From 9a2b80c34d411ac0159c2c2ed30fb32c21a9af42 Mon Sep 17 00:00:00 2001 From: fyodor Date: Wed, 29 Jun 2011 03:34:47 +0000 Subject: [PATCH] Remove ip-geolocation-quova -- it include an API key which apparently required agreeing to the Quova terms of service to obtain (http://developer.quova.com/apps/tos). And those seem to pretty clearly ban this sort of use. So we can only use this script if we get permission from Quova (best option), or we make it so that user is required to pass a key as nsearg --- CHANGELOG | 6 +-- scripts/ip-geolocation-quova.nse | 89 -------------------------------- scripts/script.db | 1 - 3 files changed, 1 insertion(+), 95 deletions(-) delete mode 100755 scripts/ip-geolocation-quova.nse diff --git a/CHANGELOG b/CHANGELOG index e8062abeb..8b8f7eadc 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -2,7 +2,7 @@ Nmap 5.59BETA1 [2011-06-29] -o [NSE] Added 41 scripts, bringing the total to 218! You can learn +o [NSE] Added 40 scripts, bringing the total to 217! You can learn more about any of them at http://nmap.org/nsedoc/. Here are the new ones (authors listed in brackets): @@ -84,10 +84,6 @@ o [NSE] Added 41 scripts, bringing the total to 218! You can learn an IP address using a Geolocation Maxmind database file (available from http://www.maxmind.com/app/ip-location). [Gorjan Petrovski] - + ip-geolocation-quova: Tries to identify the physical location of an - IP address using the Quova geolocation web service - (http://www.quova.com/). [Gorjan Petrovski] - + ldap-novell-getpass: Attempts to retrieve the Novell Universal Password for a user. You must already have (and include in script arguments) the username and password for an eDirectory server diff --git a/scripts/ip-geolocation-quova.nse b/scripts/ip-geolocation-quova.nse deleted file mode 100755 index 96d03697d..000000000 --- a/scripts/ip-geolocation-quova.nse +++ /dev/null @@ -1,89 +0,0 @@ -description = [[ -Tries to identify the physical location of an IP address using the -Quova geolocation web service (http://www.quova.com/). - -It uses three API keys obtained through a free registration. The limit -on lookups is 1000 per API key per day, and 2 per API key per second. -]] - ---- --- @usage --- nmap --script ip-geolocation-quova --- --- @output --- | ip-geolocation-quova: --- | 74.207.244.221 (scanme.nmap.org) --- | coordinates (lat,lon): 37.56699,-121.98266 --- |_ city: fremont, california, united states --- - -author = "Gorjan Petrovski" -license = "Same as Nmap--See http://nmap.org/book/man-legal.html" -categories = {"discovery","external","safe"} - -require "stdnse" -require "ipOps" -require "json" -require "http" -require "openssl" - -hostrule = function(host) - local is_private, err = ipOps.isPrivate( host.ip ) - if is_private == nil then - stdnse.print_debug( "%s Error in Hostrule: %s.", SCRIPT_NAME, err ) - return false - end - return not is_private -end - --- A free registration for an API key is required. Limit is 1000 requests per --- API per day, 2 requests per API per second -local quova = function(ip) - local api_keys = {"100.9fjahzuxgtwmzfdztd8g","100.t9e4u6pgtdpf84xenv2y","100.8pf9xxzxt4sxuu7ephdn"} - local secret_codes = {"2YY39UGm", "haBZaVfj", "MtFMZuHH"} - local secret = nil - local timestamp = nil - local sig = nil - local response = nil - - for i,api_key in ipairs(api_keys) do - timestamp = os.time(os.date("!*t")) - secret = secret_codes[i] - sig = stdnse.tohex(openssl.md5(api_key .. secret .. timestamp)) - - response = http.get("api.quova.com", 80, "/v1/ipinfo/" .. ip .. "?apikey=" ..api_key.."&sig="..sig.."&format=json", nil) - - if response.status == 200 then break end - if response.status ~= 403 then - stdnse.print_debug("Quova API is malfunctioning.") - return nil - end - if response.status == 403 and response.header["x-mashery-error-code"]~= "ERR_403_DEVELOPER_OVER_QPS" then - return nil - end - end - - local stat,obj_json = json.parse(response.body) - if not stat then return nil end - - loc = obj_json.ipinfo.Location - - local output = {} - table.insert(output,"coordinates (lat,lon): "..loc.latitude..","..loc.longitude) - table.insert(output,"city: ".. loc.CityData.city..", ".. loc.StateData.state..", ".. loc.CountryData.country) - - return output -end - -action = function(host,port) - local output = quova(host.ip) - - if output and(#output~=0) then - output.name = host.ip - if host.targetname then - output.name = output.name.." ("..host.targetname..")" - end - return stdnse.format_output(true,output) - end - -end diff --git a/scripts/script.db b/scripts/script.db index 5e2e544d8..c128eadfa 100644 --- a/scripts/script.db +++ b/scripts/script.db @@ -92,7 +92,6 @@ Entry { filename = "ip-geolocation-geobytes.nse", categories = { "discovery", "e Entry { filename = "ip-geolocation-geoplugin.nse", categories = { "discovery", "external", "safe", } } Entry { filename = "ip-geolocation-ipinfodb.nse", categories = { "discovery", "external", "safe", } } Entry { filename = "ip-geolocation-maxmind.nse", categories = { "discovery", "external", "safe", } } -Entry { filename = "ip-geolocation-quova.nse", categories = { "discovery", "external", "safe", } } Entry { filename = "ipidseq.nse", categories = { "discovery", "safe", } } Entry { filename = "irc-info.nse", categories = { "default", "discovery", "safe", } } Entry { filename = "irc-unrealircd-backdoor.nse", categories = { "safe", "vuln", } }