def do_login(self):
utils.print_info("Reauthen using credentials from: {0}".format(
self.options.get('config')))
login_url = 'https://account.shodan.io/login'
r = sender.send_get(self.options, login_url, cookies=None)
if r.status_code == 200:
cookies = r.cookies
form = utils.soup(r.text).find_all("form")
if form:
inputs = form[0].findChildren('input')
for tag in inputs:
if tag.get('name') == 'csrf_token':
csrf_token = tag.get('value')
username, password = utils.get_cred(self.options, source='shodan')
data = {"username": username, "password": password, "grant_type": "password",
"continue": "https://www.shodan.io/", "csrf_token": csrf_token, "login_submit": "Login"}
really_login_url = 'https://account.shodan.io/login'
r1 = sender.send_post(
self.options, really_login_url, cookies, data, follow=False)
if r1.status_code == 302:
for item in r1.cookies.items():
if item.get('polito'):
shodan_cookies = item.get('polito')
utils.set_session(
self.options, shodan_cookies, source='shodan')
return shodan_cookies
return False
def do_login(self):
utils.print_info("Reauthen using credentials from: {0}".format(
self.options.get('config')))
login_url = 'https://censys.io/login'
r = sender.send_get(self.options, login_url, cookies=None)
if r.status_code == 200:
cookies = r.cookies
form = utils.soup(r.text).find_all("form")
if form:
inputs = form[0].findChildren('input')
for tag in inputs:
if tag.get('name') == 'csrf_token':
csrf_token = tag.get('value')
username, password = utils.get_cred(self.options, source='censys')
data = {"csrf_token": csrf_token, "came_from": "/",
"from_censys_owned_external": "False", "login": username, "password": password}
really_login_url = 'https://censys.io/login'
r1 = sender.send_post(
self.options, really_login_url, cookies, data, follow=False)
if r1.status_code == 302:
for item in r1.cookies.items():
if item[1]:
censys_cookies = item[1]
utils.set_session(
self.options, censys_cookies, source='censys')
return censys_cookies
return False
def get_asn_ip(self, asn):
asn_num = utils.get_asn_num(asn)
url = 'https://mxtoolbox.com/Public/Lookup.aspx/DoLookup2'
data = {"inputText": f"asn:{asn_num}", "resultIndex": 1}
r = sender.send_post(
self.options, url, data, is_json=True)
content = r.text
ips = utils.grep_the_IP(content, verbose=True)
return ips
def sending(self, data):
# sending request and return the response
r = sender.send_post(self.options, self.base_url, data, is_json=True)
if r.status_code == 200:
response = json.loads(r.text)
if response.get('result') == "OK":
output = self.analyze(response)
# write csv here
self.conclude(output)
def sending(self, data):
# sending request and return the response
r = sender.send_post(self.options, self.base_url, data, is_json=True)
if r.status_code == 200:
response = json.loads(r.text)
output = self.analyze(response)
if output:
page_num = int(response.get('exploits_total')) / 10
# checking if there is many pages or not
if self.pages(page_num):
output += self.pages(page_num)
# write csv here
self.conclude(output)
def do_login(self):
utils.print_info("Reauthen using credentials from: {0}".format(
self.options.get('config')))
login_url = 'https://i.nosec.org/login?service=http%3A%2F%2Ffofa.so%2Fusers%2Fservice'
r = sender.send_get(self.options, login_url, cookies=None)
if r.status_code == 200:
cookies = r.cookies
form = utils.soup(r.text).find(id="login-form")
inputs = form.findChildren('input')
for tag in inputs:
if tag.get('name') == 'authenticity_token':
authenticity_token = tag.get('value')
if tag.get('name') == 'lt':
lt = tag.get('value')
if tag.get('name') == 'authenticity_token':
authenticity_token = tag.get('value')
username, password = utils.get_cred(self.options, source='fofa')
data = {
"utf8": "\xe2\x9c\x93",
"authenticity_token": authenticity_token,
"lt": lt,
"service": "http://fofa.so/users/service",
"username": username,
"password": password,
"rememberMe": "1",
"button": ''
}
really_login_url = 'https://i.nosec.org/login'
r1 = sender.send_post(self.options, really_login_url, cookies,
data)
if r1.status_code == 200:
fofa_cookie = r1.cookies.get('_fofapro_ars_session')
utils.set_session(self.options, fofa_cookie, source='fofa')
return fofa_cookie
return False
def pages(self, page_num):
more_output = []
for i in range(1, int(page_num) + 1):
utils.print_debug(self.options, "Sleep for couple seconds")
utils.random_sleep(1, 3)
utils.print_info("Get more result from page: {0}".format(str(i)))
data = {"type": "exploits", "sort": "default",
"query": self.query,
"title": not self.options.get('relatively'), "offset": i * 10}
r = sender.send_post(
self.options, self.base_url, data, is_json=True)
if r.status_code == 200:
response = json.loads(r.text)
if self.analyze(response):
more_output += self.analyze(response)
else:
return False
return more_output