Wednesday, January 8, 2014

Shodan Search Tool w/My Ruby API Class

Today I just wanted to share a little something I made for Shodan. If you don't know what Shodan is, then I highly recommend you check them out and do some quick googling to see what others have done with its help. I initially tried using their published ruby gem and published API documentation but it failed miserably (likely could just be me, but seems their code is outdated with how their site provides output now, idk). I really like Shodan though so I decided to create my own version of their API so I could get started on making a cool search assistant I can run from the command line with some basic logging for analysis after. Once I finished redoing the API class, I made a little CLI based search tool to make quick Shodan research a snap and am now sharing with the rest of the world, hope its helpful for others.

Prerequisites:
sudo gem install colorize curb json nokogiri

NOTE: curb uses libcurl under the hood so you might need to install this if not already included on your OS

Basic Help Menu:


You can run a basic Shodan search and display the results, which are also logged to the results folder.


The logged results are overwritten on each search so you need to rename it or move it if you want to use it later and plan to run multiple searches.

I also made option for quick search which runs a Shodan search and returns the list of IP addresses from results, skipping all the details. I typically run a normal search, then a follow up quick search on same keywords to pass of lists to other tools in a speedy fashion while manual review is more involved with the full search results...

Shodan also offers up a nice search feature to search for exploits which leverages multiple exploit databases. I currently have the Exploit-db and Metasploit search engines available and fully working. This means you can easily search for known exploits with variety of keywords and get matching results displayed and logged for you.

You can even download the exploit/poc code from search results by referencing the ID number from results.

ToDo List:
Include options to search tool for premium search options (somewhat built into my API Class already but not in tool). Include a Gemfile for easy installs for bundler lovers. Also I have not uploaded things to Github yet as I fried my old box and lost a lot of stuff, working on recovery still but should have it updated soon. Until then you can find things on Pastebin, available for a long while...

My Shodan API Standalone Class:

Direct link: http://pastebin.com/q6LZJqcD


My Shodan API Search Tool, Source Code:

Direct Link: http://pastebin.com/B0SdmmrX

Helpful for me, hope it is for you too!

Until next time, Enjoy!

2 comments:

  1. A really useful script for network pentesters :)

    ReplyDelete
  2. /exploit-serach.rb -s windows

    Shodan API Search Assistant
    By: Hood3dRob1n
    Unknown Problem with Connection to Shodan API!
    Unknown Problem with Connection to Shodan API!

    ReplyDelete