| ASN Lookup Server Report | ||||
|---|---|---|---|---|
| Lookup Target | Client IP | Lookup Server ASN | Lookup Server Hostname | Date and time |
| $host | $NCAT_REMOTE_ADDR | $found_asn ($found_asname
 )
|
$HOSTNAME | $reportdatetime |
" fi # spawn ASN child and output results to the client DebugPrint "Spawning child" INTERNAL_CONNHANDLER_CHILD=true INTERNAL_ASNSERVER_CONNHANDLER=false INTERNAL_ASNSERVER_OUTPUT_TYPE="$OUTPUT_TYPE" TERM=dumb "$0" "$host" | { #* ╭──────────────────────────────────────────────╮ #* │ Main child output parsing loop command group │ #* ╰──────────────────────────────────────────────╯ if [ -n "$OUTPUT_TYPE" ]; then # JSON/JSONP mode while IFS= read -r outputline; do echo -e "$outputline" done else # HTML mode TextHeader() { headerwidth="150" padchar="_" padding="$(printf '%0.1s' ' '{1..500})" printf "%${headerwidth}s\n\n" "" | tr " " "${padchar}" printf '%*.*s %s %*.*s\n' 0 "$(((headerwidth-2-${#1})/2))" "$padding" "$1" 0 "$(((headerwidth-1-${#1})/2))" "$padding" printf "%${headerwidth}s\n" "" | tr " " "${padchar}" } # initialize textual trace log variable tracedata="" while IFS= read -r outputline; do # DebugPrint "[$reqid] CHILD OUTPUT: $outputline" "false" if echo -e "$outputline" | grep -Eq "^BOXHEADER "; then # child instance is displaying a BoxHeader, transform it into a
| $message |
|---|
"
outputline=$(echo -e "$outputline" | sed -e 's/#COUNTRYCODE.*//')
tracedata+="$outputline\n"
outputline=$(echo -e "$outputline" | tr -d '\r\n' | aha -b -n)
printf "%s%s\n" "$outputline" "$target_flag_img"
elif grep -Eq "]*>/,""); print }' <<<"$outputline")
tracedata+="$href_stripped\n"
printf "%s\n" "$outputline" | aha -b -n | sed -e 's/<//g' -e 's/"/"/g' -e 's/&/&/g'
elif grep -Eq "#PERFORMWHOIS" <<<"$outputline"; then
# child instance is asking us to perform a whois lookup for the target domain
# and show it to the user in the form of a tooltip
targetdomain=$(echo -e "$outputline" | awk '{print $NF}')
targetdomaindata=$(whois -H "$targetdomain" | grep -Ev "^\*")
hostio_href="host.io"
hostio_link=" $hostio_href🔗"
read -r -d '' whoisbutton <<- END_OF_MODAL_HTML
" \
"
" \ "" \ "Generated by ASN Lookup Server v${ASN_VERSION} running on $HOSTNAME in ${runtime}s (request ID: $reqid)" \ "" \ "
" \ "" \ "What is that?" \ "\n" \ "
" \
""
# create a hidden div with the gzipped+b64 encoded trace output for optional termbin sharing
tracedata_encoded="$(StripAnsi "$tracedata" | gzip | base64 -w0)"
echo -e ""
echo -e "$html_footer"
fi
}
# end the ncat client connection for this request ID
childretval="$?"
if [ "$childretval" -eq 0 ]; then
DebugPrint "Child process completed successfully"
[[ -z "$OUTPUT_TYPE" ]] && echo -e ""
# log lookup request completed on server side
echo -e "[$(date +"%F %T")] ${greenbg}COMPLETED${default} Lookup request by client ${yellow}$NCAT_REMOTE_ADDR${default} for target ${magenta}$host${default} (Request ID: ${blue}$reqid${default})" >&2
else
DebugPrint "Child process failed with exit code $childretval (SIG$(kill -l $childretval))"
echo -e "[$(date +"%F %T")] ${redbg} FAILED ${default} Lookup request by client ${yellow}$NCAT_REMOTE_ADDR${default} for target ${magenta}$host${default} failed with exit code $childretval (SIG$(kill -l $childretval)) (Request ID: ${blue}$reqid${default})" >&2
fi
if [ "$childretval" -eq 141 ]; then
DebugPrint "Client has gone away?"
fi
else
# send HTTP code 400 Bad Request to client
if [ "$JSON_OUTPUT" = false ]; then
echo -e "$http_ko"
else
echo -e "$http_ko_json"
userinput="$host"
json_resultcount=0
final_json_output=""
PrintErrorAndExit "bad request"
fi
# log lookup request ignored on server side
echo -e "[$(date +"%F %T")] ${redbg} IGNORED ${default} Malformed data in request by client ${yellow}$NCAT_REMOTE_ADDR${default} for target ${magenta}$host${default}" >&2
fi
else
# ignore spurious browser requests (e.g. 'GET /favicon.ico') or scans.
# Log the bad request on server side, sleep for 1 second, and drop the connection
reqbytes=$(echo -e "$line" | awk -F$'\r\n' '{print substr($1,0,30)}')
echo -e "[$(date +"%F %T")] ${redbg} IGNORED ${default} Ignored request by client ${yellow}$NCAT_REMOTE_ADDR${default}. Request data (first 30 bytes): ${red}${reqbytes}${default}" >&2
sleep 1
fi
}
#! ╭───────────────────────╮
#! │ Main asn script start │
#! ╰───────────────────────╯
IFS=$'\n\t'
# Color scheme
green=$'\e[38;5;035m'
magenta=$'\e[38;5;207m'
yellow=$'\e[38;5;142m'
white=$'\e[38;5;007m'
blue=$'\e[38;5;038m'
red=$'\e[38;5;203m'
black=$'\e[38;5;016m'
lightyellow=$'\e[38;5;220m'
lightred=$'\e[38;5;167m'
lightblue=$'\e[38;5;109m'
lightgreybg=$'\e[48;5;252m'${black}
bluebg=$'\e[48;5;038m'${black}
redbg=$'\e[48;5;210m'${black}
greenbg=$'\e[48;5;035m'${black}
yellowbg=$'\e[48;5;142m'${black}
dim=$'\e[2m'
underline=$'\e[4m'
default=$'\e[0m'
# HTML color codes matching ANSI colors used by the script
htmlwhite="#cccccc"
htmlblack="#1e1e1e"
htmllightgray="#d5d5d5"
htmlred="#ff5f5f"
htmldarkred="#b74d4d"
htmlblue="#00afd7"
htmlyellow="#afaf00"
htmlgreen="#00af5f"
htmldarkgreen="#058505"
htmlmagenta="#ff5fff"
[[ "$TERM" = "dumb" ]] && IS_HEADLESS=true || IS_HEADLESS=false
ipv4v6regex='[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}|(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|'\
'([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|'\
'([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|'\
':((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|'\
'(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|'\
'1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))' # cheers https://stackoverflow.com/a/17871737
# Get terminal width. If running headless in a child instance (or in server mode) set it to a "sane" value to display appropriate HTML spacing in reports
if [ "$IS_HEADLESS" = true ]; then
terminal_width=233
else
terminal_width=$(tput cols)
trap 'terminal_width=$(tput cols)' SIGWINCH
fi
# Check if this script instance was launched by the ASN server connection handler
if [ "$INTERNAL_CONNHANDLER_CHILD" = true ]; then
IS_ASN_CHILD=true
else
IS_ASN_CHILD=false
fi
# Check if this script instance was spawned by the ncat listener
if [ "$INTERNAL_ASNSERVER_CONNHANDLER" = true ]; then
IS_ASN_CONNHANDLER=true
HandleNcatClientConnection
exit 0
else
IS_ASN_CONNHANDLER=false
fi
# External API tokens for ipqualityscore.com (IP reputation & threat analysis lookup),
# ipinfo.io (IP geolocation lookup) and Cloudflare Radar (BGP hijacks and route leaks historical data)
# Files will be parsed in the order they are declared (first path found takes precedence)
IQS_TOKEN_FILES="$HOME/.asn/iqs_token:/etc/asn/iqs_token"
IPINFO_TOKEN_FILES="$HOME/.asn/ipinfo_token:/etc/asn/ipinfo_token"
CLOUDFLARE_TOKEN_FILES="$HOME/.asn/cloudflare_token:/etc/asn/cloudflare_token"
# SIGINT trapping
NO_ERROR_ON_INTERRUPT=false
trap Ctrl_C INT
# PeeringDB list of IXP prefixes
peeringdb_dataset=""
peeringdb_ipv6_dataset=""
# Well known ports list
[[ -r "/etc/services" ]] && WELL_KNOWN_PORTS=$(cat /etc/services) || WELL_KNOWN_PORTS=""
# default options (configurable via $HOME/.asnrc)
MTR_TRACING=true
ADDITIONAL_INETNUM_LOOKUP=true
DETAILED_TRACE=false
MTR_ROUNDS=5
MAX_CONCURRENT_SHODAN_REQUESTS=10
SHODAN_SHOW_TOP_N=5
MONOCHROME_MODE=false
ASN_DEBUG=false
JSON_OUTPUT=false
JSON_PRETTY=false
DEFAULT_SERVER_BINDADDR_v4="127.0.0.1"
DEFAULT_SERVER_BINDADDR_v6="::1"
DEFAULT_SERVER_BINDPORT="49200"
IQS_ALWAYS_QUERY=false
IQS_CUSTOM_SETTINGS="" # e.g. "strictness=1&allow_public_access_points=false" - see https://www.ipqualityscore.com/documentation/proxy-detection/overview -> "Note About Front End IP Lookups"
declare -A PEERINGDB_CACHED_DATASETS
declare -A PEERINGDB_CACHED_IXP_DATA
declare -A CAIDARANK_CACHED_AS_DATA
# to build the CC->CountryName mapping cache:
# COUNTRY_MAP_CACHE=$(docurl -m4 -s "https://restcountries.com/v3.1/all?fields=name,cca2" | jq -c 'map({(.cca2): .name.common}) | add | to_entries | sort_by(.key) | from_entries')
COUNTRY_MAP_CACHE='{"AD":"Andorra","AE":"United Arab Emirates","AF":"Afghanistan","AG":"Antigua and Barbuda","AI":"Anguilla","AL":"Albania","AM":"Armenia","AO":"Angola",
"AQ":"Antarctica","AR":"Argentina","AS":"American Samoa","AT":"Austria","AU":"Australia","AW":"Aruba","AX":"Åland Islands","AZ":"Azerbaijan","BA":"Bosnia and Herzegovina",
"BB":"Barbados","BD":"Bangladesh","BE":"Belgium","BF":"Burkina Faso","BG":"Bulgaria","BH":"Bahrain","BI":"Burundi","BJ":"Benin","BL":"Saint Barthélemy","BM":"Bermuda",
"BN":"Brunei","BO":"Bolivia","BQ":"Caribbean Netherlands","BR":"Brazil","BS":"Bahamas","BT":"Bhutan","BV":"Bouvet Island","BW":"Botswana","BY":"Belarus","BZ":"Belize","CA":"Canada",
"CC":"Cocos (Keeling) Islands","CD":"DR Congo","CF":"Central African Republic","CG":"Republic of the Congo","CH":"Switzerland","CI":"Ivory Coast","CK":"Cook Islands","CL":"Chile",
"CM":"Cameroon","CN":"China","CO":"Colombia","CR":"Costa Rica","CU":"Cuba","CV":"Cape Verde","CW":"Curaçao","CX":"Christmas Island","CY":"Cyprus","CZ":"Czechia","DE":"Germany",
"DJ":"Djibouti","DK":"Denmark","DM":"Dominica","DO":"Dominican Republic","DZ":"Algeria","EC":"Ecuador","EE":"Estonia","EG":"Egypt","EH":"Western Sahara","ER":"Eritrea","ES":"Spain",
"ET":"Ethiopia","FI":"Finland","FJ":"Fiji","FK":"Falkland Islands","FM":"Micronesia","FO":"Faroe Islands","FR":"France","GA":"Gabon","GB":"United Kingdom","GD":"Grenada",
"GE":"Georgia","GF":"French Guiana","GG":"Guernsey","GH":"Ghana","GI":"Gibraltar","GL":"Greenland","GM":"Gambia","GN":"Guinea","GP":"Guadeloupe","GQ":"Equatorial Guinea",
"GR":"Greece","GS":"South Georgia","GT":"Guatemala","GU":"Guam","GW":"Guinea-Bissau","GY":"Guyana","HK":"Hong Kong","HM":"Heard Island and McDonald Islands","HN":"Honduras",
"HR":"Croatia","HT":"Haiti","HU":"Hungary","ID":"Indonesia","IE":"Ireland","IL":"Israel","IM":"Isle of Man","IN":"India","IO":"British Indian Ocean Territory","IQ":"Iraq",
"IR":"Iran","IS":"Iceland","IT":"Italy","JE":"Jersey","JM":"Jamaica","JO":"Jordan","JP":"Japan","KE":"Kenya","KG":"Kyrgyzstan","KH":"Cambodia","KI":"Kiribati","KM":"Comoros",
"KN":"Saint Kitts and Nevis","KP":"North Korea","KR":"South Korea","KW":"Kuwait","KY":"Cayman Islands","KZ":"Kazakhstan","LA":"Laos","LB":"Lebanon","LC":"Saint Lucia",
"LI":"Liechtenstein","LK":"Sri Lanka","LR":"Liberia","LS":"Lesotho","LT":"Lithuania","LU":"Luxembourg","LV":"Latvia","LY":"Libya","MA":"Morocco","MC":"Monaco","MD":"Moldova",
"ME":"Montenegro","MF":"Saint Martin","MG":"Madagascar","MH":"Marshall Islands","MK":"North Macedonia","ML":"Mali","MM":"Myanmar","MN":"Mongolia","MO":"Macau",
"MP":"Northern Mariana Islands","MQ":"Martinique","MR":"Mauritania","MS":"Montserrat","MT":"Malta","MU":"Mauritius","MV":"Maldives","MW":"Malawi","MX":"Mexico","MY":"Malaysia",
"MZ":"Mozambique","NA":"Namibia","NC":"New Caledonia","NE":"Niger","NF":"Norfolk Island","NG":"Nigeria","NI":"Nicaragua","NL":"Netherlands","NO":"Norway","NP":"Nepal","NR":"Nauru",
"NU":"Niue","NZ":"New Zealand","OM":"Oman","PA":"Panama","PE":"Peru","PF":"French Polynesia","PG":"Papua New Guinea","PH":"Philippines","PK":"Pakistan","PL":"Poland",
"PM":"Saint Pierre and Miquelon","PN":"Pitcairn Islands","PR":"Puerto Rico","PS":"Palestine","PT":"Portugal","PW":"Palau","PY":"Paraguay","QA":"Qatar","RE":"Réunion","RO":"Romania",
"RS":"Serbia","RU":"Russia","RW":"Rwanda","SA":"Saudi Arabia","SB":"Solomon Islands","SC":"Seychelles","SD":"Sudan","SE":"Sweden","SG":"Singapore",
"SH":"Saint Helena, Ascension and Tristan da Cunha","SI":"Slovenia","SJ":"Svalbard and Jan Mayen","SK":"Slovakia","SL":"Sierra Leone","SM":"San Marino","SN":"Senegal","SO":"Somalia",
"SR":"Suriname","SS":"South Sudan","ST":"São Tomé and Príncipe","SV":"El Salvador","SX":"Sint Maarten","SY":"Syria","SZ":"Eswatini","TC":"Turks and Caicos Islands","TD":"Chad",
"TF":"French Southern and Antarctic Lands","TG":"Togo","TH":"Thailand","TJ":"Tajikistan","TK":"Tokelau","TL":"Timor-Leste","TM":"Turkmenistan","TN":"Tunisia","TO":"Tonga",
"TR":"Turkey","TT":"Trinidad and Tobago","TV":"Tuvalu","TW":"Taiwan","TZ":"Tanzania","UA":"Ukraine","UG":"Uganda","UM":"United States Minor Outlying Islands","US":"United States",
"UY":"Uruguay","UZ":"Uzbekistan","VA":"Vatican City","VC":"Saint Vincent and the Grenadines","VE":"Venezuela","VG":"British Virgin Islands","VI":"United States Virgin Islands",
"VN":"Vietnam","VU":"Vanuatu","WF":"Wallis and Futuna","WS":"Samoa","XK":"Kosovo","YE":"Yemen","YT":"Mayotte","ZA":"South Africa","ZM":"Zambia","ZW":"Zimbabwe"}'
#*
#* Parse command line options
#*
if [[ $# -lt 1 ]]; then
PrintUsage
exit 1
fi
# read optional preferences from "$HOME/.asnrc" (only for non-headless runs)
if [ "$IS_HEADLESS" = false ]; then
rcfile="/${HOME}/.asnrc"
if [ -r "$rcfile" ]; then
# shellcheck disable=SC1090
. "$rcfile"
fi
fi
status_json_output="ok"
reason_json_output="success"
json_request_time=$(date "+%Y-%m-%dT%H:%M:%S")
starttime="$(date +%s)"
final_json_output=""
json_target_type="unknown"
json_resultcount=0
# optspec contains:
# - options followed by a colon: parameter is mandatory
# - first colon: disable getopts' own error reporting
# in this mode, getopts sets optchar to:
# '?' -> unknown option
# ':' -> missing mandatory parameter to the option
optspec=":hvmljJsgn:t:d:o:a:c:u:"
FORCE_ORGSEARCH=false
SUGGEST_SEARCH=false
SERVER_MODE=false
RECON_MODE=false
COUNTRY_BLOCK_MODE=false
GEOLOCATE_ONLY_MODE=false
BGP_UPSTREAM_MODE=false
OPTIONS_PRESENT=false # will be set to true if getopts enters the loop (detects an option being passed)
while getopts "$optspec" optchar; do {
GetFullParamsFromCurrentPosition(){
#
# Helper function that retrieves all the command line
# parameters starting from position $OPTIND (current
# option's argument as being parsed by getopts)
#
# 1) first param is set to current option's param (space-separated)
# 2) then append (if any exist) the following command line params.
#
# this allows for invocations such as 'asn -o NAME WITH SPACES'
# without having to quote NAME WITH SPACES
# The function requires passing the original $@ as parameter
# so as to not confuse it with the function's own $@.
#
# in the above example, $OPTARG="NAME", $OPTIND="3", ${@:$OPTIND}=array("WITH" "SPACES")
#
userinput="$OPTARG"
for option in "${@:$OPTIND}"; do
userinput+=" $option"
done
}
userinput=""
OPTIONS_PRESENT=true
case "${optchar}" in
"n")
MTR_TRACING=false
ADDITIONAL_INETNUM_LOOKUP=false
GetFullParamsFromCurrentPosition "$@"
;;
"t")
MTR_TRACING=true
GetFullParamsFromCurrentPosition "$@"
;;
"d")
MTR_TRACING=true
DETAILED_TRACE=true
GetFullParamsFromCurrentPosition "$@"
;;
"o")
FORCE_ORGSEARCH=true
GetFullParamsFromCurrentPosition "$@"
;;
"a")
SUGGEST_SEARCH=true
GetFullParamsFromCurrentPosition "$@"
;;
"s")
MTR_TRACING=false
RECON_MODE=true
GetFullParamsFromCurrentPosition "$@"
;;
"c")
COUNTRY_BLOCK_MODE=true
GetFullParamsFromCurrentPosition "$@"
;;
"g")
GEOLOCATE_ONLY_MODE=true
GetFullParamsFromCurrentPosition "$@"
;;
"u")
BGP_UPSTREAM_MODE=true
GetFullParamsFromCurrentPosition "$@"
;;
"m")
MONOCHROME_MODE=true
;;
"j")
MTR_TRACING=false # json output for mtr traces not implemented yet
JSON_OUTPUT=true
# GetFullParamsFromCurrentPosition "$@"
;;
"J")
MTR_TRACING=false # json output for mtr traces not implemented yet
JSON_OUTPUT=true
JSON_PRETTY=true
# GetFullParamsFromCurrentPosition "$@"
;;
"l")
SERVER_MODE=true
argcount=1
for option in "${@:$OPTIND}"; do
# one or more parameters were passed to -l, check if
# is an IP, PORT or "IP PORT" pair.
# pass the rest of the command line as direct
# ncat arguments.
# Not passing everything directly (-l has the same
# functionality in ncat) because asn should have more
# sensible defaults (i.e. bind to 127.0.0.1 and not
# 0.0.0.0 by default).
# handle special case (if invocation was 'asn -l -v " \ "" \ "Generated by ASN Lookup Server v${ASN_VERSION} running on $HOSTNAME in ${runtime}s (request ID: $reqid)" \ "" \ "
" \ "" \ "What is that?" \ "\n" \ "