shekk

1. #!/usr/bin/python
2. # dpc-shodanscan.py v1.0
3. # network service search engine tools using shodan query
4. # usage: ./dpc-shodanscan.py -q <shodan_query> -f <log_file_name>
5. # ex.
6. # ./dpc-shodanscan.py -q squid -f log.txt
7. # ex shodan query:
8. # 1.How about finding only apache servers running version 2.2.3?
9. # ./dpc-shodanscan.py -q apache+2.2.3 -f log.txt
10. # 2.get all web (port:80) hosts running 'apache' in switzerland
11. # (country:CH) that also have '.ch' in any of their domain names:
12. # ./dpc-shodanscan.py -q apache+country:CH+port:80+hostname:.ch -f log.txt
13. #
14. # c0ded by: 5ynL0rd <5ynlord@depredac0de.net>
15. # special thx to: d3hydr8,xco, Dr_EIP, ch3cksum, gat3w4y, g4pt3k, shamus, pyfla, unixc0de
16. # for community: darkc0de, depredac0de, and antijasakom
17. #******************************************************************************************
18.  
19. from sgmllib import SGMLParser
20. import urllib, sys, re, os
21.  
22. class URL(SGMLParser):
23.     def reset(self):
24.         SGMLParser.reset(self)
25.         self.urls=[]
26.     def start_a(self,attrs):
27.         href = [v for k,v in attrs if k=="href"]
28.         if href:
29.             self.urls.extend(href)
30. def label():
31.     os.name == "posix":
32.         os.system("clear")
33.     else:
34.         os.system("cls")
35.     banner = '''
36. ____________________________________________________________________________
37. | network service search engine tools using shodan query                     |
38. | ex shodan query:                                                           |
39. | 1.How about finding only apache servers running version 2.2.3?             |
40. | ./dpc-shodascan.py -q apache+2.2.3 -f log.txt                              |
41. | 2.get all web (port:80) hosts running 'apache' in switzerland              |
42. | (country:CH) that also have '.ch' in any of their domain names:            |
43. | ./dpc-shodanscan.py -q apache+country:CH+port:80+hostname:.ch -f log.txt   |
44. |   ___________________                                                      |
45. | < dpc-shodanscan.py   >                                                    |
46. |   -------------------                                                      |
47. |            \  ,__,                                                        |
48. |             \ (oo)____                                                    |
49. |                (__)    )\                  5ynL0rd<at>depredac0de<dot>net |
50. |                   ||--|| *          depredac0de.net & antijasakom.org crew |
51. |____________________________________________________________________________|'''
52.     print banner
53.  
54. def crawl(page):
55.     try:
56.         sock = urllib.urlopen("http://shodan.surtri.com/?q=%s&page=%i"%(args1,page))
57.     except:
58.         print "[-] Connection problem"
59.     parser = URL()
60.     parser.feed(sock.read())
61.     return parser.urls
62.     sock.close()
63.     parser.close()
64.  
65. if __name__ == "__main__":
66.     page = 1
67.     if len(sys.argv) != 5:
68.         label()
69.         print "usage: ./%s -q <shodan_query> -f <logfile>"%sys.argv[0]
70.         sys.exit(0)
71.     else:
72.         if sys.argv[1].lower() == "-q":
73.                 args1 = sys.argv[2]
74.         if sys.argv[3].lower() == "-f":
75.                 args2 = sys.argv[4]
76.     label()
77.     log = open(args2,"a")
78.     print "[+] Searching query: %s"%args1
79.     log.write("[+] Searching query: %s"%args1)
80.     log.close()
81.     print "[+] please wait!..."
82.     while page:
83.         data = crawl(page)
84.         for i in data:
85.             log = open(args2,"a")
86.             if re.search("http://",i):
87.                 i = i.replace("http://","")                
88.                 print "%s"%i
89.                 log.write("%s\n"%i)
90.             log.close()
91.         if data[-3][-1:] == "/":
92.             print "Finished..."
93.             break
94.         page += 1
95.  
96.  
97.