Skip to content

Instantly share code, notes, and snippets.

@aachyee
aachyee / (de)obfuscate-IP-address.js
Created September 24, 2020 09:43 — forked from JavaScript-Packer/(de)obfuscate-IP-address.js
This simple JavaScript function set/utility provides the opportunity to obfuscate an IP address or decipher an obfuscated IP. Made by www.whak.ca
function ip2decimal(ip) {
ip = ip.split(".");
var e, w = 16777216, x = 65536, y = 256, a = eval(ip[0]), b = eval(ip[1]), c = eval(ip[2]), d = eval(ip[3]);
e = a * w + b * x + c * y + d;
return e;
}
function decimal2ip(ip) {
var w = 16777216, x = 65536, y = 256, e = eval(ip), a = e / w, z = e - (a - e % w / w) * w, b = z / x, q = z - (b - z % x / x) * x, c = q / y, d = q - (c - q % y / y) * y;
return parseInt(a) + "." + parseInt(b) + "." + parseInt(c) + "." + parseInt(d);
#
# Library with various ip manipulation functions
#
# convert ip ranges to CIDR notation
# str range2cidr(ip2dec("192.168.0.15"), ip2dec("192.168.5.115"))
#
# Credit to Chubler_XL for this brilliant function. (see his post below for non GNU awk)
#
function range2cidr(ipStart, ipEnd, bits, mask, newip) {
@aachyee
aachyee / lib_netaddr.awk
Created September 24, 2020 09:40 — forked from jwieder/lib_netaddr.awk
convert massive subnet lists to CIDR very quickly (280K lines ~15 sec) - h/t ripat
#
# Library with various ip manipulation functions
#
# convert ip ranges to CIDR notation
# str range2cidr(ip2dec("192.168.0.15"), ip2dec("192.168.5.115"))
#
# Credit to Chubler_XL for this brilliant function. (see his post below for non GNU awk)
#
function range2cidr(ipStart, ipEnd, bits, mask, newip) {
@aachyee
aachyee / iprange2cidr.awk
Created September 24, 2020 09:39 — forked from shangjiyu/iprange2cidr.awk
iprange2cidr awk script
#
# Library with various ip manipulation functions
#
# convert ip ranges to CIDR notation
# str range2cidr(ip2dec("192.168.0.15"), ip2dec("192.168.5.115"))
#
# Credit to Chubler_XL for this brilliant function. (see his post below for non GNU awk)
#
function range2cidr(ipStart, ipEnd, bits, mask, newip) {
@aachyee
aachyee / fix-weave-snat.sh
Created September 24, 2020 09:39 — forked from mrdima/fix-weave-snat.sh
Retain source IP for weave overlay network in Kubernetes
#!/bin/bash
# Inserts or removes iptables rules to prevent snat to the hosts local weave ip ranges
# This way the source ip will be retained for traffic not coming from weave
# Requires weave to be running, the script does wait for weave report to respond
echo running $0 $1
action="${1:-start}"
echo action: ${action}
#functions taken from: https://stackoverflow.com/questions/10768160/ip-address-converter
dec2ip () {
local ip dec=$@
@aachyee
aachyee / ip2dec.js
Created September 24, 2020 09:38 — forked from dllmoe/ip2dec.js
ip地址转十进制
#!/usr/bin/nodejs
function showHelp(){
console.log('Usage: ipnum [ip] ...');
}
function convert(ip){
if(typeof ip !== 'string') return false;
if(!/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/.test(ip)) return false;
@aachyee
aachyee / script.awk
Created September 24, 2020 09:38 — forked from Driim/script.awk
@include "lib_netaddr.awk"
function sanitize(ip) {
split(ip, slice, ".")
return slice[1]/1 "." slice[2]/1 "." slice[3]/1 "." slice[4]/1
}
function snbounds(to,i) {
sn_min=grp[1]
sn_max=grp[to]
@aachyee
aachyee / analyze.new.logs.sh
Created September 24, 2020 09:37 — forked from felmoltor/analyze.new.logs.sh
OVH Apache Access log periodic download
#!/bin/bash
# Author: Felipe Molina (@felmoltor)
# Date: 05/03/2015
# Summary:
# This script analyzes the Apache logs previously downloaded with "download.ovh.logs.sh"
# It compares the requests done yesterday with the whitelist of files of the website contained in "whitelist.files.list"
# If one of the requests is not pressent in this whitelist, the script stores it as suspicious along with the server response
# of the request and finally a summary is sent to your email.
@aachyee
aachyee / estadisticas.sh
Created September 24, 2020 09:34 — forked from felmoltor/estadisticas.sh
Kippo statistic extraction script
#!/bin/bash
TOPIP=15
TOPUP=30
TOPU=30
TOPP=30
TOPLU=15
TOPLP=15
GEOLITEDB="/home/<username>/maxmind/GeoIPCountryWhois.db" # Use the sqlite3 db created with http://pastebin.com/9WxCy5ks
@aachyee
aachyee / knock
Created September 24, 2020 09:29 — forked from lumenpink/knock
Knock 2015.1 - Projeto elaborado na Estácio de Sá Santa Catarina - https://docs.google.com/presentation/d/1G-kDirpN6SyehQw8KUaFqMJARwLrHhw80Y9wdXNNkXQ/edit?usp=sharing
#!/bin/bash
. /usr/local/knock/library
#Lista de portas na ordem da sequencia
ports=(34 1032 43231 456)
#Porta a Ser desbloqueada
safePort=29
#Comando tshark (wireshark para console)
#customizado para exibir apenas
#ip de origem e porta de destino
tshark -n -l -f "tcp and dst 177.70.2.30 and tcp[tcpflags] & (tcp-syn) != 0 and tcp[tcpflags] & (tcp-ack) = 0" -E separator=":" -Tfields -e ip.src -e tcp.dstport |