Exemplo n.º 1
0
 def module_run(self, companies):
     api_id = self.get_key("censysio_id")
     api_secret = self.get_key("censysio_secret")
     c = CensysCertificates(api_id, api_secret)
     SEARCH_FIELDS = [
         "parsed.subject.organization",
         "parsed.subject.organizational_unit",
     ]
     for company in companies:
         company = company.strip('"')
         self.heading(company, level=0)
         try:
             query = " OR ".join(
                 ['{0}:"{1}"'.format(x, company) for x in SEARCH_FIELDS]
             )
             res = c.search(
                 query,
                 ["parsed.names"],
                 max_records=self.options.get("max_records", 100),
             )
         except CensysException:
             self.print_exception()
             continue
         domains = set()
         for result in res:
             for name in result.get("parsed.names", []):
                 if name.startswith("*."):
                     name = name.replace("*.", "")
                 domains.add(name)
         for domain in domains:
             self.insert_domains(domain=domain)
Exemplo n.º 2
0
def execute(domain, config, **kwargs):
    if handler.SIGINT:
        Output().warn("Aborted plugin: %s" % NAME, False)
        return None
    try:
        c = CensysCertificates(api_id=config['uid'],
                               api_secret=config['secret'])
        fields = [
            "parsed.names", "parsed.subject.common_name",
            "parsed.extensions.subject_alt_name.dns_names"
        ]
        results = []
        for page in c.search(domain, fields,
                             max_records=config['max_records']):
            results.append(page)
        #Flatten json to array
        list = []
        for x in results:
            if x.get('parsed.namesn'):
                list += (x.get('parsed.names'))

            if x.get('parsed.subject.common_name'):
                list += x.get('parsed.subject.common_name')

            if x.get('parsed.extensions.subject_alt_name.dns_names'):
                list += x.get('parsed.extensions.subject_alt_name.dns_names')

        subdomains = []
        for x in list:
            subdomains.append(x.lstrip('*').lstrip('.'))
        subdomains = sorted(set(subdomains))
        return subdomains
    except Exception as E:
        print(E)
        raise
Exemplo n.º 3
0
    def run(self):
        if not self.args['API_ID']['Value'] or not self.args['API_SECRET'][
                'Value']:
            return False

        try:
            certs = CensysCertificates(
                api_id=self.args['API_ID']['Value'],
                api_secret=self.args['API_SECRET']['Value'])
            resp = certs.search("parsed.names: {}".format(self.target),
                                fields=['parsed.names'])
            for line in resp:
                for sub in line['parsed.names']:
                    if sub.endswith(self.target):
                        self.handler.sub_handler({
                            'Name': sub,
                            'Source': self.name
                        })

        except Exception as e:
            if str(e).startswith('403 (unauthorized):'):
                print(
                    highlight('[!]', 'yellow'),
                    highlight(
                        'Censys Authentication Failed: Verify API ID & Secret.',
                        'gray'))
            elif '400 (max_results)' in str(e):
                pass
            else:
                print(highlight('[!]', 'yellow'),
                      highlight('Censys.IO Error: {}.'.format(e), 'gray'))
Exemplo n.º 4
0
    def execute(self):
        if not self.api or not self.secret:
            return

        try:
            certs = CensysCertificates(api_id=self.api, api_secret=self.secret)
            resp = certs.search("parsed.names: {}".format(self.target),
                                fields=['parsed.names'])
            for line in resp:
                for sub in line['parsed.names']:
                    if sub.endswith(self.target):
                        self.handler.sub_handler({
                            'Name': sub,
                            'Source': 'Censys.io'
                        })

        except Exception as e:
            if str(e).startswith('403 (unauthorized):'):
                stdout.write(
                    "\033[1;33m[!]\033[1;m \033[1;30mCensys.IO Authentication Failed: verify API Key/Secret\033[1;m\n"
                )
            elif '400 (max_results)' in str(e):
                pass
            else:
                stdout.write(
                    "\033[1;33m[!]\033[1;m \033[1;30mCensys.IO Error: {}\033[1;m\n"
                    .format(str(e)))
def find_subdomains(domain, api_id, api_secret, limit_results):
    try:
        censys_certificates = CensysCertificates(api_id=api_id,
                                                 api_secret=api_secret)
        certificate_query = 'parsed.names: %s' % domain
        if limit_results:
            certificates_search_results = censys_certificates.search(
                certificate_query,
                fields=['parsed.names'],
                max_records=NON_COMMERCIAL_API_LIMIT)
        else:
            certificates_search_results = censys_certificates.search(
                certificate_query, fields=['parsed.names'])

        # Flatten the result, and remove duplicates
        subdomains = []
        for search_result in certificates_search_results:
            subdomains.extend(search_result['parsed.names'])

        return set(subdomains)
    except censys.common.exceptions.CensysUnauthorizedException:
        sys.stderr.write('[-] Your Censys credentials look invalid.\n')
        exit(1)
    except censys.common.exceptions.CensysRateLimitExceededException:
        sys.stderr.write(
            '[-] Looks like you exceeded your Censys account limits rate. Exiting\n'
        )
        return set(subdomains)
    except censys.common.exceptions.CensysException as e:
        # catch the Censys Base exception, example "only 1000 first results are available"
        sys.stderr.write('[-] Something bad happened, ' + repr(e))
        return set(subdomains)
Exemplo n.º 6
0
    async def do_search(self):
        try:
            cert_search = CensysCertificates(
                api_id=self.key[0],
                api_secret=self.key[1],
                user_agent=
                f"censys/{__version__} (theHarvester/{Core.version()}; +https://github.com/laramies/theHarvester)",
            )
        except CensysUnauthorizedException:
            raise MissingKey('Censys ID and/or Secret')

        query = f"parsed.names: {self.word}"
        try:
            response = cert_search.search(
                query=query,
                fields=[
                    "parsed.names", "metadata", "parsed.subject.email_address"
                ],
            )
            for cert in response:
                self.totalhosts.update(cert.get("parsed.names", []))
                self.emails.update(cert.get("parsed.subject.email_address",
                                            []))
        except CensysRateLimitExceededException:
            print("Censys rate limit exceeded")
Exemplo n.º 7
0
 def module_run(self, companies):
     api_id = self.get_key('censysio_id')
     api_secret = self.get_key('censysio_secret')
     c = CensysCertificates(api_id, api_secret)
     SEARCH_FIELDS = [
         'parsed.subject.organization',
         'parsed.subject.organizational_unit'
     ]
     for company in companies:
         self.heading(company, level=0)
         try:
             query = ' OR '.join(
                 ['{0}:"{1}"'.format(x, company) for x in SEARCH_FIELDS])
             payload = c.search(query, ['parsed.names'])
         except CensysException:
             continue
         for result in payload:
             for name in result.get('parsed.names', []):
                 if name.startswith('*.'):
                     self.insert_domains(name.replace('*.', ''))
Exemplo n.º 8
0
def get_certificates(domain, api_id, api_secret):
    try:
        censys_certificates = CensysCertificates(api_id=api_id,
                                                 api_secret=api_secret,
                                                 user_agent=USER_AGENT)

        requested_fields = ["parsed.names", "parsed.fingerprint_sha256"]

        certificate_query = f"parsed.names: {domain} AND tags.raw: trusted AND NOT parsed.names: cloudflaressl.com"
        certificates_search_results = censys_certificates.search(
            certificate_query, fields=requested_fields)
        return set([
            cert["parsed.fingerprint_sha256"]
            for cert in certificates_search_results
        ])
    except CensysUnauthorizedException:
        sys.stderr.write(INVALID_CREDS)
        exit(1)
    except CensysRateLimitExceededException:
        sys.stderr.write(RATE_LIMIT)
        exit(1)