[ SEA-GHOST MINI SHELL]

Path : /proc/2/root/var/lib/zabbix/
FILE UPLOADER :
Current File : //proc/2/root/var/lib/zabbix/rblscan_cpanel.sh

#!/bin/bash
# Scans IP against blocklists
# Enter the IP address to test it

# Uses input to define needed information
ADDRESS=$1

# Verifies address is correct format and length
if [[ $ADDRESS =~ ([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3}) ]] ; then
  :
else
  echo ""
  echo "Please supply a valid address"
        echo ""
        echo "Usage: rblscan [ip address] <subnet in CIDR>" >&2
        echo ""

  exit 1
fi

# Creates needed variables

BACKADDRESS=$(echo $ADDRESS | sed -r 's/([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3})/\4.\3.\2.\1/')
REVERSE=$(dig -x $ADDRESS +short)
SUBNETCIDR=$2

# Subnet hosts based on CIDR
if [[ $SUBNETCIDR = 31 ]] ; then
  SUBNETSPAN="2"
elif [[ $SUBNETCIDR = 30 ]] ; then
  SUBNETSPAN="4"
elif [[ $SUBNETCIDR = 29 ]] ; then
  SUBNETSPAN="8"
elif [[ $SUBNETCIDR = 28 ]] ; then
  SUBNETSPAN="16"
elif [[ $SUBNETCIDR = 27 ]] ; then
        SUBNETSPAN="32"
elif [[ $SUBNETCIDR = 26 ]] ; then
        SUBNETSPAN="64"
elif [[ $SUBNETCIDR = 25 ]] ; then
        SUBNETSPAN="128"
elif [[ $SUBNETCIDR = 24 ]] ; then
        SUBNETSPAN="256"
elif [[ $SUBNETCIDR = 23 ]] ; then
        SUBNETSPAN="512"
elif [[ $SUBNETCIDR = 22 ]] ; then
        SUBNETSPAN="1024"
elif [[ $SUBNETCIDR = 21 ]] ; then
        SUBNETSPAN="2048"
elif [[ $SUBNETCIDR = 20 ]] ; then
        SUBNETSPAN="4096"
elif [[ $SUBNETCIDR = 19 ]] ; then
        SUBNETSPAN="8192"
elif [[ $SUBNETCIDR = 18 ]] ; then
        SUBNETSPAN="16384"
elif [[ $SUBNETCIDR = 17 ]] ; then
        SUBNETSPAN="32768"
elif [[ $SUBNETCIDR = 16 ]] ; then
        SUBNETSPAN="65536"
elif [[ -z $SUBNETCIDR ]] ; then
  :
else
  echo "Please supply a valid CIDR"
  echo "/16 is the largest scannable range"
  exit
fi

# List of RBLs
LISTS=$(awk '$1 !~ /^#/ {print $1}' /root/dnsbl.lst)

## Basic Functions ##
#  All of the basic functions are here.

# Checks if you're scanning a range or not
function rangecheck {
  if [[ -n "$SUBNETCIDR" ]] ; then
    rangebuild
    rangeoutput
    rangescan 
  fi
}

# Builds range based on CIDR
function rangebuild {
  ADDRLOCTET=$(echo $ADDRESS | sed -r 's/([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3})/\4/')
  ADDRNET=$(echo $ADDRESS | sed -r 's/([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3})/\1.\2.\3./')
  RANGEEND=$(expr $ADDRLOCTET + $SUBNETSPAN)
  RANGELOCTS=$(seq $ADDRLOCTET $RANGEEND)
  RANGEARRAY=$(for i in $RANGELOCTS ; do echo $ADDRNET$i ; done)
  BACKRANGEARRAY=$(for RANGEARRA in ${RANGEARRAY} ; do echo ${RANGEARRA} | sed -r 's/([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3})/\4.\3.\2.\1/' ; done)
}

# Scans range
function rangescan {
  for BACKRANGEARRA in ${BACKRANGEARRAY} ; do
    for LIST in ${LISTS} ; do
            if [[ $(dig  +short ${BACKRANGEARRA}.${LIST}.) =~ 127.0.0.([2-9]|[1-4][0-9]|50) ]] ; then
        echo ""
        echo $(echo $BACKRANGEARRA | sed -r 's/([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3})/\4.\3.\2.\1/') " is listed in $LIST"
            fi
          done
  done
  echo ""
  echo "Scan completed!!!"
  echo ""
  exit
} 


# Runs the check against the list of RBLs then prints a result if it is listed
function defaultscan {
  for LIST in ${LISTS} ; do
      if [[ $(dig  +short ${BACKADDRESS}.${LIST}.) =~ 127.0.0.([2-9]|[1-4][0-9]|50) ]] ; then
          echo "Listed in ${LIST}"
      fi
  done
  echo ""
  echo "Scan completed!!!"
  echo ""
}

# Begin Output
function defaultout {
  echo ""
  echo "+----------------------------------------------------------------------+"
  echo ""
  echo "      IP Address is: "  $ADDRESS
  echo "      Reverse DNS (if any) is: " $REVERSE
  echo ""
  echo "+----------------------------------------------------------------------+"
  echo ""
  echo ""
  echo "Running query now, this may take some time..."
  echo "If nothing comes up, you're not listed on known blacklists."
}

# Range Output
function rangeoutput {
  echo ""
  echo "+----------------------------------------------------------------------+"
  echo ""
  echo "     Range scan started on: " $ADDRESS
  echo "     Subnet size: /"$SUBNETCIDR
  echo ""
  echo "+----------------------------------------------------------------------+"
  echo ""
  echo ""
  echo "Running scan against this range, this may take some time..."
  echo ""
  echo "If nothing comes up, your range is not listed on known blocklists."
}

# Help Menu with -h
while getopts ":h" SWITCH; do
    case $SWITCH in
        h)
    echo ""
          echo "IP Blocklist checker" >&2
          echo ""
          echo "Usage: rblscan [ip address] <subnet in CIDR>" >&2
          echo ""
          exit 1
          ;;
        \?)
    echo ""
          echo "Invalid option: -$OPTARG" >&2
          echo "Please use -h for help" >&2
          echo "Usage: rblscan [ip address] <subnet in CIDR>"
    exit 1
      ;;
    esac
done

rangecheck
defaultout
defaultscan

exit

SEA-GHOST - SHELL CODING BY SEA-GHOST