shodan's Introduction

Shodan API for Golang

Yet another one Golang implementation of Shodan REST API client. This library is inspired by amazing Nikita Safonov's go-shodan library, but has different data models and query syntax.

Features

Library intended to be the most comprehensive and documented out there, letting you learn about all the API methods, search filters and gathered data types using method/model comments in this repo
Search syntax allows you to change query without string formatting:

package main

import (
	"context"
	"github.com/shadowscatcher/shodan"
	"github.com/shadowscatcher/shodan/search"
	"github.com/shadowscatcher/shodan/search/ssl_versions"
	"log"
	"net/http"
	"os"
)

func main() {
	nginxSearch := search.Params{
		Page:1,
		Query: search.Query{
			Product: "nginx",
			ASN:  "AS14618",
			SSLOpts: search.SSLOpts{
				Cert: search.CertOptions{
					Expired: true,
				},
				Version: ssl_versions.TLSv1_2,
			},
		},
	}

	client, _ := shodan.GetClient(os.Getenv("SHODAN_API_KEY"), http.DefaultClient, true)
	ctx := context.Background()
	result, err := client.Search(ctx, nginxSearch)
	if err != nil {
		log.Fatal(err)
	}

	for _, match := range result.Matches {
		// a lot of returned data can be used in another searches
		// it's easy because you will get response with almost all possible fields, just don't forget to check them
		if match.HTTP != nil && match.HTTP.Favicon != nil {
			//newQuery := search.Query{HTTP: search.HTTP{Favicon: search.Favicon{Hash: match.HTTP.Favicon.Hash}}}
		}
	}
	
	// later on you can change every part of search query or parameters:
	nginxSearch.Page++  // for example, increase page
	nginxSearch.Query.Port = 443 // or add new search term
	result, err = client.Search(ctx, nginxSearch)  // and reuse modified parameters object
	if err != nil {
		log.Fatal(err)
	}
}

Search results contain a lot of types that are ignored by most of the existing libraries, documented where possible:

for _, match := range result.Matches {
	if match.MongoDB != nil && !match.MongoDB.Authentication {
		fmt.Println("exposed mongodb:", match.IpAndPort())
		databases := match.MongoDB.ListDatabases.Databases

		fmt.Println("databases:", len(databases), "size:", match.MongoDB.ListDatabases.TotalSize)
		for _, db := range databases {
			for _, collectionName := range db.Collections {
				fmt.Println(collectionName)
			}
		}
	}
		
	if match.SSL != nil && match.SSL.Cert.Expired {
		fmt.Println("expired certificate:", match.IpAndPort())
	}
		
	if match.Elastic != nil {
		fmt.Println("exposed elastic:", match.IpAndPort())
		for indexName, index := range match.Elastic.Indices {
			fmt.Println(indexName, index.UUID)
		}
	}
}

The client can be configured to automatically make one second pause between requests (this interval required by Shodan's API terms of service).

shodan's People

Contributors

Stargazers

Watchers

shodan's Issues

Client Search Error

Hello, I use this package for several searches, not every time, but in some cases it returns an error.
cannot unmarshal object into Go struct field Minecraft.matches.minecraft.description of type string
It is possible that Shodan has modified its json structure.

Exploit model expects json.Number but the data is often strings or similar

I'm struggling to get successful results with the Exploit model. For example, it requires strict json.Number for the ID and []json.Number in other locations. The data coming back is often not a number (e.g. 2018-3721).

Perhaps the format can be loosened to accept an interface{}?

Here is an example of the output (SQL table result form from the work I'm doing). Notice how the ID is not a valid json.Number.

> select * from shodan_exploit where query = 'lodash'
+--------+--------------+--------+------+--------+-----+----------------------+
| query  | id           | source | code | author | bid | cve                  |
+--------+--------------+--------+------+--------+-----+----------------------+
| lodash | 2018-3721    | CVE    |      | <null> | []  | ["CVE-2018-3721"]    | 
| lodash | 2019-1010266 | CVE    |      | <null> | []  | ["CVE-2019-1010266"] |     
| lodash | 2019-19771   | CVE    |      | <null> | []  | ["CVE-2019-19771"]   |
| lodash | 2019-10744   | CVE    |      | <null> | []  | ["CVE-2019-10744"]   |
| lodash | 2018-16487   | CVE    |      | <null> | []  | ["CVE-2018-16487"]   |
+--------+--------------+--------+------+--------+-----+----------------------+

Wrong Route - Stream Alerts API

Looks like the stream client is using the incorrect route for streaming alerts.

https://github.com/shadowscatcher/shodan/blob/master/stream.go#L90
Is using /shodan/alerts
And according to their documentation at https://developer.shodan.io/api/stream
the route should be /shodan/alert (no 's')

Recommend Projects

shadowscatcher / shodan Goto Github PK

shodan's Introduction

Shodan API for Golang

Features

shodan's People

Contributors

Stargazers

Watchers

Forkers

shodan's Issues

Client Search Error

Exploit model expects json.Number but the data is often strings or similar

Wrong Route - Stream Alerts API

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent