shodan

package
v1.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 24, 2017 License: MIT Imports: 13 Imported by: 2

Documentation

Overview

The Exploits API provides access to several exploit/ vulnerability data sources. At the moment, it searches across the following:

Index

Constants

View Source 
const (
	ExploitSourceCVE        ExploitSource = "CVE"
	ExploitSourceMetasploit ExploitSource = "Metasploit"
	ExploitSourceExploitDB  ExploitSource = "ExploitDB"

	ExploitTypeDOS       ExploitType = "dos"
	ExploitTypeExploit   ExploitType = "exploit"
	ExploitTypeLocal     ExploitType = "local"
	ExploitTypeRemote    ExploitType = "remote"
	ExploitTypeShellcode ExploitType = "shellcode"
	ExploitTypeWebapps   ExploitType = "webapps"

	ExploitPlatformAix      ExploitPlatform = "aix"
	ExploitPlatformCGI      ExploitPlatform = "cgi"
	ExploitPlatformFreeBSD  ExploitPlatform = "freebsd"
	ExploitPlatformHardware ExploitPlatform = "hardware"
	ExploitPlatformJava     ExploitPlatform = "Java"
	ExploitPlatformJSP      ExploitPlatform = "jsp"
	ExploitPlatformLin86    ExploitPlatform = "lin_x86"
	ExploitPlatformLinux    ExploitPlatform = "Linux"
	ExploitPlatformMultiple ExploitPlatform = "multiple"
	ExploitPlatformNovell   ExploitPlatform = "novell"
	ExploitPlatformOSX      ExploitPlatform = "osx"
	ExploitPlatformPHP      ExploitPlatform = "PHP"
	ExploitPlatformTrue64   ExploitPlatform = "true64"
	ExploitPlatformUnix     ExploitPlatform = "Unix"
	ExploitPlatformWindows  ExploitPlatform = "Windows"
)

Variables

View Source 
var (
	ErrInvalidQuery = errors.New("Query is invalid")
	ErrBodyRead     = errors.New("Could not read error response")
)

Functions

This section is empty.

Types

type APIInfo 

type APIInfo struct {
	QueryCredits int    `json:"query_credits"`
	ScanCredits  int    `json:"scan_credits"`
	Telnet       bool   `json:"telnet"`
	Plan         string `json:"plan"`
	HTTPS        bool   `json:"https"`
	Unlocked     bool   `json:"unlocked"`
	UnlockedLeft int    `json:"unlocked_left"`
}

type Alert added in v1.0.2 

type Alert struct {
	ID         string        `json:"id"`
	Name       string        `json:"name"`
	Created    string        `json:"created"`
	Expiration string        `json:"expiration"`
	Expires    int           `json:"expires"`
	Expired    bool          `json:"expired"`
	Size       int           `json:"size"`
	Filters    *AlertFilters `json:"filters"`
}

type AlertFilters added in v1.0.2 

type AlertFilters struct {
	IP []string `json:"ip"`
}

type Client 

type Client struct {
	Token          string
	BaseURL        string
	ExploitBaseURL string
	StreamBaseURL  string
	StreamChan     chan HostData

	Client *http.Client
}

func NewClient 

func NewClient(client *http.Client, token string) *Client

func (*Client) BreakQueryIntoTokens 

func (c *Client) BreakQueryIntoTokens(query string) (*HostQueryTokens, error)

This method lets you determine which filters are being used by the query string and what parameters were provided to the filters.

func (*Client) CalcHoneyScore 

func (c *Client) CalcHoneyScore(ip string) (float64, error)

CalcHoneyScore calculates a honeypot probability score ranging from 0 (not a honeypot) to 1.0 (is a honeypot)

func (*Client) CountExploits 

func (c *Client) CountExploits(options *ExploitSearchOptions) (*ExploitSearch, error)

This method behaves identical to the "/search" method with the difference that it doesn't return any results

func (*Client) CreateAlert added in v1.0.2 

func (c *Client) CreateAlert(name string, ip []string, expires int) (*Alert, error)

Use this method to create a network alert for a defined IP/ netblock which can be used to subscribe to changes/ events that are discovered within that range.

func (*Client) DeleteAlert added in v1.0.2 

func (c *Client) DeleteAlert(id string) (bool, error)

DeleteAlert removes the specified network alert.

func (*Client) GetAPIInfo 

func (c *Client) GetAPIInfo() (*APIInfo, error)

GetAPIInfo returns information about the API plan belonging to the given API key

func (*Client) GetAccountProfile 

func (c *Client) GetAccountProfile() (*Profile, error)

GetAccountProfile returns information about the Shodan account linked to the API key

func (*Client) GetAlert added in v1.0.2 

func (c *Client) GetAlert(id string) (*Alert, error)

GetAlert returns the information about a specific network alert.

func (*Client) GetAlerts added in v1.0.2 

func (c *Client) GetAlerts() ([]*Alert, error)

GetAlerts returns a listing of all the network alerts that are currently active on the account.

func (*Client) GetBanners 

func (c *Client) GetBanners() error

GetBanners provides ALL of the data that Shodan collects. Use this stream if you need access to everything and / or want to store your own Shodan database locally. If you only care about specific ports, please use the Ports stream.

func (*Client) GetBannersByPorts 

func (c *Client) GetBannersByPorts(ports []int) error

GetBannersByPorts returns only banner data for the list of specified hosts. This stream provides a filtered, bandwidth-saving view of the Banners stream in case you are only interested in a specific list of ports.

func (*Client) GetDNSResolve 

func (c *Client) GetDNSResolve(hostnames []string) (map[string]*string, error)

GetDNSResolve looks up the IP address for the provided list of hostnames

func (*Client) GetDNSReverse 

func (c *Client) GetDNSReverse(ip []string) (map[string]*[]string, error)

GetDNSReverse looks up the hostnames that have been defined for the given list of IP addresses

func (*Client) GetHostsCountForQuery 

func (c *Client) GetHostsCountForQuery(options *HostQueryOptions) (*HostMatch, error)

GetServicesCountForHost behaves identical to "/shodan/host/search" with the only difference that this method does not return any host results, it only returns the total number of results that matched the query and any facet information that was requested. As a result this method does not consume query credits

func (*Client) GetHostsForQuery 

func (c *Client) GetHostsForQuery(options *HostQueryOptions) (*HostMatch, error)

GetHostsForQuery searches Shodan using the same query syntax as the website and use facets to get summary information for different properties. This method may use API query credits depending on usage. If any of the following criteria are met, your account will be deducated 1 query credit: 1. The search query contains a filter 2. Accessing results past the 1st page using the "page". For every 100 results past the 1st page 1 query credit is deducted

func (*Client) GetHttpHeaders 

func (c *Client) GetHttpHeaders() (map[string]string, error)

GetHttpHeaders shows the HTTP headers that your client sends when connecting to a webserver.

func (*Client) GetMyIP 

func (c *Client) GetMyIP() (string, error)

GetMyIP returns your current IP address as seen from the Internet API key for this method is unnecessary

func (*Client) GetPorts 

func (c *Client) GetPorts() ([]int, error)

GetPorts returns a list of port numbers that the crawlers are looking for

func (*Client) GetProtocols 

func (c *Client) GetProtocols() (map[string]string, error)

GetProtocols returns an object containing all the protocols that can be used when launching an Internet scan

func (*Client) GetQueries 

func (c *Client) GetQueries(options *QueryOptions) (*QuerySearch, error)

GetQueries obtains a list of search queries that users have saved in Shodan

func (*Client) GetQueryTags 

func (c *Client) GetQueryTags(options *QueryTagsOptions) (*QueryTags, error)

GetQueryTags obtains a list of popular tags for the saved search queries in Shodan

func (*Client) GetServices 

func (c *Client) GetServices() (map[string]string, error)

GetServices returns an object containing all the services that the Shodan crawlers look at It can also be used as a quick and practical way to resolve a port number to the name of a service

func (*Client) GetServicesForHost 

func (c *Client) GetServicesForHost(ip string, options *HostServicesOptions) (*Host, error)

GetServicesForHost returns all services that have been found on the given host IP

func (*Client) Scan 

func (c *Client) Scan(ip []string) (*CrawlScanStatus, error)

Scan requests Shodan to crawl a network. This method uses API scan credits: 1 IP consumes 1 scan credit. You must have a paid API plan (either one-time payment or subscription) in order to use this method.

func (*Client) ScanInternet 

func (c *Client) ScanInternet(port int, protocol string) (string, error)

ScanInternet requests Shodan to crawl the Internet for a specific port. This method is restricted to security researchers and companies with a Shodan Data license. To apply for access to this method as a researcher, please email jmath@shodan.io with information about your project. Access is restricted to prevent abuse.

func (*Client) SearchExploits 

func (c *Client) SearchExploits(options *ExploitSearchOptions) (*ExploitSearch, error)

Search across a variety of data sources for exploits and use facets to get summary information

func (*Client) SearchQueries 

func (c *Client) SearchQueries(options *SearchQueryOptions) (*QuerySearch, error)

SearchQueries searches the directory of search queries that users have saved in Shodan

type CrawlScanStatus 

type CrawlScanStatus struct {
	ID          string `json:"id"`
	Count       int    `json:"count"`
	CreditsLeft int    `json:"credits_left"`
}

type Exploit 

type Exploit struct {
	// Unique ID for the exploit/ vulnerability (integer or string)
	ID interface{} `json:"_id"`

	// An array of Bugtraq IDs that reference this vulnerability
	BID []int `json:"bid"`

	// An array of relevant CVE IDs that reference this exploit
	CVE []string `json:"cve"`

	// An array of Microsoft Security Bulletin reference IDs for this exploit
	MSB []string `json:"msb"`

	// An array (integer or string) of OSVDB IDs that are relevant to this exploit
	OSVDB []interface{} `json:"osvdb"`

	// A description explaining the details of the exploit
	Description string `json:"description"`

	// The name of the data source
	Source ExploitSource `json:"source"`

	// The author of the exploit/vulnerability
	Author interface{} `json:"author"`

	// The actual code for the exploit
	Code string `json:"code"`

	// The timestamp for when the exploit was released in the UTC timezone. Example: "2014-01-15T05:49:56.283713"
	Date string `json:"date"`

	// An array of platforms or a single platform that the exploit targets
	Platform interface{} `json:"platform"`

	// The port number for the affected service
	Port int `json:"port"`

	// The type of exploit
	Type ExploitType `json:"type"`

	// Is Privileged?
	Privileged bool `json:"privileged"`

	// Rank, i.e. "excellent"
	Rank string `json:"rank"`

	// Version
	Version string `json:"version"`
}

type ExploitPlatform 

type ExploitPlatform string

Platform type

type ExploitSearch 

type ExploitSearch struct {
	Matches []*Exploit          `json:"matches"`
	Facets  map[string][]*Facet `json:"facets"`
	Total   int                 `json:"total"`
}

type ExploitSearchOptions 

type ExploitSearchOptions struct {
	// Search query used to search the database of known exploits
	Query string `url:"query"`

	// A comma-separated list of properties to get summary information on
	Facets string `url:"facets,omitempty"`

	// The page number to page through results 100 at a time. It is ignored in CountExploits method
	Page int `url:"page,omitempty"`
}

type ExploitSource 

type ExploitSource string

Exploit DB, Metasploit or Common Vulnerabilities and Exposures (CVE)

type ExploitType 

type ExploitType string

Exploit type

type Facet 

type Facet struct {
	Count int    `json:"count"`
	Value string `json:"value"`
}

type Host 

type Host struct {
	OS              string      `json:"os"`
	Ports           []int       `json:"ports"`
	IPLong          int         `json:"ip"`
	IP              string      `json:"ip_str"`
	ISP             string      `json:"isp"`
	Hostnames       []string    `json:"hostnames"`
	Organization    string      `json:"org"`
	Vulnerabilities []string    `json:"vulns"`
	ASN             string      `json:"asn"`
	LastUpdate      string      `json:"last_update"`
	Data            []*HostData `json:"data"`
	HostLocation
}

type HostData 

type HostData struct {
	Product      string                 `json:"product"`
	Hostnames    []string               `json:"hostnames"`
	Version      json.Number            `json:"version"`
	Title        string                 `json:"title"`
	IPLong       int                    `json:"ip"`
	IP           string                 `json:"ip_str"`
	OS           string                 `json:"os"`
	Organization string                 `json:"org"`
	ISP          string                 `json:"isp"`
	CPE          []string               `json:"cpe"`
	Data         string                 `json:"data"`
	ASN          string                 `json:"asn"`
	Port         int                    `json:"port"`
	HTML         string                 `json:"html"`
	Banner       string                 `json:"banner"`
	Link         string                 `json:"link"`
	Transport    string                 `json:"transport"`
	Domains      []string               `json:"domains"`
	Timestamp    string                 `json:"timestamp"`
	DeviceType   string                 `json:"devicetype"`
	Location     *HostLocation          `json:"location"`
	ShodanData   map[string]interface{} `json:"_shodan"`
	Opts         map[string]interface{} `json:"opts"`
}

type HostLocation 

type HostLocation struct {
	City         string  `json:"city"`
	RegionCode   string  `json:"region_code"`
	AreaCode     int     `json:"area_code"`
	Latitude     float64 `json:"latitude"`
	Longitude    float64 `json:"longitude"`
	Country      string  `json:"country_name"`
	CountryCode  string  `json:"country_code"`
	CountryCode3 string  `json:"country_code3"`
	Postal       string  `json:"postal_code"`
	DMA          int     `json:"dma_code"`
}

type HostMatch 

type HostMatch struct {
	Total   int                 `json:"total"`
	Facets  map[string][]*Facet `json:"facets"`
	Matches []*HostData         `json:"matches"`
}

type HostQueryOptions 

type HostQueryOptions struct {
	Query  string `url:"query"`
	Facets string `url:"facets,omitempty"`
	Minify bool   `url:"minify,omitempty"`
	Page   int    `url:"page,omitempty"`
}

type HostQueryTokens 

type HostQueryTokens struct {
	Filters []string `json:"filters"`
	String  string   `json:"string"`
	Errors  []string `json:"errors"`
	// FIXME: should it really be interface{} ?
	Attributes map[string]interface{} `json:"attributes"`
}

type HostServicesOptions 

type HostServicesOptions struct {
	History bool `url:"history,omitempty"`
	Minify  bool `url:"minify,omitempty"`
}

type Profile 

type Profile struct {
	Member  bool   `json:"member"`
	Credits int    `json:"credits"`
	Name    string `json:"display_name"`
	Created string `json:"created"`
}

type QueryOptions 

type QueryOptions struct {
	// Page number to iterate over results; each page contains 10 items
	Page int `url:"page,omitempty"`

	// Sort the list based on a property. Possible values are: votes, timestamp
	Sort string `url:"sort,omitempty"`

	// Whether to sort the list in ascending or descending order. Possible values are: asc, desc
	Order string `url:"order,omitempty"`
}

type QuerySearch 

type QuerySearch struct {
	Total   int                 `json:"total"`
	Matches []*QuerySearchMatch `json:"matches"`
}

type QuerySearchMatch 

type QuerySearchMatch struct {
	Title       string   `json:"title"`
	Description string   `json:"description"`
	Query       string   `json:"query"`
	Votes       int      `json:"votes"`
	Timestamp   string   `json:"timestamp"`
	Tags        []string `json:"tags"`
}

type QueryTags 

type QueryTags struct {
	Total   int               `json:"total"`
	Matches []*QueryTagsMatch `json:"matches"`
}

type QueryTagsMatch 

type QueryTagsMatch struct {
	Value string `json:"value"`
	Count int    `json:"count"`
}

type QueryTagsOptions 

type QueryTagsOptions struct {
	// The number of tags to return (default: 10)
	Size int `url:"size,omitempty"`
}

type SearchQueryOptions 

type SearchQueryOptions struct {
	// What to search for in the directory of saved search queries
	Query string `url:"query"`

	// Page number to iterate over results; each page contains 10 items
	Page int `url:"page,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.