API tools faq
paste
Advertisement
lollolbadr3

Untitled

lollolbadr3
Jun 25th, 2018
673
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.73 KB | None | 0 0
raw download clone embed print report
  1. <pre><?php
  2. // shodan.io [Search, Dump] all result's
  3. //
  4. // Just edit username and password and request from browser filename.php?key=keyword Ex. http://localhost/filename.php?key=freebpx
  5. //
  6.  
  7. set_time_limit(0);
  8.  
  9. ###################### enter your account info
  10. $username = "lollolbadr1"; // shodan username
  11. $password = "imxOvHTnyq6B"; // shodan password
  12. ######################
  13.  
  14. $keyword= $_GET['key'];
  15.  
  16.  
  17. function login()
  18. {
  19. $ch = curl_init();
  20. curl_setopt($ch, CURLOPT_URL, 'https://account.shodan.io/login');
  21. curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, 0);
  22. curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, 0);
  23. curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE );
  24. curl_setopt($ch, CURLOPT_FOLLOWLOCATION,true);
  25. curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded',
  26. 'Referer: https://account.shodan.io/login?continue=https%3A%2F%2Faccount.shodan.io%2F',
  27. 'User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:55.0) Gecko/20100101 Firefox/55.0'));
  28. curl_setopt($ch, CURLOPT_COOKIEJAR, getcwd().'/coks.txt');
  29. curl_setopt($ch, CURLOPT_COOKIEFILE, getcwd().'/coks.txt');
  30. curl_setopt($ch, CURLOPT_HEADER, FALSE );
  31. $rets = curl_exec($ch);
  32. if (!preg_match("/name='csrf_token' value='(.*?)' \/>/", $rets, $spoof))
  33. {
  34. if(!preg_match("/name='csrf_token' value='([a-zA-z0-9]{32})'/", $rets, $spoof))
  35. {
  36. preg_match("/name='csrf_token' value='([a-zA-z0-9]{32})'/", $rets, $spoof);
  37. }
  38. }
  39. $scrf = $spoof[1];
  40. curl_setopt($ch,CURLOPT_POST,true);
  41. curl_setopt($ch,CURLOPT_POSTFIELDS,'username='.$GLOBALS['username'].'&password='.$GLOBALS['password'].'&grant_type=password&continue=https://account.shodan.io/&csrf_token='.$scrf.'&login_submit=Log in');
  42. $rets = curl_exec($ch);
  43.  
  44. if(preg_match("/Logout/i", $rets))
  45. {
  46. return true;
  47. }
  48. }
  49.  
  50. function search($do)
  51. {
  52. $ch = curl_init();
  53. curl_setopt($ch, CURLOPT_URL, 'https://www.shodan.io/search?query='.$GLOBALS['keyword'].'&page='.$do);
  54. curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, 0);
  55. curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, 0);
  56. curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE );
  57. curl_setopt($ch, CURLOPT_FOLLOWLOCATION,true);
  58. curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded',
  59. 'Referer: https://account.shodan.io/login?continue=https%3A%2F%2Faccount.shodan.io%2F',
  60. 'User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:55.0) Gecko/20100101 Firefox/55.0'));
  61. curl_setopt($ch, CURLOPT_COOKIEJAR, getcwd().'/coks.txt');
  62. curl_setopt($ch, CURLOPT_COOKIEFILE, getcwd().'/coks.txt');
  63. curl_setopt($ch, CURLOPT_HEADER, FALSE );
  64.  
  65. curl_setopt($ch,CURLOPT_POST,true);
  66. curl_setopt($ch,CURLOPT_POSTFIELDS,'username='.$GLOBALS['username'].'&password='.$GLOBALS['password'].'&grant_type=password&continue=https%3A%2F%2Faccount.shodan.io%2F&login_submit=Log+in');
  67. $rets = curl_exec($ch);
  68. if(preg_match_all('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\:[0-9]{1,5}/', $rets, $match) or preg_match_all('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $rets, $match))
  69. {
  70. foreach($match as $key => $ips)
  71. {
  72. foreach($ips as $key => $ip)
  73. {
  74. file_put_contents($GLOBALS['keyword'].'.txt', trim($ip) ."\n", FILE_APPEND);
  75. }
  76. }
  77. }
  78. }
  79. function totalfound()
  80. {
  81. $ch = curl_init();
  82. curl_setopt($ch, CURLOPT_URL, 'https://www.shodan.io/search/_summary?query='.$GLOBALS['keyword']);
  83. curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, 0);
  84. curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, 0);
  85. curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE );
  86. curl_setopt($ch, CURLOPT_FOLLOWLOCATION,true);
  87. curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded',
  88. 'Referer: https://account.shodan.io/login?continue=https%3A%2F%2Faccount.shodan.io%2F',
  89. 'User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:55.0) Gecko/20100101 Firefox/55.0'));
  90. curl_setopt($ch, CURLOPT_COOKIEJAR, getcwd().'/coks.txt');
  91. curl_setopt($ch, CURLOPT_COOKIEFILE, getcwd().'/coks.txt');
  92. curl_setopt($ch, CURLOPT_HEADER, FALSE );
  93. $rets = curl_exec($ch);
  94. if (!preg_match('/class="bignumber">(.*?)<\/div>/', $rets, $spoof))
  95. {
  96. preg_match('/class="bignumber">([a-zA-z0-9]{32})<\/div>/', $rets, $spoof);
  97. }
  98. $total = $spoof[1];
  99. return(trim(str_replace(',','',$total)));
  100. }
  101.  
  102.  
  103. if(isset($GLOBALS['keyword']) && $GLOBALS['keyword'] !="")
  104. {
  105. echo "Total Results: ".totalfound() ."<br>";
  106. $pages = ceil(totalfound() / 10);
  107. echo "Total Pages: ".$pages."<br>";
  108. flush ();
  109. sleep(5);
  110. if(login()==true)
  111. {
  112. file_put_contents($GLOBALS['keyword'].'.txt',$GLOBALS['keyword']."\n", FILE_APPEND);
  113. for ($i = 0; $i <= $pages; $i++)
  114. {
  115. search($i);
  116. if($i =="200")
  117. {
  118. die("finished");
  119. }
  120. }
  121. echo " End ..";
  122. }else{
  123. die ("Login Error: check your login information lines 7&8");
  124. }
  125. }else{
  126. die ("file.php?key=apache");
  127. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!