利用 shodan api 快速获取ip相关信息

作者: admin 分类: 未分类 发布时间: 2016-04-29 15:25
<?php
date_default_timezone_set('PRC');
chk_system_info();
clear(0);
echo PHP_EOL;
$shodan = new WebAPI("XHHn3L6OC3viAWZQFF1Xas4U5NeUjH8T");
$argv = $_SERVER['argv'];
$argc = $_SERVER['argc'];
if ($argc == 2) {
    $ip = trim($argv[1]);
    $p = array(
        '/(http|https|ftp):\/\//i',
        '/\//i'
    );
    $url = preg_replace($p, "", $ip);
    $ip = gethostbyname($url);
    $ip = chk_ip($ip);
    echo PHP_EOL . '[*] Target ' . trim($argv[1] . PHP_EOL);
    echo PHP_EOL . '[*] GET  ' . $shodan->get_url($ip) . '     ...' . PHP_EOL;
    $results = $shodan->host($ip);
     //print_r($results);
     if(isset($results['error'])){
        echo <<<EOD
    
-------------------------------------------------------------   
[-] Error info: 
    [!] {$results['error']}
-------------------------------------------------------------
getinfo v1.0   codeby:lostwolf@t00ls.net 2014   
        
EOD;
        exit();
     }

    if (!$results) {
        error(3);
    }
    $info = new Webinfo($results);
    $base_info = $info->base_info();
    $defail_info = $info->defail_info();
    clear(1);
    echo $base_info;
    echo $defail_info;
    $title = str_repeat(PHP_EOL, 3) .' Time: ' . date('Y-m-d H:i:s') .str_repeat(' ',7).'Target:'.trim($argv[1]).PHP_EOL.str_repeat("-", 100) .str_repeat(PHP_EOL, 2);
    file_put_contents('results.txt', $title . $base_info . $defail_info, FILE_APPEND);
    clear(5);
    echo str_repeat(PHP_EOL, 10) . "[+] ok! results saveed to results.txt!\r\n";
    echo str_repeat(PHP_EOL, 2) . '[*] infomation:  Browse->  ' . $shodan->get_url($ip) . PHP_EOL . PHP_EOL . str_repeat(" ", 50) . 'END...' . str_repeat(PHP_EOL, 32);
} else {
    error(5);
}

function clear($time=1){  //清除屏幕
sleep($time);
if(stristr(PHP_OS,'WIN')){
if(stristr(php_uname(),'6.')){ //win vista 以上(win vista,win7 ,win 2008,win 8..)
exec("powershell -NonInteractive -NoProfile -NoLogo -OutputFormat Text -Command Clear-Host");
}else{
exec('command /c cls && chcp 936');//win xp ,win 2k3
        }
}else{
print("\033[2J\033[;H\r\n");
	}
}


function chk_ip($ip) {
    if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE) && substr($ip, 0, 4) != '127.' && substr($ip, 0, 4) != '255.') {
        return $ip;
    } else {
        error(4);
    }
}
function chk_system_info() {
    if (PHP_SAPI !== 'cli') {
        error(1);
    }
    if (!function_exists('curl_init')) {
        error(2);
    }
    /*
    if (!stristr(PHP_OS, 'WIN')) {
        error(6);
    }
    */
}
function error($opt) {
    Global $argv;
    if ($opt == '1') {
        exit('[-] Please run the commandlie!' . PHP_EOL);
    }
    if ($opt == '2') {
        echo <<<EOD
	
-------------------------------------------------------------	
[-] Error info: 
    cURL is not installed! !
[!] run:$ apt-get install php5-curl 
    remove ';' from extension=php_curl.dll | php_curl.so in php.ini
-------------------------------------------------------------
getinfo v1.0   codeby:lostwolf@t00ls.net 2014 	
		
EOD;
        exit;
    }
    if ($opt == '3') {
        echo <<<EOD
	
-------------------------------------------------------------	
[-] Error info: 
    [!] access Deny or TimeOut!
-------------------------------------------------------------
getinfo v1.0   codeby:lostwolf@t00ls.net 2014 	
		
EOD;
        exit;
    }
    if ($opt == '4') {
        echo <<<EOD
	
-------------------------------------------------------------	
[-] Invalid IP  or url !
    Exampla: {$argv[0]}  180.76.3.151
    Exampla: {$argv[0]}  www.baidu.com
-------------------------------------------------------------
getinfo v1.0   codeby:lostwolf@t00ls.net 2014 	
		
EOD;
        exit;
    }
    if ($opt == '5') {
        usage();
    }
    if ($opt == '6') {
        echo <<<EOD
	
-------------------------------------------------------------	
[-] Error info: 
    [!] Please run the windows!
-------------------------------------------------------------
getinfo v1.0   codeby:lostwolf@t00ls.net 2014 	
		
EOD;
        exit;
    }
}
function usage() {
    Global $argv;
    echo <<<EOD
                                               
-------------------------------------------------------------										 		
Usage:	{$argv[0]}  [ip]     			  	 	  	 
Exampla: {$argv[0]}  180.76.3.151  
Exampla: {$argv[0]}  www.t00ls.net  	
Exampla: {$argv[0]}  https://www.t00ls.net 	
-------------------------------------------------------------	
getinfo v1.0   codeby:lostwolf@t00ls.net 2014 	 

 	 
EOD;
    exit;
}
class Webinfo {
    private $results;
    function __construct($results) {
        $this->results = $results;
    }
    function base_info() {
        $datas = $this->results;
        if (array_key_exists('ports', $datas) && !empty($datas['ports'])) {
            $p = '';
            foreach ($datas['ports'] as $key => $v) {
                $p.= $v . ',';
            }
            $ports = rtrim($p, ",");
            $ports = 'ports: ' . $ports . PHP_EOL;
        }
        if (array_key_exists('os', $datas) && !empty($datas['os'])) {
            $os = 'os: ' . @$datas['os'] . PHP_EOL;
        } else {
            $os = null;
        }
        if (array_key_exists('ip_str', $datas) && !empty($datas['ip_str'])) {
            $ip = 'ip: ' . $datas['ip_str'] . PHP_EOL;
        } else {
            $ip = null;
        }
        if (array_key_exists('isp', $datas) && !empty($datas['isp']) && !stristr('Unified Layer', $datas['isp'])) {
            $isp = 'isp: ' . $datas['isp'] . PHP_EOL;
        } else {
            $isp = null;
        }
        if (array_key_exists('org', $datas) && !empty($datas['org']) && !stristr('Unified Layer', $datas['org'])) {
            $org = 'isp: ' . $datas['org'] . PHP_EOL;
        } else {
            $org = null;
        }
        if (substr($isp, 5) === substr($org, 5)) {
            $new_org = $org;
        } else {
            $new_org = $isp;
        }
        if (array_key_exists('country_name', $datas) && !empty($datas['country_name']) && array_key_exists('city', $datas) && !empty($datas['city'])) {
            $address = 'address: ' . $datas['country_name'] . ' ' . $datas['city'] . PHP_EOL;
        } else {
            $address = '';
        }
        if (array_key_exists('domains', $datas) && !empty($datas['domains'])) {
            $domains = 'domains: ' . $datas['domains'][0] . PHP_EOL;
        } else {
            $domains = null;
        }
        if (array_key_exists('hostnames', $datas) && !empty($datas['hostnames'])) {
            $hostnames = 'hostnames: ' . $datas['hostnames'][0] . PHP_EOL;
        } else {
            $hostnames = null;
        }
        $base_info = PHP_EOL . '--------------------------Simple information' . '-----------------------' . PHP_EOL . PHP_EOL;
        $base_info.= $ip . $ports . $os . $hostnames . $domains . $new_org . $address . PHP_EOL . PHP_EOL . PHP_EOL;
        return $base_info;
    }
    function defail_info() {
        $datas = $this->results;
        $datas = $datas['data'];
        $detail_infomation = '--------------------------Detailed information-----------------------' . PHP_EOL;
        foreach ($datas as $key => $v) {
            if (array_key_exists('product', $datas[$key]) && !empty($datas[$key]['product'])) {
                $infos['product'][$key] = 'services: ' . $datas[$key]['product'] . PHP_EOL;
                if (array_key_exists('version', $datas[$key]) && !empty($datas[$key]['version'])) {
                    $infos['product'][$key] = 'services: ' . $datas[$key]['product'] . ' ' . $datas[$key]['version'] . PHP_EOL;
                }
            }
            if (array_key_exists('port', $datas[$key]) && !empty($datas[$key]['port'])) {
                $infos['port'][$key] = 'port: ' . $datas[$key]['port'] . PHP_EOL;
            }
            if (array_key_exists('title', $datas[$key]) && !empty($datas[$key]['title'])) {
                $infos['title'][$key] = 'title: ' . @iconv('UTF-8', 'ISO-8859-1//IGNORE', $datas[$key]['title']) . PHP_EOL;
            } else {
                $infos['title'][$key] = NULL;
            }
            if (array_key_exists('data', $datas[$key]) && !empty($datas[$key]['data'])) {
                $infos['data'][$key] = 'baner: ' . PHP_EOL . $datas[$key]['data'] . PHP_EOL;
            }
            // print_r($datas[$key]['opts']['vulns']);
            if (array_key_exists('opts', $datas[$key]) && !empty($datas[$key]['opts'])) {
                if (array_key_exists('vulns', $datas[$key]['opts']) && !empty($datas[$key]['opts']['vulns'])) {
                    if (is_array($datas[$key]['opts']['vulns'])) {
                        $infos['vulns'][$key] = 'vulns: ' . implode(PHP_EOL . "       ", array_unique(@$datas[$key]['opts']['vulns'])) . PHP_EOL;
                    } else {
                        $infos['vulns'][$key] = 'vulns: ' . @$datas[$key]['opt']['vulns'] . PHP_EOL;
                    }
                }
            }
            if (array_key_exists('opts', $datas[$key]) && !empty($datas[$key]['opts'])) {
                if (array_key_exists('robots', $datas[$key]['opts']) && !empty($datas[$key]['opts']['robots'])) {
                    $infos['robots'][$key] = 'robots: ' . PHP_EOL . $datas[$key]['opts']['robots'] . PHP_EOL;
                }
            }
            $detail_infomation.= @$infos['product'][$key] . @$infos['port'][$key] . @$infos['title'][$key] . @$infos['data'][$key] . @$infos['vulns'][$key] . @$infos['robots'][$key] . "-----------------------------------------------------" . PHP_EOL;
        }
        return $detail_infomation;
    }
}
class WebAPI {
    private $key;
    private $base;
    function __construct($api_key) {
        $this->key = $api_key;
        $this->base = "https://api.shodan.io/";
    }
    function _request($function, $params) {
        $params = $params . '?key=' . $this->key;
        $url = $this->base . "$function" . $params;
       // echo $url;
        //echo $url;
        $req = curl_init($url);
        curl_setopt($req, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($req, CURLOPT_SSL_VERIFYHOST, 0); //不检查SSL证书服务器 公用名
        curl_setopt($req, CURLOPT_SSL_VERIFYPEER, 0); //禁用后cURL将终止从服务端进行验证。
        $ret = curl_exec($req);
        curl_close($req);
        return json_decode($ret, true);
    }
    function host($ip) {
        return $this->_request("shodan/host/", $ip);
    }
    function get_url($ip) {
        return 'https://www.shodan.io/host/' . $ip;
        //Browse URL;
        
    }
}
?>
标签云