Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def module_run(self, netblocks):
api_id = self.get_key('censysio_id')
api_secret = self.get_key('censysio_secret')
c = CensysIPv4(api_id, api_secret)
IPV4_FIELDS = [ 'ip', 'protocols', 'location.country',
'location.latitude', 'location.longitude']
for netblock in netblocks:
if ":" in netblock:
# skip IPv6
continue
self.heading(netblock, level=0)
try:
payload = c.search('ip:{0}'.format(netblock), IPV4_FIELDS)
except CensysException:
continue
for result in payload:
self.insert_hosts(ip_address=result['ip'],
country=result.get('location.country', ''),
latitude=result.get('location.latitude', ''),
longitude=result.get('location.longitude', ''))
for protocol in result['protocols']:
port, service = protocol.split('/')
self.insert_ports(ip_address=result['ip'], port=port, protocol=service)
elif selection == 8:
query = 'WWW-Authenticate: Basic realm="Embedded-Device"'
elif selection == 9:
query = input('[-]Enter your custom query: ')
print(query)
for record in censys.ipv4.CensysIPv4(api_id=uid, api_secret=secret).search(query):
ip = record['ip']
port = record['protocols']
port_raw = port[0]
port = re.findall(r'\d+', port_raw)
with open(path + '/Host/host.txt', "a") as cen:
cen.write(ip + ":" + str(port[0]))
cen.write("\n")
except KeyboardInterrupt:
print("[*]Exiting...")
except CensysException:
pass
except UnboundLocalError:
print("[No query passed]")
self.message = message
self.headers = headers or {}
self.body = body
self.const = const
def __repr__(self):
return "%i (%s): %s" % (self.status_code, self.const, self.message or self.body)
__str__ = __repr__
class CensysRateLimitExceededException(CensysException):
pass
class CensysNotFoundException(CensysException):
pass
class CensysUnauthorizedException(CensysException):
pass
class CensysJSONDecodeException(CensysException):
pass
class CensysAPIBase(object):
DEFAULT_URL = "https://www.censys.io/api/v1"
DEFAULT_TIMEOUT = 30
def module_run(self, companies):
api_id = self.get_key('censysio_id')
api_secret = self.get_key('censysio_secret')
c = CensysCertificates(api_id, api_secret)
SEARCH_FIELDS = [ 'parsed.subject.organization', 'parsed.subject.organizational_unit', ]
CERT_FIELDS = ['parsed.names', ]
for company in companies:
self.heading(company, level=0)
try:
query = ' OR '.join([ '{0}:"{1}"'.format(x, company) for x in SEARCH_FIELDS ])
payload = c.search(query, CERT_FIELDS)
except CensysException:
continue
for result in payload:
for name in result.get('parsed.names', []):
if name.startswith('*.'):
self.insert_domains(name.replace('*.', ''))
api_id = self.get_key('censysio_id')
api_secret = self.get_key('censysio_secret')
query = self.options['censys_query']
c = CensysIPv4(api_id, api_secret)
IPV4_FIELDS = [ 'ip',
'protocols',
'location.country',
'location.latitude',
'location.longitude',
'443.https.tls.certificate.parsed.names',
'25.smtp.starttls.tls.certificate.parsed.names',
'110.pop3.starttls.tls.certificate.parsed.names',
]
try:
payload = list(c.search(query, fields=IPV4_FIELDS))
except CensysException as e:
self.error('Error seen: {0}'.format(e))
return
if len(payload) < 1:
self.alert("No results")
return
for result in payload:
names = set()
for k,v in result.items():
if k.endswith('.parsed.names'):
for name in v:
names.add(name)
if len(names) < 1:
# make sure we have at least a blank name
names.add('')
for name in names:
if name.startswith('*.'):
SEARCH_FIELDS = [ '443.https.tls.certificate.parsed.subject.organization',
'25.smtp.starttls.tls.certificate.parsed.subject.organization',
'465.smtp.tls.tls.certificate.parsed.subject.organization',
'587.smtp.starttls.tls.certificate.parsed.subject.organization',
'1521.oracle.banner.tls.certificate.parsed.subject.organization',
'3306.mysql.banner.tls.certificate.parsed.subject.organizationn',
'3389.rdp.banner.tls.certificate.parsed.subject.organization',
'5432.postgres.banner.tls.certificate.parsed.subject.organization',
'8883.mqtt.banner.tls.certificate.parsed.subject.organization',
]
for company in companies:
self.heading(company, level=0)
try:
query = ' OR '.join([ '{0}:"{1}"'.format(x, company) for x in SEARCH_FIELDS ])
payload = c.search(query, IPV4_FIELDS)
except CensysException as e:
self.error('Exception: {0}'.format(e))
continue
for result in payload:
for k,v in result.items():
if k.endswith('.issuer.email_address'):
for e in v:
self.insert_contacts(email=e)
'1521.oracle.banner.tls.certificate.parsed.subject.organization_unit',
'3306.mysql.banner.tls.certificate.parsed.subject.organizationn_unit',
'3389.rdp.banner.tls.certificate.parsed.subject.organization_unit',
'5432.postgres.banner.tls.certificate.parsed.subject.organization_unit',
'8883.mqtt.banner.tls.certificate.parsed.subject.organization_unit']
CERT_FIELDS = ['parsed.names', ]
CERT_SEARCH_FIELDS = ['parsed.subject.organization',
'parsed.subject.organizational_unit', ]
for company in companies:
self.heading(company, level=0)
# IPv4 query
try:
query = ' OR '.join([ '{0}:"{1}"'.format(x, company) for x in SEARCH_FIELDS ])
payload = c.search(query, IPV4_FIELDS)
except CensysException:
continue
for result in payload:
names = set()
for k,v in result.items():
if k.endswith('.parsed.names'):
for name in v:
names.add(name)
if len(names) < 1:
# make sure we have at least a blank name
names.add('')
for name in names:
if name.startswith('*.'):
self.insert_domains(name.replace('*.', ''))
continue
self.insert_hosts(host=name,
ip_address=result['ip'],
__str__ = __repr__
class CensysRateLimitExceededException(CensysException):
pass
class CensysNotFoundException(CensysException):
pass
class CensysUnauthorizedException(CensysException):
pass
class CensysJSONDecodeException(CensysException):
pass
class CensysAPIBase(object):
DEFAULT_URL = "https://www.censys.io/api/v1"
DEFAULT_TIMEOUT = 30
EXCEPTIONS = {
403: CensysUnauthorizedException,
404: CensysNotFoundException,
429: CensysRateLimitExceededException
}
def __init__(self, api_id=None, api_secret=None, url=None, timeout=None):
self.api_id = api_id or os.environ.get("CENSYS_API_ID", None)
def testEmptySearch(self):
with self.assertRaises(CensysException):
self._api._post("search/ipv4", data={"query1": "query"})
class CensysException(Exception):
def __init__(self, status_code, message, headers=None, body=None, const=None):
self.status_code = status_code
self.message = message
self.headers = headers or {}
self.body = body
self.const = const
def __repr__(self):
return "%i (%s): %s" % (self.status_code, self.const, self.message or self.body)
__str__ = __repr__
class CensysRateLimitExceededException(CensysException):
pass
class CensysNotFoundException(CensysException):
pass
class CensysUnauthorizedException(CensysException):
pass
class CensysJSONDecodeException(CensysException):
pass
class CensysAPIBase(object):