Jump to content
coders-irc_Bot

Abuse IP v1.0

By coders-irc_Bot, in Proctections

Recommended Posts

  • Administrators
coders-irc_Bot Collaborator

coders-irc_Bot

Posted
  • Administrators
Posted

This script helps to extract IP address information from the website (along with abuse statistics and negative reviews) for display on the channel.

Requirements: It is necessary to register a new account with your account on the site " https://www.abuseipdb.com " to be able to create your own individual API key, to maintain the daily operation of the script, with an independent daily limit on the limit. The free limit is " 1000 " IP views (checks) per day. Important: - You must keep your API key secret and never show it to anyone, because it will be tied to your account with all the statistics and usage limit.

Settings: You can change the parameter settings of the script via the " abuseip_set " alias to the values you need. 

################################################### ####################
# Name: Abuse IP v1.0
# Author: Epic (epicnet@mail.ru, http://epicnet.ru)
# Description: Retrieves the website's IP address information (along with abuse statistics and negative reviews) to display on the channel.
# Requirement: It is necessary to register a new account with your account on the site "https://www.abuseipdb.com" in order to be able to create your own individual API key to maintain the daily work of the script, with an independent daily limit on the restriction. The free limit is "1000" IP views (checks) per day.
################################################### ####################

alias -l abuseip_set {
  %aip_link = https://api.abuseipdb.com/api/v2/check
  %aip_apikey = 6a31ca43fb50a3482c68051a7e765e16820d589a5f8509f1a9a169a88908d9811f232698840c40e7
  %aip_param = maxageindays=90 verbose accept=application/json
  %aip_path = scripts\AbuseIP\
  %aip_comm = !abuse,!ip,!info,!loc,!check
  %aip_color1 = 10 | %aip_color2 = 06 | %aip_color3 = 14 | %aip_color4 = 07 | %aip_color5 = 04
  %aip_operprefix = [ +%@&~! ]
  %aip_timelimit = 10
  %aip_echodata = no
  %aip_showdata = ipAddress,hostnames,countryCode,countryName,isp,usageType,isPublic,isWhitelisted,abuseConfidenceScore,numDistinctUsers,totalReports,lastReportedAt
}
-------------------------------------------------- --------------------
on *:TEXT:*:#:{
  abuseip set | if ($istok(%aip_comm,$strip($1),44)) {
    var %aip_pnick $remove($nick($chan,$nick).pnick,$nick) | if (%aip_pnick !isin %aip_operprefix) { .notice $nick 14 Access denied. You do not have the required status on the channel. | halt}
    if ($2) {
      if (%aip_timelimit > 0) {
        if ($hget(timelimit,$nick) != $null) { .notice $nick 14Command limit set. Wait: 07 $hget(timelimit,$nick) 14sec. | halt}
        .hadd -mz timelimit $nick %aip_timelimit
      }
      abuseip $2 $nick $chan
    }
    else .notice $nick Correct syntax: 12 %aip_comm <ip>
  }
}
alias -l abuseip {
  var %ww_num = $+(abuseip_,$rand(1,100000),_,$ticks)
  var %ww_ip = $strip($1) | var %ww_nick = $2 | var %ww_chan = $3
  var %ww_file = $+(%aip_path,%ww_num,.txt)
  var %ww_domen = $remove($gettok(%aip_link,2,47),$chr(47))
  var %ww_sreq = $+(%aip_link,?ipAddress=,%ww_ip,&key=,%aip_apikey,&,$replace(%aip_param,$chr(32),&))
  if (https: isin %aip_link) { var %ww_flag -e | var %ww_port 443 } | else var %ww_port 80
  ;---------------
  if ($sock(%ww_num)) .sockclose %ww_num | if ($exists(%ww_file)) .remove %ww_file
  .sockopen %ww_flag %ww_num %ww_domen %ww_port
  .sockmark %ww_num %ww_ip %ww_nick %ww_chan %ww_domen %ww_file %ww_sreq
}
on *:SOCKOPEN:abuseip_*:{
  if ($sockerr) { echo -s Domain: $gettok($sock($sockname).mark,4,32) -> Server is not available. | return}
  .sockwrite -nt $sockname GET $gettok($sock($sockname).mark,6,32) HTTP/1.1
  .sockwrite -nt $sockname Host: $gettok($sock($sockname).mark,4,32)
  .sockwrite -nt $sockname User-Agent: */*
  .sockwrite -nt $sockname $str($crlf,2)
  .sockwrite -nt $sockname
}
on *:SOCKREAD:abuseip_*:{
  if ($sockerr > 0) { echo -s Domain: $gettok($sock($sockname).mark,4,32) -> $error | return}
  :1 | .sockread %tempcip | if ($sockbr == 0) return | if (!%tempcip) goto 1
  if (!%wfile) var %wfile $gettok($sock($sockname).mark,5,32)
  if("data": isin %tempcip) {
    .write -i %wfile $mid(%tempcip,1,2000)
    var %sm1 $gettok($sock($sockname).mark,1,32)
    var %sm2 $gettok($sock($sockname).mark,2,32)
    var %sm3 $gettok($sock($sockname).mark,3,32)
    var %sm4 $gettok($sock($sockname).mark,4,32)
    var %sm5 $gettok($sock($sockname).mark,5,32)
    .sockclose $sock($sockname) | abuseip_mess %sm1 %sm2 %sm3 %sm4 %sm5 | halt
  }
  goto 1
}
alias -l abuseip_mess {
  var %mes_str $replace($remove($read($5,1),{"data":{,}},"),\/,/)
  if (%aip_echodata == yes) .echo -s %mes_str
  var %i 1 | while (%i <= $numtok(%aip_showdata,44)) {
    var %mes_tok $gettok(%aip_showdata,%i,44) | var %mes_find $+(%mes_tok,$chr(58))
    var %mes_val $gettok($matchtok(%mes_str,%mes_find,1,44),2,58)
    if (ipAddress == %mes_tok) %mes_text = %mes_text $+(%aip_color1,IP:,$chr(32),%aip_color4,%mes_val)
    if (hostnames == %mes_tok) %mes_text = %mes_text $+(%aip_color1,Host:,$chr(32),%aip_color2,%mes_val)
    if (domain == %mes_tok) %mes_text = %mes_text $+(%aip_color1,Domain:,$chr(32),%aip_color2,%mes_val)
    if (countryCode == %mes_tok) %mes_text = %mes_text $+(%aip_color1,Zone:,$chr(32),%aip_color2,%mes_val)
    if (countryName == %mes_tok) %mes_text = %mes_text $+(%aip_color1,Country:,$chr(32),%aip_color2,%mes_val)
    if (isp == %mes_tok) %mes_text = %mes_text $+(%aip_color1,ISP:,$chr(32),%aip_color2,%mes_val)
    if (usageType == %mes_tok) %mes_text = %mes_text $+(%aip_color1,Type:,$chr(32),%aip_color2,%mes_val)
    ;----------------
    if (isPublic == %mes_tok) %mes_text = %mes_text $+(%aip_color1,Public:,$chr(32),%aip_color2,%mes_val)
    if (isWhitelisted == %mes_tok) {
      if (%mes_val == false) var %mc %aip_color5 | else var %mc %aip_color2
      %mes_text = %mes_text $+(%aip_color1,WhiteList:,$chr(32),%mc,%mes_val)
    }
    if (abuseConfidenceScore == %mes_tok) {
      if (%mes_val > 0) var %mc %aip_color5 | else var %mc %aip_color2
      %mes_text = %mes_text $+(%aip_color1,Negative:,$chr(32),%mc,%mes_val,$chr(37))
    }
    if (numDistinctUsers == %mes_tok) {
      if (%mes_val > 0) var %mc %aip_color5 | else var %mc %aip_color2
      %mes_text = %mes_text $+(%aip_color1,Users:,$chr(32),%mc,%mes_val)
    }
    if (totalReports == %mes_tok) {
      if (%mes_val > 0) var %mc %aip_color5 | else var %mc %aip_color2
      %mes_text = %mes_text $+(%aip_color1,Reports:,$chr(32),%mc,%mes_val)
    }
    if (lastReportedAt == %mes_tok) %mes_text = %mes_text $+(%aip_color1,Last:,$chr(32),%aip_color2,%mes_val)
    if (%i < $numtok(%aip_showdata,44)) %mes_text = $+(%mes_text,%aip_color3,$chr(44))
    inc %i
  }
  msg $3 %mes_text | unset %mes_text %tempcip | if ($exists($5)) .remove $5
}

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Go to topic listing
×
×
  • Create New...