From 289a2e8ed56892576716f8424eb14261820f6fae Mon Sep 17 00:00:00 2001 From: Adriano Date: Sun, 3 Dec 2023 02:40:14 +0100 Subject: [PATCH] added GCP support (#55) added Google Cloud Shell support - added Cloud Shell environment boostrap script - added support for Cloud Shell env vars for ASN server external URL autodetection - handled bookmarklet creation on special bind address cases (0.0.0.0 or ::) - bookmarklet URL now displayed in server console at service startup --- README.md | 10 +++++++++- asn | 30 ++++++++++++++++++++++++++---- cloudshell_bootstrap.sh | 38 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 73 insertions(+), 5 deletions(-) create mode 100755 cloudshell_bootstrap.sh diff --git a/README.md b/README.md index fe6e255..dc9b3e3 100644 --- a/README.md +++ b/README.md @@ -213,7 +213,15 @@ To run the script without installing it locally, you have the following options: * **Google Cloud Shell** - _(Coming soon)_ + _Note: server mode **is supported** out of the box in Cloud Shell, just follow the **bookmarklet** link that will be shown at server launch to access the VM for remote lookups._ + + **1.** Clone the repository in Cloud Shell by clicking the following button: + + [![Open in Cloud Shell](https://gstatic.com/cloudssh/images/open-btn.svg)](https://shell.cloud.google.com/cloudshell/editor?cloudshell_git_repo=https://github.com/nitefood/asn&ephemeral=true&show=terminal) + + **2.** Prepare the GCP environment by launching `./cloudshell_bootstrap.sh` + + **3.** _(OPTIONAL)_ Input your [IpQualityScore token](#ip-reputation-api-token) when requested to enable in-depth threat analisys and scoring - - - diff --git a/asn b/asn index f5c12e0..ae443fd 100755 --- a/asn +++ b/asn @@ -12,7 +12,7 @@ # │ (Launch the script without parameters or visit the project's homepage for usage info)│ # ╰──────────────────────────────────────────────────────────────────────────────────────╯ -ASN_VERSION="0.75.1" +ASN_VERSION="0.75.2" # ╭──────────────────╮ # │ Helper functions │ @@ -2689,6 +2689,8 @@ AsnServerListener(){ echo -e "\n- ${yellow}[DBG]${default} Ncat options : '${blue}${userinput}${default}'\n" >&2 fi + CLOUD_SHELL_MARK="${red}❌ NO${default}" + # fetch external IP and ASN to include in the HTML reports StatusbarMessage "Detecting host external IP and ASN" WhatIsMyIP @@ -2707,6 +2709,22 @@ AsnServerListener(){ server_country=$(echo "${found_asname##*,}" | tr -d ' ') [[ -z "$server_country" ]] && server_country="(Unknown)" + # prepare the server URL (for the JS bookmarklet) + if [ "$ASN_SRV_BINDADDR" = "0.0.0.0" ] || [ "$ASN_SRV_BINDADDR" = "::" ]; then + INTERNAL_ASNSERVER_ADDRESS="127.0.0.1:$ASN_SRV_BINDPORT" + else + INTERNAL_ASNSERVER_ADDRESS="$ASN_SRV_BINDADDR:$ASN_SRV_BINDPORT" + fi + BOOKMARKLET_URL="http://${INTERNAL_ASNSERVER_ADDRESS}/asn_bookmarklet" + # detect if we're running in Google Cloud Shell environment + if [ "$GOOGLE_CLOUD_SHELL" = true ] && [ -n "$WEB_HOST" ]; then + # on Google Cloud Shell, the $WEB_HOST environment variable contains the external hostname to reach the server + # the format is https://- (cheers https://stackoverflow.com/a/70255668) + INTERNAL_ASNSERVER_ADDRESS="${ASN_SRV_BINDPORT}-${WEB_HOST}" + BOOKMARKLET_URL="https://${INTERNAL_ASNSERVER_ADDRESS}/asn_bookmarklet" + CLOUD_SHELL_MARK="${green}✓ YES${default}" + fi + StatusbarMessage if [ "$HAVE_IPV6" = true ]; then @@ -2723,7 +2741,9 @@ AsnServerListener(){ echo -e "\n- Server ext. IP : ${blue}${local_wanip}${default}" \ "\n- Server Country : ${blue}${server_country}${default}" \ "\n- Server ASN : ${red}[AS${found_asn}]${default} ${green}$found_asname${default}" \ - "\n- Server has IPv6 : $ipv6_mark" \ + "\n- Server has IPv6 : ${ipv6_mark}" \ + "\n- Running on GCP : ${CLOUD_SHELL_MARK}" \ + "\n- Bookmarklet URL : ${BOOKMARKLET_URL}" \ "\n\n[$(date +"%F %T")] ${bluebg} INFO ${default} ASN Lookup Server listening on ${white}${DISPLAY_ASN_SRV_BINDADDR}:${ASN_SRV_BINDPORT}${default}" server_country="$(echo -e "$server_country" | tr '[:upper:]' '[:lower:]')" @@ -2745,6 +2765,7 @@ AsnServerListener(){ server_country=\"$server_country\" \ INTERNAL_CONNHANDLER_CHILD=false \ INTERNAL_ASNSERVER_CONNHANDLER=true \ + INTERNAL_ASNSERVER_ADDRESS="$INTERNAL_ASNSERVER_ADDRESS" \ MONOCHROME_MODE=\"$MONOCHROME_MODE\" \ ASN_DEBUG=\"$ASN_DEBUG\" \ \"$0\" @@ -3094,7 +3115,7 @@ HandleNcatClientConnection() { http_ko_json='HTTP/1.0 400\r\nContent-Type: application/json\r\n' # Javascript bookmarklet - js_bookmarklet='javascript:(function(){var asnserver="localhost:49200",target=window.location.hostname,' + js_bookmarklet='javascript:(function(){var asnserver="'"${INTERNAL_ASNSERVER_ADDRESS}"'",target=window.location.hostname,' js_bookmarklet+='width=screen.width-screen.width/7,height=screen.height-screen.height/4,left=window.innerWidth/2-width/2,top=window.innerHeight/2-height/2;' js_bookmarklet+='window.open("http://"+asnserver+"/asn_lookup&"+target,"newWindow","width="+width+",height="+height+",top="+top+",left="+left)})();' @@ -3345,7 +3366,8 @@ HandleNcatClientConnection() { DebugPrint "RECEIVED new client request: '$line'" # handle 'asn_bookmarklet' command. This will show a web page for easy dragging&dropping of the bookmarklet to the favorites toolbar - if (echo -e "$line" | grep -Eq "^GET /asn_bookmarklet HTTP"); then + if (echo -e "$line" | grep -Eq "^GET /asn_bookmarklet[?& ]"); then + DebugPrint "SERVING bookmarklet page to client" echo -e "${http_ok}${html_bookmarklet_page}" # handle 'termbin_share' command. This will decode the input and send it to termbin, returning a html link to the client diff --git a/cloudshell_bootstrap.sh b/cloudshell_bootstrap.sh new file mode 100755 index 0000000..7cf47d7 --- /dev/null +++ b/cloudshell_bootstrap.sh @@ -0,0 +1,38 @@ +#!/usr/bin/env bash + +read -r -d '' banner <<- END_OF_BANNER +#########################################################################################################" +# Helper script to prepare the GCP environment (install prerequisite packages / install the ASN script) # +# Project homepage: https://github.com/nitefood/asn # +######################################################################################################### +END_OF_BANNER + +green=$'\e[38;5;035m' +blue=$'\e[38;5;038m' +red=$'\e[38;5;203m' +black=$'\e[38;5;016m' +greenbg=$'\e[48;5;035m'${black} +dim=$'\e[2m' +default=$'\e[0m' + +clear +echo -e "${dim}$banner${default}\n" +echo -en "Enter your IPQualityScore API token (or press Enter to skip): " +read -sr IQS_TOKEN +if [ -n "$IQS_TOKEN" ]; then + echo -en "\n- Enabling IPQualityScore lookups..." + sudo mkdir -p /etc/asn + echo "$IQS_TOKEN" | sudo tee /etc/asn/iqs_token &>/dev/null + echo "${green}OK${default}" +else + echo -e "\n- IPQualityScore lookups ${red}DISABLED${default}" +fi +echo -en "- Installing prerequisite packages..." +sudo apt update &>/dev/null +sudo apt -y install curl whois bind9-host mtr-tiny jq ipcalc grepcidr nmap ncat aha &>/dev/null +echo -e "${green}OK${default}" +echo -en "- Installing the asn script..." +sudo install -m 755 asn /usr/bin +echo -e "${green}OK${default}" +echo -e "\n${greenbg} All done ${default}\n" +echo -e "Example usage:\n\tServer mode : ${blue}asn -l${default}\n\tASPath trace: ${blue}asn 1.1.1.1${default}\n\nFor a full feature list visit ${blue}https://github.com/nitefood/asn${default}\n\n"