-
-
Save marcostolosa/7f8d433af076f08a0990ac64deced8eb to your computer and use it in GitHub Desktop.
Script for Blocking Censys & Shodan IPs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo "[+] Installing scanners block rules with logging..." | |
| LOGTAG="SCANNERS_BLOCK" | |
| ######################################## | |
| # Censys IPv4 ranges | |
| ######################################## | |
| CENSYS_V4=( | |
| "66.132.159.0/24" | |
| "162.142.125.0/24" | |
| "167.94.138.0/24" | |
| "167.94.145.0/24" | |
| "167.94.146.0/24" | |
| "167.248.133.0/24" | |
| "199.45.154.0/24" | |
| "199.45.155.0/24" | |
| "206.168.34.0/24" | |
| "206.168.35.0/24" | |
| "66.132.148.0/24" | |
| "66.132.153.0/24" | |
| "206.168.32.0/24" | |
| "206.168.33.0/24" | |
| ) | |
| ######################################## | |
| # ZoomEye IPv4 ranges | |
| ######################################## | |
| ZOOMEYE_V4=( | |
| "103.224.80.0/20" | |
| ) | |
| ######################################## | |
| # FOFA IPv4 ranges | |
| ######################################## | |
| FOFA_V4=( | |
| "103.224.212.0/22" | |
| ) | |
| ######################################## | |
| # BinaryEdge IPv4 ranges | |
| ######################################## | |
| BINARYEDGE_V4=( | |
| "185.162.235.0/24" | |
| "185.162.236.0/24" | |
| "185.162.237.0/24" | |
| ) | |
| ######################################## | |
| # ShadowServer IPv4 ranges | |
| ######################################## | |
| SHADOWSERVER_V4=( | |
| "64.62.197.254" | |
| "149.20.4.0/24" | |
| "149.20.5.0/24" | |
| "149.20.6.0/24" | |
| ) | |
| ######################################## | |
| # Rapid7 IPv4 ranges | |
| ######################################## | |
| RAPID7_V4=( | |
| "71.6.233.0/24" | |
| "5.63.151.96/27" | |
| "88.202.190.128/27" | |
| "109.123.117.228" | |
| "109.123.117.230" | |
| "109.123.117.232" | |
| ) | |
| ######################################## | |
| # Baidu IPv4 ranges | |
| ######################################## | |
| BAIDU_V4=( | |
| "119.63.192.0/21" | |
| "119.63.192.0/24" | |
| "119.63.193.0/24" | |
| "119.63.194.0/24" | |
| "119.63.195.0/24" | |
| "119.63.196.0/24" | |
| "119.63.197.0/24" | |
| "119.63.198.0/24" | |
| "119.63.199.0/24" | |
| ) | |
| ######################################## | |
| # Tencent Cloud IPv4 ranges | |
| ######################################## | |
| TENCENT_V4=( | |
| "43.159.95.15" | |
| "156.240.62.0/24" | |
| "45.197.79.0/24" | |
| "119.28.0.0/16" | |
| ) | |
| ######################################## | |
| # Alibaba Cloud IPv4 ranges | |
| ######################################## | |
| ALIBABA_V4=( | |
| "47.74.0.0/15" | |
| "47.235.0.0/15" | |
| "47.238.0.0/15" | |
| "47.242.0.0/16" | |
| "47.243.0.0/16" | |
| "47.88.0.0/14" | |
| "47.56.0.0/15" | |
| "139.95.0.0/16" | |
| "147.139.0.0/16" | |
| "155.102.0.0/16" | |
| "163.181.0.0/16" | |
| ) | |
| ######################################## | |
| # Censys IPv6 ranges | |
| ######################################## | |
| CENSYS_V6=( | |
| "2602:80d:1000:b0cc:e::/80" | |
| "2620:96:e000:b0cc:e::/80" | |
| "2602:80d:1003::/112" | |
| "2602:80d:1004::/112" | |
| ) | |
| ######################################## | |
| # Shodan IPv4 | |
| ######################################## | |
| SHODAN_V4=( | |
| "198.20.69.74" | |
| "198.20.69.98" | |
| "198.20.70.114" | |
| "198.20.99.130" | |
| "93.120.27.62" | |
| "66.240.236.119" | |
| "71.6.135.131" | |
| "66.240.192.138" | |
| "71.6.167.142" | |
| "82.221.105.6" | |
| "82.221.105.7" | |
| "71.6.165.200" | |
| "188.138.9.50" | |
| "85.25.103.50" | |
| "85.25.43.94" | |
| "71.6.146.185" | |
| "71.6.158.166" | |
| "198.20.87.98" | |
| "66.240.219.146" | |
| "209.126.110.38" | |
| "104.131.0.69" | |
| "66.240.219.133" | |
| "143.198.225.197" | |
| "137.184.95.216" | |
| "64.227.90.185" | |
| "143.198.238.87" | |
| "137.184.190.205" | |
| "137.184.112.192" | |
| "137.184.190.188" | |
| "167.172.219.157" | |
| "143.110.239.2" | |
| "143.198.68.20" | |
| "137.184.190.194" | |
| "137.184.190.246" | |
| "137.184.9.17" | |
| "137.184.13.100" | |
| "137.184.94.133" | |
| "137.184.112.103" | |
| "137.184.180.190" | |
| "143.198.50.234" | |
| "185.142.236.36" | |
| "185.142.236.40" | |
| "185.142.236.41" | |
| "185.142.236.43" | |
| "185.142.239.16" | |
| "198.20.69.96/29" | |
| "198.20.70.112/29" | |
| "198.20.87.96/29" | |
| "198.20.99.128/29" | |
| "66.240.205.34" | |
| "71.6.146.130" | |
| "71.6.147.198" | |
| "71.6.147.254" | |
| "71.6.150.153" | |
| "71.6.167.125" | |
| "89.248.172.7" | |
| "165.227.62.247" | |
| "165.227.55.4" | |
| "216.117.2.180" | |
| "195.144.21.56" | |
| "185.165.190.17" | |
| "98.143.148.107" | |
| "155.94.254.133" | |
| "155.94.254.143" | |
| "155.94.222.12" | |
| "98.143.148.135" | |
| "207.90.244.0/24" | |
| ) | |
| ######################################## | |
| # Apply IPv4 logs + drops | |
| ######################################## | |
| for ip in \ | |
| "${CENSYS_V4[@]}" \ | |
| "${SHODAN_V4[@]}" \ | |
| "${ZOOMEYE_V4[@]}" \ | |
| "${FOFA_V4[@]}" \ | |
| "${BINARYEDGE_V4[@]}" \ | |
| "${SHADOWSERVER_V4[@]}" \ | |
| "${RAPID7_V4[@]}" \ | |
| "${BAIDU_V4[@]}" \ | |
| "${TENCENT_V4[@]}" \ | |
| "${ALIBABA_V4[@]}"; do | |
| iptables -A INPUT -s "$ip" -j LOG --log-prefix "$LOGTAG " | |
| iptables -A INPUT -s "$ip" -j DROP | |
| echo "Blocked IPv4: $ip" | |
| done | |
| ######################################## | |
| # Apply IPv6 logs + drops | |
| ######################################## | |
| for ip in "${CENSYS_V6[@]}"; do | |
| ip6tables -A INPUT -s "$ip" -j LOG --log-prefix "$LOGTAG " | |
| ip6tables -A INPUT -s "$ip" -j DROP | |
| echo "Blocked IPv6: $ip" | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment