniq | xargs -I {} grep -E "^{}\.0" digitalocean_announced_ips_simpler.txt | sort -V -t# | uniq | cut -d ' ' -f 3 | sort -V | uniq | grep -v -F -f ./binaryedge_ranges.txt - -cat binaryedge-full-possible-names_with_ips_clean_ips.txt | sort -V | cut -d " " -f 1 | cut -d '.' -f -3 | sort | uniq | xargs -I {} grep -E "^{}\.0" digitalocean_announced_ips_simpler.txt | sort -V -t# | uniq | cut -d ' ' -f 3 | sort -V | uniq | grep -v -F -f ./binaryedge_ranges.txt diff --git a/scripts/make-stretchoid.sh b/scripts/make-stretchoid.sh deleted file mode 100755 index f03f991..0000000 --- a/scripts/make-stretchoid.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/sh - -set -eux - -############################################################################################ -# Information # -# The program dns-ptr-resolver can be installed from cargo: cargo install dns-ptr-resolver # -# See: https://github.com/wdes/dns-ptr-resolver # -############################################################################################ - -REV="v-$(date --iso-8601=seconds)" - -cd ./data/ - -if [ ! -d ./stretchoid_revisions/ ]; then - mkdir ./stretchoid_revisions -fi - -if [ ! -d ./reverse_revisions/ ]; then - mkdir ./reverse_revisions -fi - -dns-ptr-resolver $PWD/stretchoid_possible_ips.txt 1> stretchoid_revisions/$REV.txt - -grep -F "stretchoid" stretchoid_revisions/$REV.txt | sort -V > stretchoid_revisions/$REV.sorted.txt -grep -v -F "stretchoid" stretchoid_revisions/$REV.txt | sort -V > reverse_revisions/$REV.sorted.txt -mv stretchoid_revisions/$REV.sorted.txt stretchoid_revisions/$REV.txt -mv reverse_revisions/$REV.sorted.txt reverse_revisions/$REV.txt - -# Reverse the file -awk -F'#' '{print $2" # "$1}' OFS=, "stretchoid_revisions/$REV.txt" | awk '{$1=$1;print}' | sort > stretchoid_revisions/$REV-reversed.txt - -# Sort by name and reverse the list to build the list of all possible IPs -cat stretchoid_revisions/v*-reversed.txt | LC_ALL=C.UTF-8 sort -t "-" -n | uniq | awk -F'#' '{print "# "$1" \n "$2}' OFS='#' | awk '{$1=$1;print}' > ../stretchoid.txt - -grep -F '#' ../stretchoid.txt | cut -d- -f2 | grep -P '^[0-9]{3,}+' | sort | uniq -c | sort > ./stretchoid-chunk-counts.txt - -# Search for false positives -# dns-ptr-resolver ../stretchoid.txt | grep -v -F "stretchoid.com"