diff options
Diffstat (limited to 'scripts')
| -rw-r--r-- | scripts/README | 5 | ||||
| -rwxr-xr-x | scripts/alta | 33 | ||||
| -rwxr-xr-x | scripts/bsh | 29 | ||||
| -rwxr-xr-x | scripts/dist.sh | 23 | ||||
| -rwxr-xr-x | scripts/irc | 79 | ||||
| -rwxr-xr-x | scripts/iscan | 35 | ||||
| -rwxr-xr-x | scripts/ncp | 46 | ||||
| -rwxr-xr-x | scripts/probe | 50 | ||||
| -rwxr-xr-x | scripts/web | 148 | ||||
| -rwxr-xr-x | scripts/webproxy | 139 | ||||
| -rwxr-xr-x | scripts/webrelay | 44 | ||||
| -rwxr-xr-x | scripts/websearch | 77 |
12 files changed, 708 insertions, 0 deletions
diff --git a/scripts/README b/scripts/README new file mode 100644 index 0000000..07aee0c --- /dev/null +++ b/scripts/README @@ -0,0 +1,5 @@ +A collection of example scripts that use netcat as a backend, each +documented by its own internal comments. + +I'll be the first to admit that some of these are seriously *sick*, +but they do work and are quite useful to me on a daily basis. diff --git a/scripts/alta b/scripts/alta new file mode 100755 index 0000000..7a09176 --- /dev/null +++ b/scripts/alta @@ -0,0 +1,33 @@ +#! /bin/sh +## special handler for altavista, since they only hand out chunks of 10 at +## a time. Tries to isolate out results without the leading/trailing trash. +## multiword arguments are foo+bar, as usual. +## Second optional arg switches the "what" field, to e.g. "news" + +test "${1}" = "" && echo 'Needs an argument to search for!' && exit 1 +WHAT="web" +test "${2}" && WHAT="${2}" + +# convert multiple args +PLUSARG="`echo $* | sed 's/ /+/g'`" + +# Plug in arg. only doing simple-q for now; pg=aq for advanced-query +# embedded quotes define phrases; otherwise it goes wild on multi-words +QB="GET /cgi-bin/query?pg=q&what=${WHAT}&fmt=c&q=\"${PLUSARG}\"" + +# ping 'em once, to get the routing warm +nc -z -w 8 www.altavista.digital.com 24015 2> /dev/null +echo "=== Altavista ===" + +for xx in 0 10 20 30 40 50 60 70 80 90 100 110 120 130 140 150 160 170 180 \ + 190 200 210 220 230 240 250 260 270 280 290 300 310 320 330 340 350 ; do + echo "${QB}&stq=${xx}" | nc -w 15 www.altavista.digital.com 80 | \ + egrep '^<a href="http://' +done + +exit 0 + +# old filter stuff + sed -e '/Documents .* matching .* query /,/query?.*stq=.* Document/p' \ + -e d + diff --git a/scripts/bsh b/scripts/bsh new file mode 100755 index 0000000..796e480 --- /dev/null +++ b/scripts/bsh @@ -0,0 +1,29 @@ +#! /bin/sh +## a little wrapper to "password" and re-launch a shell-listener. +## Arg is taken as the port to listen on. Define "NC" to point wherever. + +NC=nc + +case "$1" in + ?* ) + LPN="$1" + export LPN + sleep 1 + echo "-l -p $LPN -e $0" | $NC > /dev/null 2>&1 & + echo "launched on port $LPN" + exit 0 + ;; +esac + +# here we play inetd +echo "-l -p $LPN -e $0" | $NC > /dev/null 2>&1 & + +while read qq ; do +case "$qq" in +# here's yer password + gimme ) + cd / + exec csh -i + ;; +esac +done diff --git a/scripts/dist.sh b/scripts/dist.sh new file mode 100755 index 0000000..4d2534a --- /dev/null +++ b/scripts/dist.sh @@ -0,0 +1,23 @@ +#! /bin/sh +## This is a quick example listen-exec server, which was used for a while to +## distribute netcat prereleases. It illustrates use of netcat both as a +## "fake inetd" and a syslogger, and how easy it then is to crock up a fairly +## functional server that restarts its own listener and does full connection +## logging. In a half-screen of shell script!! + +PORT=31337 + +sleep 1 +SRC=`tail -1 dist.log` +echo "<36>elite: ${SRC}" | ./nc -u -w 1 localhost 514 > /dev/null 2>&1 +echo ";;; Hi, ${SRC}..." +echo ";;; This is a PRERELEASE version of 'netcat', tar/gzip/uuencoded." +echo ";;; Unless you are capturing this somehow, it won't do you much good." +echo ";;; Ready?? Here it comes! Have phun ..." +sleep 8 +cat dist.file +sleep 1 +./nc -v -l -p ${PORT} -e dist.sh < /dev/null >> dist.log 2>&1 & +sleep 1 +echo "<36>elite: done" | ./nc -u -w 1 localhost 514 > /dev/null 2>&1 +exit 0 diff --git a/scripts/irc b/scripts/irc new file mode 100755 index 0000000..3557d7a --- /dev/null +++ b/scripts/irc @@ -0,0 +1,79 @@ +#! /bin/sh +## Shit-simple script to supply the "privmsg <recipient>" of IRC typein, and +## keep the connection alive. Pipe this thru "nc -v -w 5 irc-server port". +## Note that this mechanism makes the script easy to debug without being live, +## since it just echoes everything bound for the server. +## if you want autologin-type stuff, construct some appropriate files and +## shovel them in using the "<" mechanism. + +# magic arg: if "tick", do keepalive process instead of main loop +if test "$1" = "tick" ; then +# ignore most signals; the parent will nuke the kid +# doesn't stop ^Z, of course. + trap '' 1 2 3 13 14 15 16 + while true ; do + sleep 60 + echo "PONG !" + done +fi + +# top level: fire ourselves off as the keepalive process, and keep track of it +sh $0 tick & +ircpp=$! +echo "[Keepalive: $ircpp]" >&2 +# catch our own batch of signals: hup int quit pipe alrm term urg +trap 'kill -9 $ircpp ; exit 0' 1 2 3 13 14 15 16 +sleep 2 + +sender='' +savecmd='' + +# the big honkin' loop... +while read xx yy ; do + case "${xx}" in +# blank line: do nothing + "") + continue + ;; +# new channel or recipient; if bare ">", we're back to raw literal mode. + ">") + if test "${yy}" ; then + sender="privmsg ${yy} :" + else + sender='' + fi + continue + ;; +# send crud from a file, one line per second. Can you say "skr1pt kidz"?? +# *Note: uses current "recipient" if set. + "<") + if test -f "${yy}" ; then + ( while read zz ; do + sleep 1 + echo "${sender}${zz}" + done ) < "$yy" + echo "[done]" >&2 + else + echo "[File $yy not found]" >&2 + fi + continue + ;; +# do and save a single command, for quick repeat + "/") + if test "${yy}" ; then + savecmd="${yy}" + fi + echo "${savecmd}" + ;; +# default case goes to recipient, just like always + *) + echo "${sender}${xx} ${yy}" + continue + ;; + esac +done + +# parting shot, if you want it +echo "quit :Bye all!" +kill -9 $ircpp +exit 0 diff --git a/scripts/iscan b/scripts/iscan new file mode 100755 index 0000000..6279bc8 --- /dev/null +++ b/scripts/iscan @@ -0,0 +1,35 @@ +#! /bin/sh +## duplicate DaveG's ident-scan thingie using netcat. Oooh, he'll be pissed. +## args: target port [port port port ...] +## hose stdout *and* stderr together. +## +## advantages: runs slower than ident-scan, giving remote inetd less cause +## for alarm, and only hits the few known daemon ports you specify. +## disadvantages: requires numeric-only port args, the output sleazitude, +## and won't work for r-services when coming from high source ports. + +case "${2}" in + "" ) echo needs HOST and at least one PORT ; exit 1 ;; +esac + +# ping 'em once and see if they *are* running identd +nc -z -w 9 "$1" 113 || { echo "oops, $1 isn't running identd" ; exit 0 ; } + +# generate a randomish base port +RP=`expr $$ % 999 + 31337` + +TRG="$1" +shift + +while test "$1" ; do + nc -v -w 8 -p ${RP} "$TRG" ${1} < /dev/null > /dev/null & + PROC=$! + sleep 3 + echo "${1},${RP}" | nc -w 4 -r "$TRG" 113 2>&1 + sleep 2 +# does this look like a lamer script or what... + kill -HUP $PROC + RP=`expr ${RP} + 1` + shift +done + diff --git a/scripts/ncp b/scripts/ncp new file mode 100755 index 0000000..1931b03 --- /dev/null +++ b/scripts/ncp @@ -0,0 +1,46 @@ +#! /bin/sh +## Like "rcp" but uses netcat on a high port. +## do "ncp targetfile" on the RECEIVING machine +## then do "ncp sourcefile receivinghost" on the SENDING machine +## if invoked as "nzp" instead, compresses transit data. + +## pick your own personal favorite port, which will be used on both ends. +## You should probably change this for your own uses. +MYPORT=23456 + +## if "nc" isn't systemwide or in your PATH, add the right place +# PATH=${HOME}:${PATH} ; export PATH + +test "$3" && echo "too many args" && exit 1 +test ! "$1" && echo "no args?" && exit 1 +me=`echo $0 | sed 's+.*/++'` +test "$me" = "nzp" && echo '[compressed mode]' + +# if second arg, it's a host to send an [extant] file to. +if test "$2" ; then + test ! -f "$1" && echo "can't find $1" && exit 1 + if test "$me" = "nzp" ; then + compress -c < "$1" | nc -v -w 2 $2 $MYPORT && exit 0 + else + nc -v -w 2 $2 $MYPORT < "$1" && exit 0 + fi + echo "transfer FAILED!" + exit 1 +fi + +# fall here for receiver. Ask before trashing existing files +if test -f "$1" ; then + echo -n "Overwrite $1? " + read aa + test ! "$aa" = "y" && echo "[punted!]" && exit 1 +fi +# 30 seconds oughta be pleeeeenty of time, but change if you want. +if test "$me" = "nzp" ; then + nc -v -w 30 -p $MYPORT -l < /dev/null | uncompress -c > "$1" && exit 0 +else + nc -v -w 30 -p $MYPORT -l < /dev/null > "$1" && exit 0 +fi +echo "transfer FAILED!" +# clean up, since even if the transfer failed, $1 is already trashed +rm -f "$1" +exit 1 diff --git a/scripts/probe b/scripts/probe new file mode 100755 index 0000000..c47dc3f --- /dev/null +++ b/scripts/probe @@ -0,0 +1,50 @@ +#! /bin/sh +## launch a whole buncha shit at yon victim in no particular order; capture +## stderr+stdout in one place. Run as root for rservice and low -p to work. +## Fairly thorough example of using netcat to collect a lot of host info. +## Will set off every intrusion alarm in existence on a paranoid machine! + +# where .d files are kept; "." if nothing else +DDIR=../data +# address of some well-connected router that groks LSRR +GATE=192.157.69.11 + +# might conceivably wanna change this for different run styles +UCMD='nc -v -w 8' + +test ! "$1" && echo Needs victim arg && exit 1 + +echo '' | $UCMD -w 9 -r "$1" 13 79 6667 2>&1 +echo '0' | $UCMD "$1" 79 2>&1 +# if LSRR was passed thru, should get refusal here: +$UCMD -z -r -g $GATE "$1" 6473 2>&1 +$UCMD -r -z "$1" 6000 4000-4004 111 53 2105 137-140 1-20 540-550 95 87 2>&1 +# -s `hostname` may be wrong for some multihomed machines +echo 'UDP echoecho!' | nc -u -p 7 -s `hostname` -w 3 "$1" 7 19 2>&1 +echo '113,10158' | $UCMD -p 10158 "$1" 113 2>&1 +rservice bin bin | $UCMD -p 1019 "$1" shell 2>&1 +echo QUIT | $UCMD -w 8 -r "$1" 25 158 159 119 110 109 1109 142-144 220 23 2>&1 +# newline after any telnet trash +echo '' +echo PASV | $UCMD -r "$1" 21 2>&1 +echo 'GET /' | $UCMD -w 10 "$1" 80 81 210 70 2>&1 +# sometimes contains useful directory info: +echo 'GET /robots.txt' | $UCMD -w 10 "$1" 80 2>&1 +# now the big red lights go on +rservice bin bin 9600/9600 | $UCMD -p 1020 "$1" login 2>&1 +rservice root root | $UCMD -r "$1" exec 2>&1 +echo 'BEGIN big udp -- everything may look "open" if packet-filtered' +data -g < ${DDIR}/nfs-0.d | $UCMD -i 1 -u "$1" 2049 | od -x 2>&1 +# no wait-time, uses RTT hack +nc -v -z -u -r "$1" 111 66-70 88 53 87 161-164 121-123 213 49 2>&1 +nc -v -z -u -r "$1" 137-140 694-712 747-770 175-180 2103 510-530 2>&1 +echo 'END big udp' +$UCMD -r -z "$1" 175-180 2000-2003 530-533 1524 1525 666 213 8000 6250 2>&1 +# Use our identd-sniffer! +iscan "$1" 21 25 79 80 111 53 6667 6000 2049 119 2>&1 +# this gets pretty intrusive, but what the fuck. Probe for portmap first +if nc -w 5 -z -u "$1" 111 ; then + showmount -e "$1" 2>&1 + rpcinfo -p "$1" 2>&1 +fi +exit 0 diff --git a/scripts/web b/scripts/web new file mode 100755 index 0000000..382b18e --- /dev/null +++ b/scripts/web @@ -0,0 +1,148 @@ +#! /bin/sh +## The web sucks. It is a mighty dismal kludge built out of a thousand +## tiny dismal kludges all band-aided together, and now these bottom-line +## clueless pinheads who never heard of "TCP handshake" want to run +## *commerce* over the damn thing. Ye godz. Welcome to TV of the next +## century -- six million channels of worthless shit to choose from, and +## about as much security as today's cable industry! +## +## Having grown mightily tired of pain in the ass browsers, I decided +## to build the minimalist client. It doesn't handle POST, just GETs, but +## the majority of cgi forms handlers apparently ignore the method anyway. +## A distinct advantage is that it *doesn't* pass on any other information +## to the server, like Referer: or info about your local machine such as +## Netscum tries to! +## +## Since the first version, this has become the *almost*-minimalist client, +## but it saves a lot of typing now. And with netcat as its backend, it's +## totally the balls. Don't have netcat? Get it here in /src/hacks! +## _H* 950824, updated 951009 et seq. +## +## args: hostname [port]. You feed it the filename-parts of URLs. +## In the loop, HOST, PORT, and SAVE do the right things; a null line +## gets the previous spec again [useful for initial timeouts]; EOF to exit. +## Relative URLs behave like a "cd" to wherever the last slash appears, or +## just use the last component with the saved preceding "directory" part. +## "\" clears the "filename" part and asks for just the "directory", and +## ".." goes up one "directory" level while retaining the "filename" part. +## Play around; you'll get used to it. + +if test "$1" = "" ; then + echo Needs hostname arg. + exit 1 +fi +umask 022 + +# optional PATH fixup +# PATH=${HOME}:${PATH} ; export PATH + +test "${PAGER}" || PAGER=more +BACKEND="nc -v -w 15" +TMPAGE=/tmp/web$$ +host="$1" +port="80" +if test "$2" != "" ; then + port="$2" +fi + +spec="/" +specD="/" +specF='' +saving='' + +# be vaguely smart about temp file usage. Use your own homedir if you're +# paranoid about someone symlink-racing your shell script, jeez. +rm -f ${TMPAGE} +test -f ${TMPAGE} && echo "Can't use ${TMPAGE}" && exit 1 + +# get loopy. Yes, I know "echo -n" aint portable. Everything echoed would +# need "\c" tacked onto the end in an SV universe, which you can fix yourself. +while echo -n "${specD}${specF} " && read spec ; do + case $spec in + HOST) + echo -n 'New host: ' + read host + continue + ;; + PORT) + echo -n 'New port: ' + read port + continue + ;; + SAVE) + echo -n 'Save file: ' + read saving +# if we've already got a page, save it + test "${saving}" && test -f ${TMPAGE} && + echo "=== ${host}:${specD}${specF} ===" >> $saving && + cat ${TMPAGE} >> $saving && echo '' >> $saving + continue + ;; +# changing the logic a bit here. Keep a state-concept of "current dir" +# and "current file". Dir is /foo/bar/ ; file is "baz" or null. +# leading slash: create whole new state. + /*) + specF=`echo "${spec}" | sed 's|.*/||'` + specD=`echo "${spec}" | sed 's|\(.*/\).*|\1|'` + spec="${specD}${specF}" + ;; +# embedded slash: adding to the path. "file" part can be blank, too + */*) + specF=`echo "${spec}" | sed 's|.*/||'` + specD=`echo "${specD}${spec}" | sed 's|\(.*/\).*|\1|'` + ;; +# dotdot: jump "up" one level and just reprompt [confirms what it did...] + ..) + specD=`echo "${specD}" | sed 's|\(.*/\)..*/|\1|'` + continue + ;; +# blank line: do nothing, which will re-get the current one + '') + ;; +# hack-quoted blank line: "\" means just zero out "file" part + '\') + specF='' + ;; +# sigh + '?') + echo Help yourself. Read the script fer krissake. + continue + ;; +# anything else is taken as a "file" part + *) + specF=${spec} + ;; + esac + +# now put it together and stuff it down a connection. Some lame non-unix +# http servers assume they'll never get simple-query format, and wait till +# an extra newline arrives. If you're up against one of these, change +# below to (echo GET "$spec" ; echo '') | $BACKEND ... + spec="${specD}${specF}" + echo GET "${spec}" | $BACKEND $host $port > ${TMPAGE} + ${PAGER} ${TMPAGE} + +# save in a format that still shows the URLs we hit after a de-html run + if test "${saving}" ; then + echo "=== ${host}:${spec} ===" >> $saving + cat ${TMPAGE} >> $saving + echo '' >> $saving + fi +done +rm -f ${TMPAGE} +exit 0 + +####### +# Encoding notes, finally from RFC 1738: +# %XX -- hex-encode of special chars +# allowed alphas in a URL: $_-.+!*'(), +# relative names *not* described, but obviously used all over the place +# transport://user:pass@host:port/path/name?query-string +# wais: port 210, //host:port/database?search or /database/type/file? +# cgi-bin/script?arg1=foo&arg2=bar&... scripts have to parse xxx&yyy&zzz +# ISMAP imagemap stuff: /bin/foobar.map?xxx,yyy -- have to guess at coords! +# local access-ctl files: ncsa: .htaccess ; cern: .www_acl +####### +# SEARCH ENGINES: fortunately, all are GET forms or at least work that way... +# multi-word args for most cases: foo+bar +# See 'websearch' for concise results of this research... diff --git a/scripts/webproxy b/scripts/webproxy new file mode 100755 index 0000000..59e6a49 --- /dev/null +++ b/scripts/webproxy @@ -0,0 +1,139 @@ +#! /bin/sh +## Web proxy, following the grand tradition of Web things being handled by +## gross scripts. Uses netcat to listen on a high port [default 8000], +## picks apart requests and sends them on to the right place. Point this +## at the browser client machine you'll be coming from [to limit access to +## only it], and point the browser's concept of an HTTP proxy to the +## machine running this. Takes a single argument of the client that will +## be using it, and rejects connections from elsewhere. LOGS the queries +## to a configurable logfile, which can be an interesting read later on! +## If the argument is "reset", the listener and logfile are cleaned up. +## +## This works surprisingly fast and well, for a shell script, although may +## randomly fail when hammered by a browser that tries to open several +## connections at once. Drop the "maximum connections" in your browser if +## this is a problem. +## +## A more degenerate case of this, or preferably a small C program that +## does the same thing under inetd, could handle a small site's worth of +## proxy queries. Given the way browsers are evolving, proxies like this +## can play an important role in protecting your own privacy. +## +## If you grabbed this in ASCII mode, search down for "eew" and make sure +## the embedded-CR check is intact, or requests might hang. +## +## Doesn't handle POST forms. Who cares, if you're just watching HTTV? +## Dumbness here has a highly desirable side effect: it only sends the first +## GET line, since that's all you really ever need to send, and suppresses +## the other somewhat revealing trash that most browsers insist on sending. + +# set these as you wish: proxy port... +PORT=8000 +# logfile spec: a real file or /dev/null if you don't care +LFILE=${0}.log +# optional: where to dump connect info, so you can see if anything went wrong +# CFILE=${0}.conn +# optional extra args to the listener "nc", for instance "-s inside-net-addr" +# XNC='' + +# functionality switch has to be done fast, so the next listener can start +# prelaunch check: if no current client and no args, bail. +case "${1}${CLIENT}" in + "") + echo needs client hostname + exit 1 + ;; +esac + +case "${1}" in + "") +# Make like inetd, and run the next relayer process NOW. All the redirection +# is necessary so this shell has NO remaining channel open to the net. +# This will hang around for 10 minutes, and exit if no new connections arrive. +# Using -n for speed, avoiding any DNS/port lookups. + nc -w 600 -n -l -p $PORT -e "$0" $XNC "$CLIENT" < /dev/null > /dev/null \ + 2> $CFILE & + ;; +esac + +# no client yet and had an arg, this checking can be much slower now +umask 077 + +if test "$1" ; then +# if magic arg, just clean up and then hit our own port to cause server exit + if test "$1" = "reset" ; then + rm -f $LFILE + test -f "$CFILE" && rm -f $CFILE + nc -w 1 -n 127.0.0.1 $PORT < /dev/null > /dev/null 2>&1 + exit 0 + fi +# find our ass with both hands + test ! -f "$0" && echo "Oops, cannot find my own corporeal being" && exit 1 +# correct launch: set up client access control, passed along thru environment. + CLIENT="$1" + export CLIENT + test "$CFILE" || CFILE=/dev/null + export CFILE + touch "$CFILE" +# tell us what happened during the last run, if possible + if test -f "$CFILE" ; then + echo "Last connection results:" + cat $CFILE + fi + +# ping client machine and get its bare IP address + CLIENT=`nc -z -v -w 8 "$1" 22000 2>&1 | sed 's/.*\[\(..*\)\].*/\1/'` + test ! "$CLIENT" && echo "Can't find address of $1" && exit 1 + +# if this was an initial launch, be informative about it + echo "=== Launch: $CLIENT" >> $LFILE + echo "Proxy running -- will accept connections on $PORT from $CLIENT" + echo " Logging queries to $LFILE" + test -f "$CFILE" && echo " and connection fuckups to $CFILE" + +# and run the first listener, showing us output just for the first hit + nc -v -w 600 -n -l -p $PORT -e "$0" $XNC "$CLIENT" & + exit 0 +fi + +# Fall here to handle a page. +# GET type://host.name:80/file/path HTTP/1.0 +# Additional: trash +# More: trash +# <newline> + +read x1 x2 x3 x4 +echo "=== query: $x1 $x2 $x3 $x4" >> $LFILE +test "$x4" && echo "extra junk after request: $x4" && exit 0 +# nuke questionable characters and split up the request +hurl=`echo "$x2" | sed -e "s+.*//++" -e 's+[\`'\''|$;<>{}\\!*()"]++g'` +# echo massaged hurl: $hurl >> $LFILE +hh=`echo "$hurl" | sed -e "s+/.*++" -e "s+:.*++"` +hp=`echo "$hurl" | sed -e "s+.*:++" -e "s+/.*++"` +test "$hp" = "$hh" && hp=80 +hf=`echo "$hurl" | sed -e "s+[^/]*++"` +# echo total split: $hh : $hp : $hf >> $LFILE +# suck in and log the entire request, because we're curious +# Fails on multipart stuff like forms; oh well... +if test "$x3" ; then + while read xx ; do + echo "${xx}" >> $LFILE + test "${xx}" || break +# eew, buried returns, gross but necessary for DOS stupidity: + test "${xx}" = " +" && break + done +fi +# check for non-GET *after* we log the query... +test "$x1" != "GET" && echo "sorry, this proxy only does GETs" && exit 0 +# no, you can *not* phone home, you miserable piece of shit +test "`echo $hh | fgrep -i netscap`" && \ + echo "access to Netscam's servers <b>DENIED.</b>" && exit 0 +# Do it. 30 sec net-wait time oughta be *plenty*... +# Some braindead servers have forgotten how to handle the simple-query syntax. +# If necessary, replace below with (echo "$x1 $hf" ; echo '') | nc... +echo "$x1 $hf" | nc -w 30 "$hh" "$hp" 2> /dev/null || \ + echo "oops, can't get to $hh : $hp". +echo "sent \"$x1 $hf\" to $hh : $hp" >> $LFILE +exit 0 + diff --git a/scripts/webrelay b/scripts/webrelay new file mode 100755 index 0000000..829a8b0 --- /dev/null +++ b/scripts/webrelay @@ -0,0 +1,44 @@ +#! /bin/sh +## web relay -- a degenerate version of webproxy, usable with browsers that +## don't understand proxies. This just forwards connections to a given server. +## No query logging, no access control [although you can add it to XNC for +## your own run], and full-URL links will undoubtedly confuse the browser +## if it can't reach the server directly. This was actually written before +## the full proxy was, and it shows. +## The arguments in this case are the destination server and optional port. +## Please flame pinheads who use self-referential absolute links. + +# set these as you wish: proxy port... +PORT=8000 +# any extra args to the listening "nc", for instance "-s inside-net-addr" +XNC='' + +# functionality switch, which has to be done fast to start the next listener +case "${1}${RDEST}" in + "") + echo needs hostname + exit 1 + ;; +esac + +case "${1}" in + "") +# no args: fire off new relayer process NOW. Will hang around for 10 minutes + nc -w 600 -l -n -p $PORT -e "$0" $XNC < /dev/null > /dev/null 2>&1 & +# and handle this request, which will simply fail if vars not set yet. + exec nc -w 15 $RDEST $RPORT + ;; +esac + +# Fall here for setup; this can now be slower. +RDEST="$1" +RPORT="$2" +test "$RPORT" || RPORT=80 +export RDEST RPORT + +# Launch the first relayer same as above, but let its error msgs show up +# will hang around for a minute, and exit if no new connections arrive. +nc -v -w 600 -l -p $PORT -e "$0" $XNC < /dev/null > /dev/null & +echo \ + "Relay to ${RDEST}:${RPORT} running -- point your browser here on port $PORT" +exit 0 diff --git a/scripts/websearch b/scripts/websearch new file mode 100755 index 0000000..60c3a33 --- /dev/null +++ b/scripts/websearch @@ -0,0 +1,77 @@ +#! /bin/sh +## Hit the major search engines. Hose the [large] output to a file! +## autoconverts multiple arguments into the right format for given servers -- +## usually worda+wordb, with certain lame exceptions like dejanews. +## Extracting and post-sorting the URLs is highly recommended... +## +## Altavista currently handled by a separate script; may merge at some point. +## +## _H* original 950824, updated 951218 and 960209 + +test "${1}" = "" && echo 'Needs argument[s] to search for!' && exit 1 +PLUSARG="`echo $* | sed 's/ /+/g'`" +PIPEARG="`echo ${PLUSARG} | sed 's/+/|/g'`" +IFILE=/tmp/.webq.$$ + +# Don't have "nc"? Get "netcat" from avian.org and add it to your toolkit. +doquery () { + echo GET "$1" | nc -v -i 1 -w 30 "$2" "$3" +} + +# changed since original: now supplying port numbers and separator lines... + +echo "=== Yahoo ===" +doquery "/bin/search?p=${PLUSARG}&n=300&w=w&s=a" search.yahoo.com 80 + +echo '' ; echo "=== Webcrawler ===" +doquery "/cgi-bin/WebQuery?searchText=${PLUSARG}&maxHits=300" webcrawler.com 80 + +# the infoseek lamers want "registration" before they do a real search, but... +echo '' ; echo "=== Infoseek ===" +echo " is broken." +# doquery "WW/IS/Titles?qt=${PLUSARG}" www2.infoseek.com 80 +# ... which doesn't work cuz their lame server wants the extra newlines, WITH +# CRLF pairs ferkrissake. Fuck 'em for now, they're hopelessly broken. If +# you want to play, the basic idea and query formats follow. +# echo "GET /WW/IS/Titles?qt=${PLUSARG}" > $IFILE +# echo "" >> $IFILE +# nc -v -w 30 guide-p.infoseek.com 80 < $IFILE + +# this is kinda flakey; might have to do twice?? +echo '' ; echo "=== Opentext ===" +doquery "/omw/simplesearch?SearchFor=${PLUSARG}&mode=phrase" \ + search.opentext.com 80 + +# looks like inktomi will only take hits=100, or defaults back to 30 +# we try to suppress all the stupid rating dots here, too +echo '' ; echo "=== Inktomi ===" +doquery "/query/?query=${PLUSARG}&hits=100" ink3.cs.berkeley.edu 1234 | \ + sed '/^<IMG ALT.*inktomi.*\.gif">$/d' + +#djnews lame shit limits hits to 120 and has nonstandard format +echo '' ; echo "=== Dejanews ===" +doquery "/cgi-bin/nph-dnquery?query=${PIPEARG}+maxhits=110+format=terse+defaultOp=AND" \ + smithers.dejanews.com 80 + +# OLD lycos: used to work until they fucking BROKE it... +# doquery "/cgi-bin/pursuit?query=${PLUSARG}&maxhits=300&terse=1" \ +# query5.lycos.cs.cmu.edu 80 +# NEW lycos: wants the User-agent field present in query or it returns nothing +# 960206: webmaster@lycos duly bitched at +# 960208: reply received; here's how we will now handle it: +echo \ +"GET /cgi-bin/pursuit?query=${PLUSARG}&maxhits=300&terse=terse&matchmode=and&minscore=.5 HTTP/1.x" \ + > $IFILE +echo "User-agent: *FUCK OFF*" >> $IFILE +echo "Why: go ask todd@pointcom.com (Todd Whitney)" >> $IFILE +echo '' >> $IFILE +echo '' ; echo "=== Lycos ===" +nc -v -i 1 -w 30 twelve.srv.lycos.com 80 < $IFILE + +rm -f $IFILE +exit 0 + +# CURRENTLY BROKEN [?] +# infoseek + +# some args need to be redone to ensure whatever "and" mode applies |