Skip to content

Latest commit

 

History

History
97 lines (57 loc) · 4.79 KB

README.md

File metadata and controls

97 lines (57 loc) · 4.79 KB

ASN Lookup Tool (Bash)

Description

ASN/IPv4/IPv6/Prefix/ASPath/Organization lookup tool

Forked from nitefood/asn and modified for Asuswrt-Merlin firmware

The script will perform an AS path trace (using mtr in raw mode and retrieving AS data from the results) for single IPs or DNS results, optionally reporting detailed data for each hop, such as organization/network name, geographic location, etc.

It is also possible to search by organization name in order to retrieve a list of IPv4/6 network ranges related to a given company. A multiple choice menu will be presented if more than one organization matches the search query.

Screenshots for every lookup option are below.

The script uses the Team Cymru and the Prefix WhoIs Project services for data.

Requirements


Screenshots

Generic usage

  • IPv4 lookup

ipv4lookup

  • IPv6 lookup

ipv6lookup

  • Autonomous system number lookup

asnlookup

  • Hostname lookup

hostnamelookup

AS Path tracing

  • ASPath trace to github.com

pathtrace

detailed_pathtrace

Network search by organization

  • Organization search for "github"

search_by_org


Installation

Copy and paste the command below into an SSH session:

sh -c "$(curl -sL https://raw.githubusercontent.com/Xentrk/asn/master/Install_asn.sh)"

You can then run the script by typing asn.

Removal

Copy and paste the command below into an SSH session:

rm /opt/bin/asn

Usage

  • asn <ASnumber> -- lookup matching ASN data. Supports "as123" and "123" formats (case insensitive)
  • asn [-n|-d] <IPv4/IPv6> -- lookup matching route(4/6) and ASN data
  • asn [-n|-d] <host.name.tld> -- lookup matching IP(v4/v6), route and ASN data (supports multiple IPs - e.g. DNS RR)
  • asn <Prefix> -- lookup matching ASN data for the given prefix in CIDR format e.g. 8.20.0.0/23
  • asn <Organization Name> -- search by company name and lookup network ranges exported by (or related to) the company

Detailed hop info reporting can be turned on by passing the [-d|--detailed] command line switch. This will enable querying the public pWhois server for every hop in the mtr trace, and its output will be displayed as a "tree" below the hop data, in addition to Team Cymru's server output (which only reports the AS name that the organization originating the prefix gave to its autonomous system number). This can be useful to figure out more details regarding the organization's name, the prefix' intended designation, and even (to a certain extent) its geographical scope.

The script will attempt a generic whois lookup during traces when Team Cymru and pWhois have no info about the IP address or prefix. This usually happens for IXP and PNI prefixes, and will give better insight into the path taken by packets.

Geolocation and organization data is taken from pWhois.

AS path tracing is enabled by default for all lookups. In case of multiple IP results, the script will trace the first IP. Tracing can be disabled by passing the [-n|--notrace] command line switch.

Thanks

The original ASN Lookup Tool was featured in the Security Trails blog post "ASN Lookup Tools, Strategies and Techniques". Thank you Esteban!

Feedback and contributing

Any feedback or pull request to improve the code is welcome. Feel free to contribute!