Posted by Security is just an illusion at Saturday, December 07, 2013
Read our previous post
Shodanhq meets Cobalt Strike Script Engine
Maybe anybody can need it,Just a Simple Interface Script for Shodan Search Engine.
Here some Screenshots :
Enter Search Word Like “ssh2”
Be Happy ;)
Simple Script to parse all ips,sry im not a dev pro ;) No auto add ips atm….. maybe sometimes
Add Host Copy & Paste
Happy Hunting ---->
Its a littlebit buggi but it works .
Source code :
# Shodan API Query for Cobalt Engine v0.1
# Contana Script Engine r0ckz.
# by cr4shyyy
# from http://security-is-just-an-illusion.blogspot.de
println("\n----------------------------------------\n\c4[*] Shodan API Query for Cobalt Engine v0.1 Loaded [*] \n----------------------------------------");
menubar("Web ToolKit", "webstuff",2);
popup webstuff {
menu "Shodan Search" {
item "Query Shodan Api" {
$ip = prompt_text("Enter Search Query");
$output = prompt_text("Enter File Name Log File Saved on Desktop");
if
($ip !is $null) {
show_message("Lets Pwn The Box!");
println("\n----------------------------------------\n\c4[*] Get Targets from Shodan API \n----------------------------------------");
$console = console();
$console = open_console_tab("Get Targets from Shodan API");
cmd($console, "use auxiliary/gather/shodan_search");
cmd($console, "set MAXPAGE 5");
cmd($console, "set SHODAN_APIKEY W6UgwFqFuejJvAEOZuRX5Jd6vXrbfN72");
cmd($console, "set QUERY $ip");
cmd($console, "set DATABASE 1");
cmd($console, "set OUTFILE /root/Desktop/$output");
cmd($console, "set VHOST www.shodanhq.com");
cmd($console, "run -j");
sleep(10 * 1000);
}
cmd($console, "python /root/Desktop/shoda.py /root/Desktop/$output");
db_sync();
}
}
}
Split Ips from Log File :
#!/usr/bin/python
#########################################################################
# ___ _ _ _____ ___ ____ __
# / __)( )_( )( _ )/ __)( _ \( )
# \__ \ ) _ ( )(_)( ( (_-.) / )(__
# (___/(_) (_)(_____)\___/(_)\_)(____) V0.21
# -some code borrowed from >> https://developers.shodan.io/index.html
# -rest created/mixed up by FIZZLESTICK
# -trollsohard[at]rebelbas.es
#
# MORE INFO COMING
#
# [changelog]
# 9/25/2013 v0.2 - written up for RC worth.. needs some IP/vs DNS handling
# 10/11/2013 v0.21 - cleaned up host output a bit, banners, formatting
#########################################################################
#!/usr/bin/env python
#import the necessary modules
import re #for regular expressions - to match ip's
import sys #for parsing command line opts
# I need to probably make this more pythonic but am working on that...
# if file is specified on command line, parse, else ask for file
if sys.argv[1:]:
logfile = sys.argv[1]
else:
logfile = raw_input("Please enter a file to parse, e.g /var/log/secure: ")
try:
# open the file
file = open(logfile, "r")
# create an empty list
ips = []
# read through the file
for text in file.readlines():
#strip off the \n
text = text.rstrip()
#this is probably not the best way, but it works for now
regex = re.findall(r'(?:\d{1,3}\.){3}\d{1,3}', text)
# if the regex is not empty and is not already in ips list append
if regex is not None and regex not in ips:
ips.append(regex)
#loop through the list
for ip in ips:
#I know there is argument as to whether the string join method is pythonic
addy = "".join(ip)
if addy is not '':
print "%s"% (addy)
#cleanup and close file
file.close()
#catch any standard error (we can add more later)
except IOError, (errno, strerror):
print "I/O Error(%s) : %s" % (errno, strerror)
INFO : Feel Free to use my Api Key :)
Submit your website or blog now for indexing in Google and over 300 other search engines!
ReplyDeleteOver 200,000 sites listed!
SUBMIT NOW using I NEED HITS!!!