fofa API调用 和shodan API调用

fofa与shodan接口

参考fofa和shodan的官方文档,利用API

import os
import configparser as cfg
from ttkbootstrap.dialogs import Messagebox

#fofa接口API存储函数
def fofa_write(email,API):
    config = cfg.ConfigParser()
    config.add_section('fofa')

    config['fofa']['email'] = email
    config['fofa']['key'] = API

    with open('./config/fofa.ini','w') as configFile:
        config.write(configFile)

def fofa_read():
    config = cfg.ConfigParser()
    config.read('./config/fofa.ini')
    email = config['fofa']['email']
    key = config['fofa']['key']
    ls = {'email':email, 'key':key}
    return ls

#shodan接口处理函数
def shodan_write(Key):
    config = cfg.ConfigParser()
    config.add_section('shodan')

    config['shodan']['KEY'] = Key

    with open('./config/shodan.ini','w') as configFile:
        config.write(configFile)

def shodan_read():
    config = cfg.ConfigParser()
    config.read('./config/shodan.ini')
    KEY = config['shodan']["KEY"]

    return KEY

上述代码利用configparser模块来制作配置文件,至于configparser模块的使用可以参考Blog中的configparser模块的使用

fofa搜索函数

def fofaSearch():
    global fofaBase64Search,fofa_ST,sizeFofaSearch
    param = fofa_read()
    # print(param)
    headers = {
        'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36'
    }
    url = 'https://fofa.info/api/v1/search/all'
    size = sizeFofaSearch.get()
    if size.isdigit():
        param['size'] = int(size)
    fofaBase64 = fofaBase64Search.get()
    param['qbase64'] = fofaBase64
    try:
        res = requests.get(headers=headers,
                           url=url,
                           params=param)
        if res.status_code == -1:
            funcFofaError = lambda:Messagebox.show_error(message="账号出错,请检查email和key的配置信息")
            funcFofaError()
            fofa_ST.insert(END,"账号出错,请检查email和key的配置信息")
        elif res.status_code == -4:
            funcFofaError = lambda:Messagebox.show_error(message="请求参数出错,请检查搜索语句。注意:请填写base64编码后的语句")
            funcFofaError()
            fofa_ST.insert(END,"请求参数出错,请检查搜索语句。注意:请填写base64编码后的语句")
        elif res.status_code == -5:
            funcFofaError = lambda: Messagebox.show_error(message="查询异常,请检查配置的email和key,请注意,非普通会员以上用户,如果F币不足,将无法查询")
            funcFofaError()
            fofa_ST.insert(END, "查询异常,请检查配置的email和key,请注意,非普通会员以上用户,如果F币不足,将无法查询")
        else:
            resT = json.loads((res.content).decode('utf-8'))
            length = len(resT['results'])
            fofa_ST.insert(END,"正在对搜索到的信息进行整合:\n")
            fileUrlPath = str(os.getcwd()) +'\\results\\fofa\\' +time_now + '_url.txt'
            fileAllPath = str(os.getcwd()) + '\\results\\fofa\\' + time_now + '_all.txt'
            with open(fileAllPath,'a+') as allF:
                for i in range(length):
                    all = 'url:' + resT['results'][i][0] + '\t' + \
                          'ip:' + resT['results'][i][1] + '\t' + \
                          'port:' + resT['results'][i][2]
                    allF.write(all+'\n')
            with open(fileUrlPath,'a+') as urlF:
                for j in range(length):
                    url = resT['results'][j][0]
                    if url[:7] == 'http://' or url[:8] == 'https://':
                        fofa_ST.insert(END,url+'\n')
                        urlF.write(url+'\n')
                    else:
                        newurl = 'http://'+ str(url)
                        fofa_ST.insert(END,newurl+'\n')
                        urlF.write(newurl+'\n')

            successSearch = lambda:Messagebox.ok(message='搜索完成,文件已保存在results目录下')
            successSearch()
            fofa_ST.insert(END,'搜索完成,文件已保存在results目录下\n'
                               '=====================================================\n')

    except Exception as error:
        FailedSearch = lambda:Messagebox.show_error(message="出错了!请检查base64编码前的语句是否正确,如有问题,请联系作者修改\n")
        FailedSearch()

shodan搜索函数

def shodanSearch():
    global shodanParamSearch,shodanSearchNum
    SHODAN_API_KEY = shodan_read()
    API = shodan.Shodan(SHODAN_API_KEY)
    shodan_ST.insert(END,"shodan搜索进行中,请勿关闭程序\n")
    try:
        paramSearch = shodanParamSearch.get()
        NumSearch = shodanSearchNum.get()
        fileUrlPath = str(os.getcwd()) + '\\results\\shodan\\' + time_now + '_url.txt'
        fileAllPath = str(os.getcwd()) + '\\results\\shodan\\' + time_now + '_all.txt'
        if NumSearch.isdigit():
            NumSearch = int(NumSearch)
            page_num = NumSearch / 100
            page_num += 1
            page_num = int(page_num)
        else:
            page_num = 2

        for p in range(1,page_num):
            results = API.search(paramSearch,page=p)
            for i in range(100):
                with open(fileUrlPath,'a+') as f:
                    ip_str = str(results['matches'][i]['ip_str'])
                    port = str(results['matches'][i]['port'])
                    if port is not None:
                        newUrl = 'http://' + ip_str + ':'+port +'\n'
                        f.write(newUrl)
                        shodan_ST.insert(END,newUrl)
                    else:
                        noPortUrl = 'http://' + ip_str +'\n'
                        f.write(noPortUrl)
                        shodan_ST.insert(END,noPortUrl)
        funcSuccess = lambda:Messagebox.ok(message='搜索完毕,文件保存在/results/shodan下')
        funcSuccess()
        shodan_ST.insert(END,"搜索完毕,文件保存在/results/shodan下\n"
                             "======================================================")

    except Exception as e:
        shodan_ST.insert(END,'搜索出错,请检查搜索语句和shodan配置,如果无误,请联系作者!')
        pass

以上是我编写成功后的调用函数。如果有其他问题,可以联系作者,或者在Github项目(https://github.com/Yu0ri/CubitTest)上留言

posted @ 2022-07-31 02:18  山归时有雾  阅读(1155)  评论(0编辑  收藏  举报