def fofa_api(domain):
import pyfofa
email = '*****@*****.**'
key = '2bee09803e485cd94f1484249b70d74c'
search = pyfofa.FofaAPI(email, key)
r = search.get_data("cert="+"'"+domain+"'", 10, "host,ip")['results']
list = ["Host: {} IP:{}".format(host,ip) for host,ip in r]
return list
def search_fofa_with_same_feature(title, cert_host, domain_a_records):
if title and cert_host:
query = 'title="{title}" || cert="{cert}"'.format(title=title,
cert=cert_host)
elif title:
query = 'title="{title}"'.format(title=title)
elif cert_host:
query = 'cert="{cert}"'.format(cert=cert_host)
else:
### fatal
print('[FATAL] can not find TITLE and CERT info.')
exit(1)
try:
search = pyfofa.FofaAPI(fofa_email, fofa_key)
except Exception as e:
print(
'[FOFA] API Exception: open https://fofa.so in browser for connection check'
)
# traceback.print_exc()
exit(1)
result = search.get_data(query, 1, "host,ip,domain,protocol")
if not all([result.get('size'), result.get('results')]):
print('[FOFA] API Result:\n{}'.format(result))
print('Please Check Your FOFA member plan.')
exit(1)
size = result['size']
### 返回数量太大可能存在误报
if size > 100:
print('[FOFA] size: {}, check manualy, query: {}'.format(size, query))
exit(0)
clean_result = {}
for host, ip, domain, protocol in result['results']:
### 存在domain的需要丢弃,我们要找可以通过ip进行访问的网站
### ip为域名解析后的ip,需要丢弃,通常waf、cdn配置后不存在该情况
if domain or ip in domain_a_records:
continue
sites = clean_result.get(ip, set([]))
if protocol:
site = '{}://{}'.format(protocol, host)
elif not host.startswith('http'):
site = '{}://{}'.format('http', host)
else:
site = host
# 针对FOFA端口去重
if site.count(':') == 1 and site.startswith('https://'):
site += ':443'
elif site.count(':') == 1 and site.startswith('http://'):
site += ':80'
sites.add(site)
clean_result[ip] = sites
### info
print('[FOFA] find {} ip has same site. Waiting for checking...'.format(
len(clean_result.keys())))
return clean_result
def check_user():
'''
请将邮箱以及API值填入此处
'''
email = ''
key = ''
client = pyfofa.FofaAPI(email, key)
userinfo = client.get_userinfo()
try:
print('[*] success!')
print(
f'用户名:\t\t{userinfo["username"]}\nvip等级:\t\t{userinfo["vip_level"]}\n剩余F币:\t\t{userinfo["fcoin"]}\n\n'
)
return client
except:
print(f'[*] error:{userinfo["errmsg"]}')
print('[*] exit!')
sys.exit()
def Fofa(self,count):
#fofa扫描
urllist=[]
value = ''
for key in self.syntax:
value+=key+','
email = self.fofa_email
key = self.fofa_key
search = pyfofa.FofaAPI(email, key)
try:
for host in search.get_data('%s'%(value),count, "host")['results']:
if self.domain_scan:
if self.getdomain(host)!=None:
urllist.append(self.getdomain(host))
else:
urllist.append(self.geturl(host))
except:
print("KeyError:fofa连接失败,请检查email和key是否正确或者更新key!")
sys.exit()
return urllist
# !/usr/bin/env python3
# -*- coding: utf-8 -*-
# @Time : 2018/3/25
# @Author : h4rdy <*****@*****.**>
# @File : ssl_example.py
import pyfofa
email = '*****@*****.**'
key = '123456'
search = pyfofa.FofaAPI(email, key)
for host, ip in search.get_data('cert="baidu.com"', 1, "host,ip")['results']:
print(host, ip)