[Perl] Shodan Tool 0.2

Un simple script en Perl para realizar busquedas en Shodan usando el API que hicieron para Perl.

El codigo.

Código

#!usr/bin/perl
# Shodan Tool 0.2
# (C) Doddy Hackman 2013
 
# Install the dependencies
# sudo perl -MCPAN -e 'install CGI::Enurl'
# sudo perl -MCPAN -e 'install JSON::XS'
# sudo perl -MCPAN -e 'install HTTP::Request::Common'
# Install Shodan
# curl -OL http://github.com/downloads/achillean/shodan-perl/Shodan-0.3.tar.gz
# tar zxvf Shodan-0.3.tar.gz
# cd Shodan-0.3
# perl Makefile.PL
# make
# sudo make install
 
use Shodan::WebAPI;
 
$SIG{INT} = \&copyright;
 
$your_key = "fuck you";    # Your Api Key
 
head();
 
unless ( $ARGV[0] ) {
    print "\n[+] Sintax : $0 <search>\n";
}
else {
 
    print "\n[+] Searching ...\n";
 
    $shell_shodan = new Shodan::WebAPI($your_key);
    $resultados   = $shell_shodan->search( $ARGV[0] );
 
    @encontrados = @{ $resultados->{"matches"} };
 
    for ( $i = 0 ; $i < $#encontrados ; ) {
 
        print "\n[+] Search Number : " . $i . "\n";
 
        if ( $encontrados[$i]->{country_name} eq "" ) {
            print "[+] Country : Not Found\n";
        }
        else {
            print "[+] Country : " . $encontrados[$i]->{country_name} . "\n";
        }
        if ( $encontrados[$i]->{ip} eq "" ) {
            print "[+] IP : Not Found\n";
        }
        else {
            print "[+] IP : " . $encontrados[$i]->{ip} . "\n";
        }
 
        print "[+] Hostnames: ",
          join( "\t", @{ $encontrados[$i]->{hostnames} } ), "\n";
 
        print "\n";
 
        if ( $encontrados[$i]->{os} eq "" ) {
            print "[+] OS : Not Found\n";
        }
        else {
            print "[+] OS : " . $encontrados[$i]->{os} . "\n";
        }
        if ( $encontrados[$i]->{port} eq "" ) {
            print "[+] Port : Not Found\n";
        }
        else {
            print "[+] Port : " . $encontrados[$i]->{port} . "\n";
        }
        if ( $encontrados[$i]->{updated} eq "" ) {
            print "[+] Last Updated : Not Found\n";
        }
        else {
            print "[+] Last Updated : " . $encontrados[$i]->{updated} . "\n";
        }
 
        print "\n[Data Start]\n" . $encontrados[$i]->{data} . "\n[Data End]\n";
 
        $i++;
 
        if ( $i % 5 == 0 ) {
            print "\n[+] Press enter to show more\n";
            <STDIN>;
        }
    }
}
 
copyright();
 
# Functions
 
sub head {
    print "\n-- == Shodan Tool 0.2 == --\n";
}
 
sub copyright {
    print "\n-- == (C) Doddy Hackman 2013 == --\n";
    exit(1);
}
 
# The End ?

Un ejemplo de uso.

Código:

doddy@doddy-desktop:~/Escritorio/HackingToolz/Warfactory IX/Shodan$ perl shodantool.pl "facultad"

-- == Shodan Tool 0.2 == --

[+] Searching ...

[+] Search Number : 0
[+] Country : Spain
[+] IP : 193.147.172.36
[+] Hostnames: ftp.fgh.us.es

[+] OS : Not Found
[+] Port : 21
[+] Last Updated : 27.11.2013
Wide character in print at shodanfinal.pl line 78.

[Data Start]
220-Microsoft FTP Service
220 FACULTAD DE GEOGRAF�A E HISTORIA. INFORMA�TICA
230-BIENVENIDOS AL SERVIDOR DE RECURSOS COMPARTIDOS DOCENTES DE LA FACULTAD DE GEOGRAF�A E HISTORIA
230 Anonymous user logged in.
214-The following  commands are recognized(* ==>'s unimplemented).
   ABOR 
   ACCT 
   ALLO 
   APPE 
   CDUP 
   CWD  
   DELE 
   FEAT 
   HELP 
   LIST 
   MDTM 
   MKD  
   MODE 
   NLST 
   NOOP 
   OPTS 
   PASS 
   PASV 
   PORT 
   PWD  
   QUIT 
   REIN 
   REST 
   RETR 
   RMD  
   RNFR 
   RNTO 
   SITE 
   SIZE 
   SMNT 
   STAT 
   STOR 
   STOU 
   STRU 
   SYST 
   TYPE 
   USER 
   XCUP 
   XCWD 
   XMKD 
   XPWD 
   XRMD 
214  HELP command successful.
[Data End]

[+] Search Number : 1
[+] Country : Bolivia
[+] IP : 200.87.234.18
[+] Hostnames: 

[+] OS : Not Found
[+] Port : 21
[+] Last Updated : 25.11.2013

[Data Start]
220 Bienvenido al servicio de FTP de la Facultad de Ciencias Extactas y Tecnologia - U.A.G.R.M.
230 Login successful.
214-The following commands are recognized.
 ABOR ACCT ALLO APPE CDUP CWD  DELE EPRT EPSV FEAT HELP LIST MDTM MKD
 MODE NLST NOOP OPTS PASS PASV PORT PWD  QUIT REIN REST RETR RMD  RNFR
 RNTO SITE SIZE SMNT STAT STOR STOU STRU SYST TYPE USER XCUP XCWD XMKD
 XPWD XRMD
214 Help OK.
[Data End]

[+] Search Number : 2
[+] Country : Chile
[+] IP : 146.83.193.197
[+] Hostnames: zafiro.ciencias.ubiobio.cl

[+] OS : Not Found
[+] Port : 80
[+] Last Updated : 24.11.2013

[Data Start]
HTTP/1.0 302 Found
Date: Sun, 24 Nov 2013 04:06:36 GMT
Server: Apache/2.2.16 (Debian)
Location: http://146.83.193.197/facultad/
Vary: Accept-Encoding
Content-Length: 295
Content-Type: text/html; charset=iso-8859-1


[Data End]

[+] Search Number : 3
[+] Country : Venezuela
[+] IP : 190.169.126.3
[+] Hostnames: inving.ing.ucv.ve

[+] OS : Not Found
[+] Port : 21
[+] Last Updated : 23.11.2013

[Data Start]
220 FTP -2: - Facultad de Ingenieira
530 Login or password incorrect!
214-The following commands are recognized:
   USER   PASS   QUIT   CWD    PWD    PORT   PASV   TYPE
   LIST   REST   CDUP   RETR   STOR   SIZE   DELE   RMD 
   MKD    RNFR   RNTO   ABOR   SYST   NOOP   APPE   NLST
   MDTM   XPWD   XCUP   XMKD   XRMD   NOP    EPSV   EPRT
   AUTH   ADAT   PBSZ   PROT   FEAT   MODE   OPTS   HELP
   ALLO   MLST   MLSD   SITE   P@SW   STRU   CLNT   MFMT
214 Have a nice day.
[Data End]

[+] Search Number : 4
[+] Country : Argentina
[+] IP : 163.10.23.131
[+] Hostnames: www.fcnym.unlp.edu.ar

[+] OS : Not Found
[+] Port : 80
[+] Last Updated : 23.11.2013

[Data Start]
HTTP/1.0 200 OK
Date: Sat, 23 Nov 2013 14:31:52 GMT
Server: Apache/2.2.22 (Ubuntu)
X-Powered-By: PHP/5.3.10-1ubuntu3.4
Set-Cookie: choiqueCMS-froNt3nD-facultad=qo7hgqq9cdir6t5pgsg0bgipe1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8


[Data End]

[+] Press enter to show more


[+] Search Number : 5
[+] Country : Mexico
[+] IP : 148.224.13.152
[+] Hostnames: 152-13-static.uaslp.mx

[+] OS : Not Found
[+] Port : 80
[+] Last Updated : 23.11.2013

[Data Start]
HTTP/1.0 401 Unauthorized
Connection: Keep-Alive
Cache-Control: no-cache
WWW-Authenticate: Digest realm="FACULTAD DE PSICOLOGIA", domain="/", nonce="103efee03d", algorithm="MD5", qop="auth"
WWW-Authenticate: Basic realm="FACULTAD DE PSICOLOGIA"
Content-Type: text/html
Content-Length: 236


[Data End]

[+] Search Number : 6
[+] Country : Argentina
[+] IP : 190.11.104.87
[+] Hostnames: host87-104.cpenet.com.ar

[+] OS : Not Found
[+] Port : 137
[+] Last Updated : 22.11.2013

[Data Start]
NetBIOS Response
Servername: FACULTAD       
MAC: 00:1c:c0:9c:0a:ff

Names:
FACULTAD        <0x0>
SIX             <0x0>
FACULTAD        <0x20>
SIX             <0x1e>
SIX             <0x1d>
__MSBROWSE__ <0x1>

[Data End]

[+] Search Number : 7
[+] Country : Mexico
[+] IP : 132.248.18.23
[+] Hostnames: docencia.fca.unam.mx

[+] OS : Not Found
[+] Port : 143
[+] Last Updated : 22.11.2013

[Data Start]
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Bienvenido al servicio de correo DOCENCIA de la Facultad de Contaduria y administacion
[Data End]

[+] Search Number : 8
[+] Country : Argentina
[+] IP : 170.210.88.7
[+] Hostnames: firewall.unp.edu.ar

[+] OS : Not Found
[+] Port : 21
[+] Last Updated : 22.11.2013

[Data Start]
220 Bienvenido al FTP de la Facultad de Ingenieria.
530 Permission denied.
530 Please login with USER and PASS.
[Data End]

[+] Search Number : 9
[+] Country : Argentina
[+] IP : 170.210.240.9
[+] Hostnames: cacuy.fi.unju.edu.ar

[+] OS : Not Found
[+] Port : 25
[+] Last Updated : 20.11.2013

[Data Start]
220 cacuy.fi.unju.edu.ar Servidor de email Facultad de Ingenieria UNJu

[Data End]

[+] Press enter to show more