Codebase list lbd / master lbd
master

Tree @master (Download .tar.gz)

lbd @masterraw · history · blame 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
#!/bin/bash
# lbd (load balancing detector) detects if a given domain uses
# DNS and/or HTTP Load-Balancing (via Server: and Date: header and diffs between server answers)
# Copyright (C) 2010-2014 Stefan Behte
# 
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
# 
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
# 
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
# 
# License: GNU General Public License, version 2
# http://www.gnu.org/licenses/gpl-2.0.html
#
# Contact me, if you have any new ideas, bugs/bugfixes, recommondations or questions!
# Please also contact me, if you just like the tool. :)
#  
# craig at haquarter dot de
#
# 0.1:	- initial release
# 0.2:	- fix license for fedora 
#	- fix indenting
# 0.3:	- fix bug if dns server returns same IP multiple times
#         (fix by bit bori, thanks!)
#	- fix bug if there is no date header
#	  (fix by Paul Rib, thanks!)
# 0.4:	- support HTTPs, support different ports
#	  (thanks Bharadwaj Machiraju)

QUERIES=50
DOMAIN=$1
PORT=${2-80} # Use default port 80, if not given
if [ "$3" = "https" ]
then
	HTTPS=true
else
	HTTPS=false
fi
METHODS=""

echo 
echo "lbd - load balancing detector 0.4 - Checks if a given domain uses load-balancing."
echo "                                    Written by Stefan Behte (http://ge.mine.nu)"
echo "                                    Proof-of-concept! Might give false positives."

if [ "$1" = "" ]
then
	echo "usage: $0 domain [port] {https}"
	echo
	exit -1
fi

echo -e -n "\nChecking for DNS-Loadbalancing:"
NR=`host $DOMAIN | grep "has add" | uniq | wc -l`

if [ $NR -gt 1 ]
then
	METHODS="DNS"
	echo " FOUND"
	host $DOMAIN | grep "has add" | uniq
	echo
else
	echo " NOT FOUND"
fi

echo -e "Checking for HTTP-Loadbalancing [Server]: "
for ((i=0 ; i< $QUERIES ; i++))
do
	if [ $HTTPS = true ]
	then
		printf "HEAD / HTTP/1.1\r\nhost: $DOMAIN\r\nConnection: close\r\n\r\n" | openssl s_client -host $DOMAIN -port $PORT -quiet > .nlog 2> /dev/null
	else
		printf "HEAD / HTTP/1.1\r\nhost: $DOMAIN\r\nConnection: close\r\n\r\n" | nc $DOMAIN $PORT > .nlog 2>/dev/null
	fi

	S=`grep -i "Server:" .nlog | awk -F: '{print $2}'`

	if ! grep "`echo ${S}| cut -b2-`" .log &>/dev/null
	then
		echo "${S}"
	fi
	cat .nlog >> .log
done

NR=`sort .log | uniq | grep -c "Server:"`

if [ $NR -gt 1 ]
then
	echo " FOUND"
	METHODS="$METHODS HTTP[Server]"
else
	echo " NOT FOUND"
fi
echo
rm .nlog .log


echo -e -n "Checking for HTTP-Loadbalancing [Date]: "
D4=

for ((i=0 ; i<$QUERIES ; i++))
do
	if [ $HTTPS = true ]
	then
		D=`printf "HEAD / HTTP/1.1\r\nhost: $DOMAIN\r\nConnection: close\r\n\r\n" | openssl s_client -host $DOMAIN -port $PORT -quiet 2> /dev/null | grep "Date:" | awk '{print $6}'`
	else
		D=`printf "HEAD / HTTP/1.1\r\nhost: $DOMAIN\r\nConnection: close\r\n\r\n" | nc $DOMAIN $PORT 2>/dev/null | grep "Date:" | awk '{print $6}'`
	fi
	printf "$D, "

        if [  "$D" == "" ]
	then
		echo "No date header found, skipping."
		break
	fi
	
	Df=$(echo " $D" | sed -e 's/:0/:/g' -e 's/ 0/ /g')
	D1=$(echo ${Df} | awk -F: '{print $1}')
	D2=$(echo ${Df} | awk -F: '{print $2}')
	D3=$(echo ${Df} | awk -F: '{print $3}')

	if [ "$D4" = "" ];  then   D4=0;  fi
	
	if [ $[ $D1 * 3600 + $D2 * 60 + $D3 ] -lt $D4 ]
	then
		echo "FOUND"
		METHODS="$METHODS HTTP[Date]"
		break;
	fi
	
	D4="$[ $D1 * 3600 + $D2 * 60 + $D3 ]"

	if [ $i -eq $[$QUERIES - 1] ]
	then
		echo "NOT FOUND" 
	fi
done

echo -e -n "\nChecking for HTTP-Loadbalancing [Diff]: "
for ((i=0 ; i<$QUERIES ; i++))
do
	if [ $HTTPS = true ]
	then
		printf "HEAD / HTTP/1.1\r\nhost: $DOMAIN\r\nConnection: close\r\n\r\n" | openssl s_client -host $DOMAIN -port $PORT -quiet 2> /dev/null | grep -v -e "Date:" -e "Set-Cookie" > .nlog
	else
		printf "HEAD / HTTP/1.1\r\nhost: $DOMAIN\r\nConnection: close\r\n\r\n" | nc $DOMAIN $PORT 2>/dev/null | grep -v -e "Date:" -e "Set-Cookie" > .nlog
	fi
	
	if ! cmp .log .nlog &>/dev/null && [ -e .log ]
	then
		echo "FOUND"
		diff .log .nlog | grep -e ">" -e "<"
		METHODS="$METHODS HTTP[Diff]"
		break;
	fi
	
	cp .nlog .log
	
	if [ $i -eq $[$QUERIES - 1] ]
	then
		echo "NOT FOUND" 
	fi
done

rm .nlog .log


if [ "$METHODS" != "" ]
then
	echo
	echo $DOMAIN does Load-balancing. Found via Methods: $METHODS
	echo
else
	echo
	echo $DOMAIN does NOT use Load-balancing.
	echo
fi