fofa与shodan接口
参考fofa和shodan的官方文档,利用API
import os
import configparser as cfg
from ttkbootstrap.dialogs import Messagebox
#fofa接口API存储函数
def fofa_write(email,API):
config = cfg.ConfigParser()
config.add_section('fofa')
config['fofa']['email'] = email
config['fofa']['key'] = API
with open('./config/fofa.ini','w') as configFile:
config.write(configFile)
def fofa_read():
config = cfg.ConfigParser()
config.read('./config/fofa.ini')
email = config['fofa']['email']
key = config['fofa']['key']
ls = {'email':email, 'key':key}
return ls
#shodan接口处理函数
def shodan_write(Key):
config = cfg.ConfigParser()
config.add_section('shodan')
config['shodan']['KEY'] = Key
with open('./config/shodan.ini','w') as configFile:
config.write(configFile)
def shodan_read():
config = cfg.ConfigParser()
config.read('./config/shodan.ini')
KEY = config['shodan']["KEY"]
return KEY
上述代码利用configparser模块来制作配置文件,至于configparser模块的使用可以参考Blog中的configparser模块的使用
fofa搜索函数
def fofaSearch():
global fofaBase64Search,fofa_ST,sizeFofaSearch
param = fofa_read()
# print(param)
headers = {
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36'
}
url = 'https://fofa.info/api/v1/search/all'
size = sizeFofaSearch.get()
if size.isdigit():
param['size'] = int(size)
fofaBase64 = fofaBase64Search.get()
param['qbase64'] = fofaBase64
try:
res = requests.get(headers=headers,
url=url,
params=param)
if res.status_code == -1:
funcFofaError = lambda:Messagebox.show_error(message="账号出错,请检查email和key的配置信息")
funcFofaError()
fofa_ST.insert(END,"账号出错,请检查email和key的配置信息")
elif res.status_code == -4:
funcFofaError = lambda:Messagebox.show_error(message="请求参数出错,请检查搜索语句。注意:请填写base64编码后的语句")
funcFofaError()
fofa_ST.insert(END,"请求参数出错,请检查搜索语句。注意:请填写base64编码后的语句")
elif res.status_code == -5:
funcFofaError = lambda: Messagebox.show_error(message="查询异常,请检查配置的email和key,请注意,非普通会员以上用户,如果F币不足,将无法查询")
funcFofaError()
fofa_ST.insert(END, "查询异常,请检查配置的email和key,请注意,非普通会员以上用户,如果F币不足,将无法查询")
else:
resT = json.loads((res.content).decode('utf-8'))
length = len(resT['results'])
fofa_ST.insert(END,"正在对搜索到的信息进行整合:/n")
fileUrlPath = str(os.getcwd()) +'//results//fofa//' +time_now + '_url.txt'
fileAllPath = str(os.getcwd()) + '//results//fofa//' + time_now + '_all.txt'
with open(fileAllPath,'a+') as allF:
for i in range(length):
all = 'url:' + resT['results'][i][0] + '/t' + /
'ip:' + resT['results'][i][1] + '/t' + /
'port:' + resT['results'][i][2]
allF.write(all+'/n')
with open(fileUrlPath,'a+') as urlF:
for j in range(length):
url = resT['results'][j][0]
if url[:7] == 'http://' or url[:8] == 'https://':
fofa_ST.insert(END,url+'/n')
urlF.write(url+'/n')
else:
newurl = 'http://'+ str(url)
fofa_ST.insert(END,newurl+'/n')
urlF.write(newurl+'/n')
successSearch = lambda:Messagebox.ok(message='搜索完成,文件已保存在results目录下')
successSearch()
fofa_ST.insert(END,'搜索完成,文件已保存在results目录下/n'
'=====================================================/n')
except Exception as error:
FailedSearch = lambda:Messagebox.show_error(message="出错了!请检查base64编码前的语句是否正确,如有问题,请联系作者修改/n")
FailedSearch()
shodan搜索函数
def shodanSearch():
global shodanParamSearch,shodanSearchNum
SHODAN_API_KEY = shodan_read()
API = shodan.Shodan(SHODAN_API_KEY)
shodan_ST.insert(END,"shodan搜索进行中,请勿关闭程序/n")
try:
paramSearch = shodanParamSearch.get()
NumSearch = shodanSearchNum.get()
fileUrlPath = str(os.getcwd()) + '//results//shodan//' + time_now + '_url.txt'
fileAllPath = str(os.getcwd()) + '//results//shodan//' + time_now + '_all.txt'
if NumSearch.isdigit():
NumSearch = int(NumSearch)
page_num = NumSearch / 100
page_num += 1
page_num = int(page_num)
else:
page_num = 2
for p in range(1,page_num):
results = API.search(paramSearch,page=p)
for i in range(100):
with open(fileUrlPath,'a+') as f:
ip_str = str(results['matches'][i]['ip_str'])
port = str(results['matches'][i]['port'])
if port is not None:
newUrl = 'http://' + ip_str + ':'+port +'/n'
f.write(newUrl)
shodan_ST.insert(END,newUrl)
else:
noPortUrl = 'http://' + ip_str +'/n'
f.write(noPortUrl)
shodan_ST.insert(END,noPortUrl)
funcSuccess = lambda:Messagebox.ok(message='搜索完毕,文件保存在/results/shodan下')
funcSuccess()
shodan_ST.insert(END,"搜索完毕,文件保存在/results/shodan下/n"
"======================================================")
except Exception as e:
shodan_ST.insert(END,'搜索出错,请检查搜索语句和shodan配置,如果无误,请联系作者!')
pass
以上是我编写成功后的调用函数。如果有其他问题,可以联系作者,或者在Github项目(https://github.com/Yu0ri/CubitTest)上留言
原创文章,作者:wdmbts,如若转载,请注明出处:https://blog.ytso.com/tech/pnotes/277994.html