Skip to content

Implemented Censys Functionality #60

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Ekultek merged 3 commits into from
Feb 21, 2018
Merged

Implemented Censys Functionality #60

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
7943f0e
Added censys functionality
ehlewis Feb 21, 2018
0d3cafa
Added Censys functionality
ehlewis Feb 21, 2018
4081899
Updated requirements document to include requests module
ehlewis Feb 21, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
*.pyc
.idea/*
api.p
hosts.txt
hosts.txt
secret.p
uid.p
59 changes: 48 additions & 11 deletions autosploit.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,9 @@
import pickle
import threading
import subprocess

import json
import requests
import censysSearch
import shodan
# idk if you're going to need this since retrying is a decorator (see line 410)
# from retrying import retry
Expand Down Expand Up @@ -344,6 +346,7 @@ def targets(clobber=True, hostLimit = -1):
print("[{}]Hosts appended to list at ".format(t.green("+"), hostpath))



# TODO:/
# custom list importing needs to be done here.
# could be possible to import the custom list via argparse
Expand Down Expand Up @@ -481,6 +484,7 @@ def try_shodan():
# Make sure a misconfiguration in the MSF settings
# Doesn't execute main menu loop but returns us to the
# appropriate function for handling those settings

if configured is None:
settings()

Expand All @@ -493,23 +497,56 @@ def try_shodan():

if action == '1':
usage()

elif action == '2':
hostLimit = -1
limitYN = raw_input("\n[" + t.magenta("?") + "]Limit number of hosts? [y/n]: ").lower()
if limitYN == 'y':
hostLimit = input("\n[" + t.magenta("?") + "]How many?: ")
if not os.path.isfile("hosts.txt"):
targets(True, hostLimit)
else:
append = raw_input(
"\n[" + t.magenta("?") + "]Append hosts to file or overwrite? [A/O]: ").lower()
if append == 'a':
targets(False, hostLimit)
elif append == 'o':
searchOption = input("\nSelect an option:\n1. Search Shodan\n2. Search Censys\n3. Search Shodan and Censys ")
if searchOption == 1:
if not os.path.isfile("hosts.txt"):
targets(True, hostLimit)
else:
print("\n[{}]Unhandled Option.".format(t.red("!")))
append = raw_input(
"\n[" + t.magenta("?") + "]Append hosts to file or overwrite? [A/O]: ").lower()
if append == 'a':
targets(False, hostLimit)
elif append == 'o':
targets(True, hostLimit)
else:
print("\n[{}]Unhandled Option.".format(t.red("!")))
elif searchOption == 2:
if not os.path.isfile("hosts.txt"):
censysSearch.censysTargets(True, hostLimit)
else:
append = raw_input(
"\n[" + t.magenta("?") + "]Append hosts to file or overwrite? [A/O]: ").lower()
if append == 'a':
censysSearch.censysTargets(False, hostLimit)
elif append == 'o':
censysSearch.censysTargets(True, hostLimit)
else:
print("\n[{}]Unhandled Option.".format(t.red("!")))
elif searchOption == 3:
if not os.path.isfile("hosts.txt"):
targets(True, hostLimit)
censysSearch.censysTargets(False, hostLimit)
else:
append = raw_input(
"\n[" + t.magenta("?") + "]Append hosts to file or overwrite? [A/O]: ").lower()
if append == 'a':
targets(False, hostLimit)
censysSearch.censysTargets(False, hostLimit)
elif append == 'o':
targets(True, hostLimit)
censysSearch.censysTargets(False, hostLimit)
else:
print("\n[{}]Unhandled Option.".format(t.red("!")))

else:
print("\n[{}]Unhandled Option.".format(t.red("!")))


elif action == '3':
if not os.path.isfile("hosts.txt"):
import_custom(True)
Expand Down
123 changes: 123 additions & 0 deletions censysSearch.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,123 @@
#!/usr/bin/env python2.7
import os
import sys
import time
import pickle
import threading
import subprocess
import json
import requests
import autosploit
from blessings import Terminal

t = Terminal()

def censysTargets(clobber=True, hostLimit=-1):
"""Function to gather target host(s) from Censys."""
global query
global stop_animation
API_URL = "https://censys.io/api/v1/search/ipv4"
UID = ""
SECRET = ""

print("\033[H\033[J") # Clear terminal
autosploit.logo()

if not os.path.isfile("uid.p"):
print("[{}]Please provide your Censys API ID.".format(t.green("+")))

UID = raw_input("API ID: ")
pickle.dump(UID, open("uid.p", "wb"))
path = os.path.abspath("uid.p")
print("[{}]\nYour API ID has been saved to {}".format(t.green("+"), path))

else:
try:
UID = pickle.load(open("uid.p", "rb"))
except IOError as e:
print("\n[{}]Critical. An IO error was raised while attempting to read API data.\n{}".format(
t.red("!"), e))

path = os.path.abspath("uid.p")
print("\n[{}]Your API ID was loaded from {}".format(t.green("+"), path))

if not os.path.isfile("secret.p"):
print("[{}]Please provide your Censys Secret key.".format(t.green("+")))

SECRET = raw_input("Secret key: ")
pickle.dump(UID, open("secret.p", "wb"))
path = os.path.abspath("secret.p")
print("[{}]\nYour Secret key has been saved to {}".format(t.green("+"), path))

else:
try:
SECRET = pickle.load(open("secret.p", "rb"))
except IOError as e:
print("\n[{}]Critical. An IO error was raised while attempting to read Secret key data.\n{}".format(
t.red("!"), e))

path = os.path.abspath("secret.p")
print("\n[{}]Your Secret key was loaded from {}".format(t.green("+"), path))

print("[{}]Please provide your platform specific search query.".format(t.green("+")))
print("[{}]I.E. 'IIS' will return a list of IPs belonging to IIS servers.".format(
t.green("+")))

# /TODO:
# fix this, seems to be some issues with it, I could be wrong though
while True:
query = raw_input("\n<" + t.cyan("PLATFORM") + ">$ ")
if query == "":
print("[{}]Query cannot be null.".format(t.red("!")))
else:
break
params = {'query' : query}
print("[{}]Please stand by while results are being collected...\n\n\n".format(
t.green("+")))
time.sleep(1)

try:
response = requests.post(API_URL, json = params, auth=(UID, SECRET))
except Exception as e:
print("\n[{}]Critical. An error was raised with the following error message.\n".format(t.red("!")))

if response.status_code != 200:
print(result.json()["error"])
sys.exit(1)

result = response.json()

thread = threading.Thread(target=autosploit.animation, args=("collecting results", ))
thread.daemon = True
thread.start()

# TODO:/
# edit the clobber function to work properly
if clobber:
with open('hosts.txt', 'wb') as log:
for _ in xrange(autosploit.toolbar_width):
time.sleep(0.1)
for service in result['results']:
if hostLimit > 0 or hostLimit < 0:
log.write("{}{}".format(service['ip'], os.linesep))
hostLimit -= 1
else:
break
autosploit.hostpath = os.path.abspath("hosts.txt")
autosploit.stop_animation = True
print("\n\n\n[{}]Done.".format(t.green("+")))
print("[{}]Host list saved to {}".format(t.green("+"), autosploit.hostpath))
else:
with open("hosts.txt", "ab") as log:
for i in xrange(autosploit.toolbar_width):
time.sleep(0.1)
for service in result['results']:
if hostLimit > 0 or hostLimit < 0:
log.write("{}{}".format(service['ip'], os.linesep))
hostLimit -= 1
else:
break
autosploit.hostpath = os.path.abspath("hosts.txt")
autosploit.stop_animation = True
print("\n\n\n[{}]Done.".format(t.green("+")))
print("[{}]Hosts appended to list at ".format(t.green("+"), autosploit.hostpath))
1 change: 1 addition & 0 deletions requirements.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
shodan==1.7.7
blessings==1.6.1
requests==2.18.4