Addressed r7 comments, fixed bug in results loop

bug/bundler_fix
John Sawyer 2014-09-01 13:43:31 -04:00
parent 0a27a18104
commit 3281781f6a
1 changed files with 20 additions and 26 deletions

View File

@ -46,14 +46,14 @@ class Metasploit4 < Msf::Auxiliary
OptString.new('OUTFILE', [false, 'A filename to store the list of IPs']), OptString.new('OUTFILE', [false, 'A filename to store the list of IPs']),
OptBool.new('DATABASE', [false, 'Add search results to the database', false]), OptBool.new('DATABASE', [false, 'Add search results to the database', false]),
OptInt.new('MAXPAGE', [true, 'Max amount of pages to collect', 1]), OptInt.new('MAXPAGE', [true, 'Max amount of pages to collect', 1]),
OptString.new('FILTER', [false, 'Search for a specific IP/City/Country/Hostname']) OptRegexp.new('REGEX', [true, 'Regex search for a specific IP/City/Country/Hostname', '.*'])
], self.class) ], self.class)
end end
# create our Shodan query function that performs the actual web request # create our Shodan query function that performs the actual web request
def shodan_query(query, apikey, page) def shodan_query(query, apikey, page)
# send our query to Shodan # send our query to Shodan
uri = URI.parse('https://api.shodan.io/shodan/host/search?query=' + uri = URI.parse('https://api.shodan.io/shodan/host/search?query=' +
Rex::Text.uri_encode(query) + '&key=' + apikey + '&page=' + page.to_s) Rex::Text.uri_encode(query) + '&key=' + apikey + '&page=' + page.to_s)
http = Net::HTTP.new(uri.host, uri.port) http = Net::HTTP.new(uri.host, uri.port)
@ -106,7 +106,6 @@ class Metasploit4 < Msf::Auxiliary
if results[page]['total'] == 0 if results[page]['total'] == 0
print_error('No Results Found!') print_error('No Results Found!')
return
end end
# Determine page count based on total results # Determine page count based on total results
@ -118,14 +117,14 @@ class Metasploit4 < Msf::Auxiliary
end end
# start printing out our query statistics # start printing out our query statistics
print_status("Total: #{results[page]['total']} on #{tpages} "\ print_status("Total: #{results[page]['total']} on #{tpages} " +
"pages. Showing: #{maxpage} page(s)") "pages. Showing: #{maxpage} page(s)")
# If search results greater than 100, loop & get all results # If search results greater than 100, loop & get all results
print_status('Collecting data, please wait...') print_status('Collecting data, please wait...')
if results[page]['total'] > 100 if results[page]['total'] > 100
page += 1 page += 1
while page <= tpages while page <= maxpage
break if page > datastore['MAXPAGE'] break if page > datastore['MAXPAGE']
results[page] = shodan_query(query, apikey, page) results[page] = shodan_query(query, apikey, page)
page += 1 page += 1
@ -140,17 +139,11 @@ class Metasploit4 < Msf::Auxiliary
) )
# Organize results and put them into the table and database # Organize results and put them into the table and database
page = 1 p = 1
#my_filter = Regexp.new(datastore['FILTER'], true) if datastore['FILTER'] regex = datastore['REGEX'] if datastore['REGEX']
my_filter = datastore['FILTER'] while p <= maxpage
print_status("page: #{page}") break if p > maxpage
print_status("tpages: #{tpages}") results[p]['matches'].each do |host|
pages = page..tpages
pages.each do |i|
next if results[i].nil? or results[i]['matches'].nil?
print_status("i is: #{i}")
results[i]['matches'].each do |host|
city = host['location']['city'] || 'N/A' city = host['location']['city'] || 'N/A'
ip = host['ip_str'] || 'N/A' ip = host['ip_str'] || 'N/A'
port = host['port'] || '' port = host['port'] || ''
@ -158,32 +151,33 @@ class Metasploit4 < Msf::Auxiliary
hostname = host['hostnames'][0] hostname = host['hostnames'][0]
data = host['data'] data = host['data']
report_host(:host => ip, report_host(:host => ip,
:name => hostname, :name => hostname,
:comments => 'Added from Shodan', :comments => 'Added from Shodan',
:info => host['info'] :info => host['info']
) if datastore['DATABASE'] ) if datastore['DATABASE']
report_service(:host => ip, report_service(:host => ip,
:port => port, :port => port,
:info => 'Added from Shodan' :info => 'Added from Shodan'
) if datastore['DATABASE'] ) if datastore['DATABASE']
if ip =~ /#{my_filter}/ or if ip =~ regex ||
city =~ /#{my_filter}/i or city =~ regex ||
country =~ /#{my_filter}/i or country =~ regex ||
hostname =~ /#{my_filter}/i or hostname =~ regex ||
data =~ /#{my_filter}/i data =~ regex
# Unfortunately we cannot display the banner properly, # Unfortunately we cannot display the banner properly,
# because it messes with our output format # because it messes with our output format
tbl << ["#{ip}:#{port}", city, country, hostname] tbl << ["#{ip}:#{port}", city, country, hostname]
end end
end end
p += 1
end end
# Show data and maybe save it if needed # Show data and maybe save it if needed
print_line print_line
print_line("#{tbl}") print_line("#{tbl}")
save_output(tbl) if not datastore['OUTFILE'].nil? save_output(tbl) if datastore['OUTFILE']
end end
end end