150 lines
5.1 KiB
Python
150 lines
5.1 KiB
Python
#!/usr/bin/env python
|
|
# FloodBL - Developed by acidvegas in Python (https://git.acid.vegas/proxytools)
|
|
|
|
'''
|
|
Notes for future improvement:
|
|
|
|
To query an IPv6 address, you must expand it, then reverse it into "nibble" format.
|
|
e.g. if the IP was 2001:db8::1, you expand it to 2001:0db8:0000:0000:0000:0000:0000:0001 and reverse it.
|
|
In nibble format it is 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2 and add on the dns blacklist you require.
|
|
|
|
e.g. 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.tor.dan.me.uk
|
|
|
|
If the IP has a match, the DNS server will respond with an "A" record of 127.0.0.100.
|
|
It will also respond with a "TXT" record with extra information as per below:
|
|
|
|
N:<nodename>/P:<port1[,port2]>/F:<flags>
|
|
|
|
port1 is the OR (onion router) port, port2 (if specified) is the DR (directory) port.
|
|
Flags are defined as follows:
|
|
E Exit
|
|
X Hidden Exit
|
|
A Authority
|
|
B BadExit
|
|
C NoEdConsensus
|
|
D V2Dir
|
|
F Fast
|
|
G Guard
|
|
H HSDir
|
|
N Named
|
|
R Running
|
|
S Stable
|
|
U Unnamed
|
|
V Valid
|
|
'''
|
|
|
|
import argparse
|
|
import concurrent.futures
|
|
import os
|
|
import re
|
|
import socket
|
|
|
|
try:
|
|
import dns.resolver
|
|
except ImportError:
|
|
raise SystemExit('error: missing required \'dnspython\' library (https://pypi.org/project/dnspython/)')
|
|
|
|
# Globals
|
|
good = list()
|
|
bad = list()
|
|
unknown = list()
|
|
proxies = list()
|
|
|
|
blackholes = {
|
|
'dnsbl.dronebl.org': {
|
|
'2' : 'Sample',
|
|
'3' : 'IRC Drone',
|
|
'5' : 'Bottler',
|
|
'6' : 'Unknown spambot or drone',
|
|
'7' : 'DDOS Drone',
|
|
'8' : 'SOCKS Proxy',
|
|
'9' : 'HTTP Proxy',
|
|
'10' : 'ProxyChain',
|
|
'11' : 'Web Page Proxy',
|
|
'12' : 'Open DNS Resolver',
|
|
'13' : 'Brute force attackers',
|
|
'14' : 'Open Wingate Proxy',
|
|
'15' : 'Compromised router / gateway',
|
|
'16' : 'Autorooting worms',
|
|
'17' : 'Automatically determined botnet IPs (experimental)',
|
|
'18' : 'DNS/MX type'
|
|
},
|
|
# 'rbl.efnetrbl.org': { # NOTE: Most IRC networks use DroneBL, un-comment this section to check the EFnetRBL
|
|
# '1' : "Open Proxy",
|
|
# '2' : "spamtrap666",
|
|
# '3' : "spamtrap50",
|
|
# '4' : "TOR",
|
|
# '5' : "Drones / Flooding"
|
|
# },
|
|
# 'torexit.dan.me.uk': { # TODO: The require a TXT lookup, although IRC daemons do numeric replies...will look into this
|
|
# 'E' : 'Exit',
|
|
# 'X' : 'Hidden Exit',
|
|
# 'A' : 'Authority',
|
|
# 'B' : 'BadExit',
|
|
# 'C' : 'NoEdConsensus',
|
|
# 'D' : 'V2Dir',
|
|
# 'F' : 'Fast',
|
|
# 'G' : 'Guard',
|
|
# 'H' : 'HSDir',
|
|
# 'N' : 'Named',
|
|
# 'R' : 'Running',
|
|
# 'S' : 'Stable',
|
|
# 'U' : 'Unnamed',
|
|
# 'V' : 'Valid'
|
|
# }
|
|
}
|
|
|
|
def check(proxy):
|
|
proxy_ip = proxy.split(':')[0]
|
|
formatted_ip = '.'.join(proxy_ip.split('.')[::-1])
|
|
for blackhole in blackholes:
|
|
try:
|
|
results = dns.resolver.resolve(f'{formatted_ip}.{blackhole}', 'A')
|
|
if results:
|
|
for result in results:
|
|
data = result.to_text()
|
|
reply = data.split('.')[-1:][0]
|
|
if reply in blackholes[blackhole]:
|
|
print(f'{proxy_ip.ljust(15)} \033[1;30m|\033[0m {blackhole.ljust(17)} \033[1;30m|\033[0m \033[1;31m{blackholes[blackhole][reply]}\033[0m')
|
|
bad.append(proxy)
|
|
else:
|
|
print(f'{proxy_ip.ljust(15)} \033[1;30m|\033[0m {blackhole.ljust(17)} \033[1;30m|\033[0m Unknown ({data})')
|
|
unknown.append(proxy)
|
|
else:
|
|
print(f'{proxy_ip.ljust(15)} \033[1;30m|\033[0m {blackhole.ljust(17)} \033[1;30m|\033[0m Error (No results)')
|
|
unkown.append(proxy)
|
|
except Exception as ex:
|
|
print(f'{proxy_ip.ljust(15)} \033[1;30m|\033[0m {blackhole.ljust(17)} \033[1;30m|\033[0m \033[1;32mGOOD\033[0m')
|
|
if proxy not in bad:
|
|
good.append(proxy)
|
|
|
|
# Main
|
|
print('#'*56)
|
|
print('#{0}#'.format(''.center(54)))
|
|
print('#{0}#'.format('FloodBL Blackhole Checker'.center(54)))
|
|
print('#{0}#'.format('Developed by acidvegas in Python'.center(54)))
|
|
print('#{0}#'.format('https://git.acid.vegas/proxytools'.center(54)))
|
|
print('#{0}#'.format(''.center(54)))
|
|
print('#'*56)
|
|
parser = argparse.ArgumentParser(usage='%(prog)s <input> <output> [options]')
|
|
parser.add_argument('input', help='file to scan')
|
|
parser.add_argument('output', help='file to output')
|
|
parser.add_argument('-t', '--threads', help='number of threads (default: 100)', default=100, type=int)
|
|
args = parser.parse_args()
|
|
if not os.path.isfile(args.input):
|
|
raise SystemExit('no such input file')
|
|
initial = len(open(args.input).readlines())
|
|
proxies = set([proxy.split(':')[0] for proxy in re.findall('[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+:[0-9]+', open(args.input).read(), re.MULTILINE)])
|
|
if not proxies:
|
|
raise SystemExit('no proxies found from input file')
|
|
with concurrent.futures.ThreadPoolExecutor(max_workers=args.threads) as executor:
|
|
checks = {executor.submit(check, proxy): proxy for proxy in proxies}
|
|
for future in concurrent.futures.as_completed(checks):
|
|
checks[future]
|
|
good.sort()
|
|
with open(args.output, 'w') as output_file:
|
|
output_file.write('\n'.join(good))
|
|
print('\033[34mTotal\033[0m : ' + format(len(proxies), ',d'))
|
|
print('\033[34mGood\033[0m : ' + format(len(good), ',d'))
|
|
print('\033[34mBad\033[0m : ' + format(len(proxies)-len(good), ',d'))
|