From 4782f61deb3e3b924a1368ffe169377e0c814fc2 Mon Sep 17 00:00:00 2001 From: Cyberes Date: Fri, 21 Apr 2023 23:54:18 -0600 Subject: [PATCH] new check_curl --- Other/check_curl old | 240 ++++++++++++++++++++++++++++++++ check_curl | 320 +++++++++++++------------------------------ check_curl old | 240 ++++++++++++++++++++++++++++++++ 3 files changed, 577 insertions(+), 223 deletions(-) create mode 100644 Other/check_curl old create mode 100644 check_curl old diff --git a/Other/check_curl old b/Other/check_curl old new file mode 100644 index 0000000..862e96b --- /dev/null +++ b/Other/check_curl old @@ -0,0 +1,240 @@ +#!/bin/bash +# startup checks + +if [ -z "$BASH" ]; then + echo "Please use BASH." + exit 3 +fi +if [ ! -e "/usr/bin/which" ]; then + echo "/usr/bin/which is missing." + exit 3 +fi +curl=$(which curl) +if [ $? -ne 0 ]; then + echo "Please install curl." + exit 3 +fi + + +# Default Values +proxy="" +method="GET" +body="" +contains="" +lacks="" +insecure=0 +debug=0 +warning=700 +encodeurl=0 +critical=2000 +url="" +follow=0 +header="" +name="default" +cookies=0 + +# Usage Info +usage() { + echo '''Usage: check_curl [OPTIONS] + [OPTIONS]: + -U URL Target URL + -M METHOD HTTP Method (default: GET) + -N NAME Display Name of scanned object (default: default) + -B BODY Request Body to be sent (default: not sent) + -E ENCODEURL Send body defined with url encoding (curl --data-urlencode) (default: off) + -I INSECURE Sets the curl flag --insecure + -C CONTAINS If not contained in response body, CRITICAL will be returned + -L LACKS If contained in response body, CRITICAL will be returned (-C has priority when both are set) + -w WARNING Warning threshold in milliseconds (default: 700) + -c CRITICAL Critical threshold in milliseconds (default: 2000) + -H HEADER Send Header (i.E. "AUTHORIZATION: Bearer 8*.UdUYwrl!nK") + -F FOLLOW Follow redirects (default: OFF) + -D DEBUG Only prints the curl command (default: OFF) + -P PROXY Set Proxy Address (default: No Proxy) + -K COOKIES Enables/Disabled cookie handling in a temporary cookie jar''' +} + + +# Check which threshold was reached +checkTime() { + if [ $1 -gt $critical ]; then + echo -n "CRITICAL: Slow " + elif [ $1 -gt $warning ]; then + echo -n "WARNING: Slow " + else + echo -n "OK" + fi +} + +# Return code value +getStatus() { + if [ $1 -gt $critical ]; then + return 2 + elif [ $1 -gt $warning ]; then + return 1 + else + return 0 + fi +} + +#main +#get options +while getopts "P:M:B:C:w:c:U:H:IFN:O:EL:D:K" opt; do + case $opt in + K) + cookies=1 + ;; + P) + proxy=$OPTARG + ;; + M) + method=$OPTARG + ;; + B) + body=$OPTARG + ;; + C) + contains=$OPTARG + ;; + w) + warning=$OPTARG + ;; + c) + critical=$OPTARG + ;; + U) + url=$OPTARG + ;; + L) + lacks=$OPTARG + ;; + I) + insecure=1 + ;; + N) + name=$( echo $OPTARG | sed -e 's/[^A-Za-z0-9._-]/_/g' ) + ;; + E) + encodeurl=1 + ;; + H) + header=$OPTARG + ;; + F) + follow=1 + ;; + D) + debug=1 + ;; + *) + usage + exit 3 + ;; + esac +done + +#hostname is required +if [ -z "$url" ] || [ $# -eq 0 ]; then + echo "Error: URL is required" + usage + exit 3 +fi + +proxyarg="" +if [ ! -z $proxy ] ; then + proxyarg=" -x "$proxy" " +fi +headerarg="" +if [ ! -z "$header" ] ; then + headerarg=' -H "'$header'" ' +fi +followarg="" +if [ $follow -eq 1 ] ; then + followarg=" -L " +fi +insecurearg="" +if [ $insecure -eq 1 ] ; then + insecurearg=" --insecure " +fi +cookiesarg="" +if [ $cookies -eq 1 ] ; then + COOKIE_JAR_TEMP_PATH=$(mktemp /tmp/check_curl_cookiejar.XXXXXX) + cookiesarg=" -c ${COOKIE_JAR_TEMP_PATH} -b ${COOKIE_JAR_TEMP_PATH}" +fi +bodyarg="" +if [ ! -z $body ]; then + body=$(echo $body| sed "s/\"/\\\\\"/g") + bodyarg=" --data \""$body"\"" + if [ $encodeurl -eq 1 ]; then + bodyarg=" --data-urlencode \""$body"\"" + fi +fi + +if [ $debug -eq 1 ]; then + echo $curl --no-keepalive -s $insecurearg $proxyarg $followarg $bodyarg $headerarg -X $method $cookiesarg "$url" + exit 0 +else + start=$(echo $(($(date +%s%N)/1000000))) + body=$(eval $curl --no-keepalive -s $insecurearg $proxyarg $followarg $bodyarg $headerarg -X $method $cookiesarg "$url") + status=$? +fi + +if [ $cookies -eq 1 ] ; then + rm -f ${COOKIE_JAR_TEMP_PATH} +fi + +end=$(echo $(($(date +%s%N)/1000000))) +#decide output by return code +if [ $status -eq 0 ] ; then + if [ -n "$contains" ]; then + if [[ ! $body =~ $contains ]]; then + echo "CRITICAL: body does not contain '${contains}'. Body: '$(echo $body | sed 's/\(.\{50\}\).*/\1.../')' |time=$((end - start))ms;${warning};${critical};0;"$critical"ms" + exit 2 + fi + fi + if [ -n "$lacks" ]; then + if [[ $body == *$lacks* ]]; then + echo "CRITICAL: body contains '${lacks}'|time=$((end - start))ms;${warning};${critical};0;"$critical"ms" +exit 2 + fi + fi + echo "$(checkTime $((end - start))) $((end - start))ms - ${url}|time=$((end - start))ms;${warning};${critical};0;"$critical"ms" + getStatus $((end - start)) + exit $? +else + case $status in + 1) + echo "CRITICAL: Unsupported protocol" + ;; + 3) + echo "CRITICAL: Malformed URL" + ;; + 5) + echo "CRITICAL: Couldn't resolve proxy $proxy" + ;; + 6) + echo "CRITICAL: Couldn't resolve host" + ;; + 7) + echo "CRITICAL: Couldn't connect to proxy $proxy" + ;; + 22) + echo "CRITICAL: Server returned http code >= 400" + ;; + 52) + echo "CRITICAL: Server returned empty response (52)" + ;; + 56) + echo "CRITICAL: Failure recieving network data (56)" + ;; + 60) + echo "CRITICAL: SSL/TLS connection problem (60)" + ;; + *) + echo "UNKNOWN: $status - ${url}" + exit 3 + ;; + esac + exit 2 +fi + diff --git a/check_curl b/check_curl index 862e96b..1bef59d 100644 --- a/check_curl +++ b/check_curl @@ -1,240 +1,114 @@ #!/bin/bash -# startup checks -if [ -z "$BASH" ]; then - echo "Please use BASH." - exit 3 -fi -if [ ! -e "/usr/bin/which" ]; then - echo "/usr/bin/which is missing." - exit 3 -fi -curl=$(which curl) -if [ $? -ne 0 ]; then - echo "Please install curl." - exit 3 -fi - - -# Default Values -proxy="" -method="GET" -body="" -contains="" -lacks="" -insecure=0 -debug=0 -warning=700 -encodeurl=0 -critical=2000 -url="" -follow=0 -header="" -name="default" -cookies=0 - -# Usage Info +# Define the usage message usage() { - echo '''Usage: check_curl [OPTIONS] - [OPTIONS]: - -U URL Target URL - -M METHOD HTTP Method (default: GET) - -N NAME Display Name of scanned object (default: default) - -B BODY Request Body to be sent (default: not sent) - -E ENCODEURL Send body defined with url encoding (curl --data-urlencode) (default: off) - -I INSECURE Sets the curl flag --insecure - -C CONTAINS If not contained in response body, CRITICAL will be returned - -L LACKS If contained in response body, CRITICAL will be returned (-C has priority when both are set) - -w WARNING Warning threshold in milliseconds (default: 700) - -c CRITICAL Critical threshold in milliseconds (default: 2000) - -H HEADER Send Header (i.E. "AUTHORIZATION: Bearer 8*.UdUYwrl!nK") - -F FOLLOW Follow redirects (default: OFF) - -D DEBUG Only prints the curl command (default: OFF) - -P PROXY Set Proxy Address (default: No Proxy) - -K COOKIES Enables/Disabled cookie handling in a temporary cookie jar''' + echo "Usage: $0 -u [-w ] [-c ]" + exit 3 } - -# Check which threshold was reached -checkTime() { - if [ $1 -gt $critical ]; then - echo -n "CRITICAL: Slow " - elif [ $1 -gt $warning ]; then - echo -n "WARNING: Slow " - else - echo -n "OK" - fi -} - -# Return code value -getStatus() { - if [ $1 -gt $critical ]; then - return 2 - elif [ $1 -gt $warning ]; then - return 1 - else - return 0 - fi -} - -#main -#get options -while getopts "P:M:B:C:w:c:U:H:IFN:O:EL:D:K" opt; do +# Parse the command-line arguments +while getopts "u:w:c:C:H:R:lhIp" opt; do case $opt in - K) - cookies=1 - ;; - P) - proxy=$OPTARG - ;; - M) - method=$OPTARG - ;; - B) - body=$OPTARG - ;; - C) - contains=$OPTARG - ;; - w) - warning=$OPTARG - ;; - c) - critical=$OPTARG - ;; - U) - url=$OPTARG - ;; - L) - lacks=$OPTARG - ;; - I) - insecure=1 - ;; - N) - name=$( echo $OPTARG | sed -e 's/[^A-Za-z0-9._-]/_/g' ) - ;; - E) - encodeurl=1 - ;; - H) - header=$OPTARG - ;; - F) - follow=1 - ;; - D) - debug=1 - ;; - *) - usage - exit 3 - ;; + u) + URL=$OPTARG + ;; + w) + WARNING_LEVEL=$OPTARG + ;; + c) + CRITICAL_LEVEL=$OPTARG + ;; + l) + FOLLOW_REDIRECTS="-L" + ;; + C) + CONTAINS=$OPTARG + ;; + I) + INSECURE="--insecure" + ;; + H) + HEADERS=$OPTARG + ;; + p) + PRINT_ONLY=true + ;; + R) + RESOLVE="--resolve $OPTARG" + ;; + h) + usage + ;; + *) + usage + ;; esac done -#hostname is required -if [ -z "$url" ] || [ $# -eq 0 ]; then - echo "Error: URL is required" +WARNING_LEVEL=${WARNING_LEVEL:-1} +CRITICAL_LEVEL=${CRITICAL_LEVEL:-2} +#FOLLOW_REDIRECTS=${FOLLOW_REDIRECTS:-""} + +if [ -z "$URL" ]; then usage +fi + +HEADER_ARGS="" +IFS=',' read -ra values <<<"$HEADERS" +for value in "${values[@]}"; do + HEADER_ARGS+="-H '$value'" +done + +CURL_CMD="-s -w '%{http_code}\n%{time_total}' $HEADER_ARGS $FOLLOW_REDIRECTS $INSECURE $RESOLVE $URL" + +if $PRINT_ONLY; then + echo "curl $CURL_CMD" exit 3 fi -proxyarg="" -if [ ! -z $proxy ] ; then - proxyarg=" -x "$proxy" " -fi -headerarg="" -if [ ! -z "$header" ] ; then - headerarg=' -H "'$header'" ' -fi -followarg="" -if [ $follow -eq 1 ] ; then - followarg=" -L " -fi -insecurearg="" -if [ $insecure -eq 1 ] ; then - insecurearg=" --insecure " -fi -cookiesarg="" -if [ $cookies -eq 1 ] ; then - COOKIE_JAR_TEMP_PATH=$(mktemp /tmp/check_curl_cookiejar.XXXXXX) - cookiesarg=" -c ${COOKIE_JAR_TEMP_PATH} -b ${COOKIE_JAR_TEMP_PATH}" -fi -bodyarg="" -if [ ! -z $body ]; then - body=$(echo $body| sed "s/\"/\\\\\"/g") - bodyarg=" --data \""$body"\"" - if [ $encodeurl -eq 1 ]; then - bodyarg=" --data-urlencode \""$body"\"" - fi -fi +TMP_ERROR_LOG=$(mktemp) +TMP_RESPONSE=$(mktemp) +RESPONSE=$(curl -v -o "$TMP_RESPONSE" "$CURL_CMD" 2>"$TMP_ERROR_LOG") -if [ $debug -eq 1 ]; then - echo $curl --no-keepalive -s $insecurearg $proxyarg $followarg $bodyarg $headerarg -X $method $cookiesarg "$url" - exit 0 -else - start=$(echo $(($(date +%s%N)/1000000))) - body=$(eval $curl --no-keepalive -s $insecurearg $proxyarg $followarg $bodyarg $headerarg -X $method $cookiesarg "$url") - status=$? -fi - -if [ $cookies -eq 1 ] ; then - rm -f ${COOKIE_JAR_TEMP_PATH} -fi - -end=$(echo $(($(date +%s%N)/1000000))) -#decide output by return code -if [ $status -eq 0 ] ; then - if [ -n "$contains" ]; then - if [[ ! $body =~ $contains ]]; then - echo "CRITICAL: body does not contain '${contains}'. Body: '$(echo $body | sed 's/\(.\{50\}\).*/\1.../')' |time=$((end - start))ms;${warning};${critical};0;"$critical"ms" - exit 2 - fi - fi - if [ -n "$lacks" ]; then - if [[ $body == *$lacks* ]]; then - echo "CRITICAL: body contains '${lacks}'|time=$((end - start))ms;${warning};${critical};0;"$critical"ms" -exit 2 - fi - fi - echo "$(checkTime $((end - start))) $((end - start))ms - ${url}|time=$((end - start))ms;${warning};${critical};0;"$critical"ms" - getStatus $((end - start)) - exit $? -else - case $status in - 1) - echo "CRITICAL: Unsupported protocol" - ;; - 3) - echo "CRITICAL: Malformed URL" - ;; - 5) - echo "CRITICAL: Couldn't resolve proxy $proxy" - ;; - 6) - echo "CRITICAL: Couldn't resolve host" - ;; - 7) - echo "CRITICAL: Couldn't connect to proxy $proxy" - ;; - 22) - echo "CRITICAL: Server returned http code >= 400" - ;; - 52) - echo "CRITICAL: Server returned empty response (52)" - ;; - 56) - echo "CRITICAL: Failure recieving network data (56)" - ;; - 60) - echo "CRITICAL: SSL/TLS connection problem (60)" - ;; - *) - echo "UNKNOWN: $status - ${url}" - exit 3 - ;; - esac +# shellcheck disable=SC2181 +if [ $? -ne 0 ]; then + echo "CRITICAL: curl failed!" + echo "Error log:" + cat "$TMP_ERROR_LOG" exit 2 fi +rm -rf "$TMP_ERROR_LOG" +RESPONSE_CODE=$(echo "$RESPONSE" | head -n 1) +RESPONSE_TIME=$(printf "%.2f" "$(echo "$RESPONSE" | tail -n 1)") + +OUTPUT_MSG="" +OUTPUT_CODE=0 + +if [ $RESPONSE_CODE -eq 200 ] && [ "$(echo "$RESPONSE_TIME < $CRITICAL_LEVEL" | bc -l)" -eq 1 ]; then + OUTPUT_MSG="OK: website is up and responded in $RESPONSE_TIME seconds." +elif [ $RESPONSE_CODE -eq 200 ] && [ "$(echo "$RESPONSE_TIME < $WARNING_LEVEL" | bc -l)" -eq 1 ]; then + OUTPUT_MSG="WARNING: response time is slow ($RESPONSE_TIME seconds)." + OUTPUT_CODE=1 +elif [ $RESPONSE_CODE -eq 200 ]; then + OUTPUT_MSG"CRITICAL: response time is very slow ($RESPONSE_TIME seconds)." + OUTPUT_CODE=2 +else + OUTPUT_MSG="CRITICAL: website is not responding, returned $RESPONSE_CODE code." + OUTPUT_CODE=2 +fi + +if [ ! -z ${CONTAINS+x} ]; then + if ! grep -q "$CONTAINS" "$TMP_RESPONSE"; then + OUTPUT_MSG+="\nCRITICAL: response did not contain required string!\nFound: $(cat "$TMP_RESPONSE")" + OUTPUT_CODE=2 + else + OUTPUT_MSG+="\nOK: response contained required string." + fi +fi +rm -rf "$TMP_RESPONSE" + +OUTPUT_MSG+=" | response_time=${RESPONSE_TIME}s;$WARNING_LEVEL;$CRITICAL_LEVEL;0" + +echo -e "$OUTPUT_MSG" +exit $OUTPUT_CODE diff --git a/check_curl old b/check_curl old new file mode 100644 index 0000000..862e96b --- /dev/null +++ b/check_curl old @@ -0,0 +1,240 @@ +#!/bin/bash +# startup checks + +if [ -z "$BASH" ]; then + echo "Please use BASH." + exit 3 +fi +if [ ! -e "/usr/bin/which" ]; then + echo "/usr/bin/which is missing." + exit 3 +fi +curl=$(which curl) +if [ $? -ne 0 ]; then + echo "Please install curl." + exit 3 +fi + + +# Default Values +proxy="" +method="GET" +body="" +contains="" +lacks="" +insecure=0 +debug=0 +warning=700 +encodeurl=0 +critical=2000 +url="" +follow=0 +header="" +name="default" +cookies=0 + +# Usage Info +usage() { + echo '''Usage: check_curl [OPTIONS] + [OPTIONS]: + -U URL Target URL + -M METHOD HTTP Method (default: GET) + -N NAME Display Name of scanned object (default: default) + -B BODY Request Body to be sent (default: not sent) + -E ENCODEURL Send body defined with url encoding (curl --data-urlencode) (default: off) + -I INSECURE Sets the curl flag --insecure + -C CONTAINS If not contained in response body, CRITICAL will be returned + -L LACKS If contained in response body, CRITICAL will be returned (-C has priority when both are set) + -w WARNING Warning threshold in milliseconds (default: 700) + -c CRITICAL Critical threshold in milliseconds (default: 2000) + -H HEADER Send Header (i.E. "AUTHORIZATION: Bearer 8*.UdUYwrl!nK") + -F FOLLOW Follow redirects (default: OFF) + -D DEBUG Only prints the curl command (default: OFF) + -P PROXY Set Proxy Address (default: No Proxy) + -K COOKIES Enables/Disabled cookie handling in a temporary cookie jar''' +} + + +# Check which threshold was reached +checkTime() { + if [ $1 -gt $critical ]; then + echo -n "CRITICAL: Slow " + elif [ $1 -gt $warning ]; then + echo -n "WARNING: Slow " + else + echo -n "OK" + fi +} + +# Return code value +getStatus() { + if [ $1 -gt $critical ]; then + return 2 + elif [ $1 -gt $warning ]; then + return 1 + else + return 0 + fi +} + +#main +#get options +while getopts "P:M:B:C:w:c:U:H:IFN:O:EL:D:K" opt; do + case $opt in + K) + cookies=1 + ;; + P) + proxy=$OPTARG + ;; + M) + method=$OPTARG + ;; + B) + body=$OPTARG + ;; + C) + contains=$OPTARG + ;; + w) + warning=$OPTARG + ;; + c) + critical=$OPTARG + ;; + U) + url=$OPTARG + ;; + L) + lacks=$OPTARG + ;; + I) + insecure=1 + ;; + N) + name=$( echo $OPTARG | sed -e 's/[^A-Za-z0-9._-]/_/g' ) + ;; + E) + encodeurl=1 + ;; + H) + header=$OPTARG + ;; + F) + follow=1 + ;; + D) + debug=1 + ;; + *) + usage + exit 3 + ;; + esac +done + +#hostname is required +if [ -z "$url" ] || [ $# -eq 0 ]; then + echo "Error: URL is required" + usage + exit 3 +fi + +proxyarg="" +if [ ! -z $proxy ] ; then + proxyarg=" -x "$proxy" " +fi +headerarg="" +if [ ! -z "$header" ] ; then + headerarg=' -H "'$header'" ' +fi +followarg="" +if [ $follow -eq 1 ] ; then + followarg=" -L " +fi +insecurearg="" +if [ $insecure -eq 1 ] ; then + insecurearg=" --insecure " +fi +cookiesarg="" +if [ $cookies -eq 1 ] ; then + COOKIE_JAR_TEMP_PATH=$(mktemp /tmp/check_curl_cookiejar.XXXXXX) + cookiesarg=" -c ${COOKIE_JAR_TEMP_PATH} -b ${COOKIE_JAR_TEMP_PATH}" +fi +bodyarg="" +if [ ! -z $body ]; then + body=$(echo $body| sed "s/\"/\\\\\"/g") + bodyarg=" --data \""$body"\"" + if [ $encodeurl -eq 1 ]; then + bodyarg=" --data-urlencode \""$body"\"" + fi +fi + +if [ $debug -eq 1 ]; then + echo $curl --no-keepalive -s $insecurearg $proxyarg $followarg $bodyarg $headerarg -X $method $cookiesarg "$url" + exit 0 +else + start=$(echo $(($(date +%s%N)/1000000))) + body=$(eval $curl --no-keepalive -s $insecurearg $proxyarg $followarg $bodyarg $headerarg -X $method $cookiesarg "$url") + status=$? +fi + +if [ $cookies -eq 1 ] ; then + rm -f ${COOKIE_JAR_TEMP_PATH} +fi + +end=$(echo $(($(date +%s%N)/1000000))) +#decide output by return code +if [ $status -eq 0 ] ; then + if [ -n "$contains" ]; then + if [[ ! $body =~ $contains ]]; then + echo "CRITICAL: body does not contain '${contains}'. Body: '$(echo $body | sed 's/\(.\{50\}\).*/\1.../')' |time=$((end - start))ms;${warning};${critical};0;"$critical"ms" + exit 2 + fi + fi + if [ -n "$lacks" ]; then + if [[ $body == *$lacks* ]]; then + echo "CRITICAL: body contains '${lacks}'|time=$((end - start))ms;${warning};${critical};0;"$critical"ms" +exit 2 + fi + fi + echo "$(checkTime $((end - start))) $((end - start))ms - ${url}|time=$((end - start))ms;${warning};${critical};0;"$critical"ms" + getStatus $((end - start)) + exit $? +else + case $status in + 1) + echo "CRITICAL: Unsupported protocol" + ;; + 3) + echo "CRITICAL: Malformed URL" + ;; + 5) + echo "CRITICAL: Couldn't resolve proxy $proxy" + ;; + 6) + echo "CRITICAL: Couldn't resolve host" + ;; + 7) + echo "CRITICAL: Couldn't connect to proxy $proxy" + ;; + 22) + echo "CRITICAL: Server returned http code >= 400" + ;; + 52) + echo "CRITICAL: Server returned empty response (52)" + ;; + 56) + echo "CRITICAL: Failure recieving network data (56)" + ;; + 60) + echo "CRITICAL: SSL/TLS connection problem (60)" + ;; + *) + echo "UNKNOWN: $status - ${url}" + exit 3 + ;; + esac + exit 2 +fi +