#!/bin/sh -
##############################################################
# whoiss, wrapper for {,j}whois
#
# Performs lookups for any number of domains, netblocks, handles, IPs, ...
# from a single command line, without specifying TLD servers.
#
# Available From:
# http://www.roble.com/docs/whoiss
# Thanks To:
# Troy Bowman, Kare Presttun, and Tom Coradeschi for their contributions.
# See Also:
#
#
#
# No Thanks To:
# Network Solutions (as Verisign) and ICANN for corrupting the original whois infrastructure.
#
## This script predates jwhois and can now wrap it: www.gnu.org/software/jwhois
##############################################################
# $Id: whoiss,v 1.147 2020/06/25 13:39:17 root Exp root $
##############################################################
set -a
DEFAULT_WHOIS_CMD="jwhois -f"
NOFOLLOW=""
## paginate if more than $PAGEQUERIES queries, 0 disables non-pagination
PAGEQUERIES=0
## pager/viewer flags
LESS='-sceinx4++G'
MORE='-s'
####
print_usage () {
echo " USAGE: `basename $0` [-n|--nofollow] [domain|ip|netblock|nethandle|name@domain|ip:port|ip,port|...] [...]"
echo " OR, for interactive-mode: `basename $0`"
exit
}
parse_output () {
## Attempt to remove marketing, disclaimers and other cruft added by various registrars.
egrep -v '^(NOTE: |query-time: |%|#)' | \
tr -c '[:print:]\n' '.'
## remove (shell-)dangerous non-ascii characters
}
run_query () {
Q="$1"
barheader "$Q"
if [ "`echo $Q | grep '^NET-'`" != "" ]; then
## ARIN NetHandle
$WHOIS_CMD -n -h whois.arin.net $Q 2>&1 | parse_output
elif [ "`echo $Q | grep '^AS[0-9]*'`" != "" ]; then
## ASN
$WHOIS_CMD $Q 2>&1 | parse_output
else
$WHOIS_CMD $NOFOLLOW $Q 2>&1 | parse_output
fi
}
barheader () {
echo "==========[ $1 ]================================================================" | \
awk -F"\n" '{ printf "%-.75s\n", $1 }' 2>/dev/null
}
PATH=/usr/local/bin:/bin:/opt/sfw/bin:/usr/bin:/sbin:/usr/sbin:/usr/ucb
_POSIX2_VERSION=199209
LANG=C
trap "echo ' '`basename $0` terminated;exit" 1 2 3 15
resolv () {
## TO DO: parse out invalid delimiters and cleanup URLs, email addresses, port #s, ...
queries="`echo ${query} | \
sed -e 's,^[HhFf][Tt]*[PpSs]*://,,' -e 's,^/*,,' -e 's,/.*$,,' \
-e 's/\/[0-9]*//g' -e 's/[\[\,(]/ /g' \
-e 's/(/ /g' -e 's/^\.//' -e 's/^.*@//' -e 's/[#:].*$//' -e 's,/.*$,,' \
-e 's,\#.*$,,' -e 's/\.\.*$//' -e 's/^.*=//' -e 's/,[0-9]*$//' -e 's/ */ /g'`"
## Do we need more than one sed statement?
queries="`echo ${queries} | sed -e 's/^[\.\,\ ]*//'`"
for query in $queries; do
if [ "$query" = "-n" ] || [ "`echo $query | sed 's/^--*//'`" = "nofollow" ]; then
## don't redirect (typically for unreachable or non-responding whois servers)
NOFOLLOW="-n"
continue
fi
if [ "$query" = "" ] || [ "$query" = "." ]; then
continue
elif [ "`echo ${query} | grep '[A-Za-z]'`" = "" ]; then
## ip address
## append trailing octet/s if missing as required by some whois servers
while [ "`echo ${query} | awk -F. '{ print $4 }'`" = "" ]; do
query=`echo ${query} | sed -e 's/$/./' -e 's/\.\.*$/.0/'`
if [ $? != 0 ]; then
break
fi
done
## delete trailing port numbers if included
if [ "`echo ${query} | awk -F\. '{ print $5 }'`" != "" ]; then
query=`echo ${query} | awk -F\. '{ print $1 "." $2 "." $3 "." $4 }'`
fi
else
## not an ip address
## strip www prefix unless that is the domain name (which should never have been assigned)
if [ "`echo $query | grep '^www\.'`" != "" ] && [ "`echo $query | grep -c '\.'`" -ge 1 ]; then
query="`echo ${query} | sed 's/^www\.//'` "
fi
fi
if [ "`echo ${query} | grep '\.'`" = "" ] && [ "`echo $query | egrep '^(AS[0-9]*$|^NET-)'`" = "" ]; then
## no dot, not nethandle and not asn, invalid
continue
elif [ $# -gt "$PAGEQUERIES" ]; then
run_query $query | $PAGER
else
## stdout w/o pagination, never true if PAGEQUERIES=0
run_query $query
fi
done
}
#### main ####
if [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
print_usage
fi
UNAME="`uname 2>/dev/null`"
DEFAULT_WHOIS=`echo $DEFAULT_WHOIS_CMD | awk '{ print $1 }'` >/dev/null 2>&1
which $DEFAULT_WHOIS >/dev/null 2>&1
if [ $? != 0 ] || [ "$UNAME" = "" ] || [ "$UNAME" = "FreeBSD" ]; then
WHOIS_CMD=whois
which whois >/dev/null 2>&1
if [ $? != 0 ]; then
echo " ERROR: whois or jwhois: command not found"
exit
fi
else
WHOIS_CMD="$DEFAULT_WHOIS_CMD"
fi
PAGER="`which less 2>/dev/null`"
if [ $? != 0 ]; then
PAGER=${PAGER:-more}
fi
if [ $# -eq 0 ]; then
PAGEQUERIES=0
while [ 0 ]; do
echo -n " Domain or IP address to lookup or 'q' to quit: "
read query x y z
if [ "$query" = "q" ] || [ "$query" = "Q" ]; then
exit
fi
resolv $query
done
else
for query in $* ; do
resolv $query
done
fi