diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml new file mode 100644 index 0000000..01d3dcc --- /dev/null +++ b/.github/workflows/master.yml @@ -0,0 +1,103 @@ +name: Python package + +on: + push: + tags: + - 'package*' + workflow_dispatch: + +jobs: + prepare: + runs-on: ubuntu-latest + outputs: + new_version: ${{ steps.version.outputs.new_version }} + + steps: + - uses: actions/checkout@v2 + + - name: Extract and increment version using sed and awk + id: increment_version + run: | + version=$(sed -n "s/^ *version=['\"]\([^'\"]*\)['\"],/\1/p" setup.py) + new_version=$(echo $version | awk -F. -v OFS=. '{$NF += 1; print}') + sed -i "s;$version;$new_version;g" setup.py + echo "new_version=$new_version" >> $GITHUB_ENV + + - name: Get last commit details + id: last_commit + run: | + commit_message=$(git log -1 --pretty=%B) + commit_author=$(git log -1 --pretty=%an) + echo "commit_message=$commit_message" >> $GITHUB_ENV + echo "commit_author=$commit_author" >> $GITHUB_ENV + + - name: Update ChangeLog + run: | + echo "## v${{ env.new_version }} - $(date +'%Y-%m-%d')" >> ChangeLog.md + echo "- Last commit by ${{ env.commit_author }}: ${{ env.commit_message }}" >> ChangeLog.md + + - name: Commit and push changes + run: | + git config --local user.email "action@github.com" + git config --local user.name "GitHub Action" + git add setup.py ChangeLog.md + git commit -m "Bump version to ${{ env.new_version }} and update ChangeLog" + git push + + + build: + needs: prepare + runs-on: ${{ matrix.os }} + strategy: + fail-fast: false + matrix: + python-version: [3.11] + os: [ubuntu-latest] + + steps: + - uses: actions/checkout@v3 + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v3 + with: + python-version: ${{ matrix.python-version }} + + - name: Install dependencies + run: | + python -m pip install --upgrade pip + python -m pip install flake8 semgrep setuptools wheel build twine + if [ -f requirements.txt ]; then pip install -r requirements.txt; fi + + - name: Lint with flake8 + run: | + flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics + flake8 . --count --exit-zero --max-complexity=10 --max-line-length=128 --statistics + + - name: Security scan with Semgrep + run: | + semgrep --config=p/r2c + + - name: Patch version using sed and awk (not because we can't pull the commited update in prepare) + run: | + version=$(sed -n "s/^ *version=['\"]\([^'\"]*\)['\"],/\1/p" setup.py) + new_version=$(echo $version | awk -F. -v OFS=. '{$NF += 1; print}') + sed -i "s;$version;$new_version;g" setup.py + + - name: Build the package + run: python setup.py sdist bdist_wheel + + - name: Build and publish + if: success() + run: | + twine upload dist/* + env: + TWINE_USERNAME: __token__ + TWINE_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + + - name: Upload artifacts + if: success() + uses: actions/upload-artifact@v4 + with: + name: dist-${{ matrix.python-version }}-${{ matrix.os }} + path: dist/* + if-no-files-found: error + retention-days: 90 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..1b4da88 --- /dev/null +++ b/.gitignore @@ -0,0 +1,96 @@ +# Byte-compiled / optimized / DLL files +__pycache__/ +*.py[cod] +*$py.class + +# OSX Stuff +.DS_Store + +# C extensions +*.so + +# Distribution / packaging +.Python +env/ +build/ +.build/ +develop-eggs/ +downloads/ +eggs/ +.eggs/ +lib/ +lib64/ +parts/ +sdist/ +var/ +*.egg-info/ +.installed.cfg +*.egg + +# PyInstaller +# Usually these files are written by a python script from a template +# before PyInstaller builds the exe, so as to inject date/other infos into it. +*.manifest +*.spec + +# Installer logs +pip-log.txt +pip-delete-this-directory.txt + +# Unit test / coverage reports +htmlcov/ +.tox/ +.coverage +.coverage.* +.cache +nosetests.xml +coverage.xml +*,cover +.hypothesis/ + +# Translations +*.mo +*.pot + +# Django stuff: +*.log +local_settings.py + +# Flask stuff: +instance/ +.webassets-cache + +# Scrapy stuff: +.scrapy + +# Sphinx documentation +docs/_build/ + +# PyBuilder +target/ + +# IPython Notebook +.ipynb_checkpoints + +# pyenv +.python-version + +# celery beat schedule file +celerybeat-schedule + +# dotenv +.env + +# virtualenv +.venv/ +venv/ +ENV/ + +# Spyder project settings +.spyderproject + +# Rope project settings +.ropeproject + +# local test +test.py diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..7b4c334 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,13 @@ +language: python + +sudo: true + +python: + +- 3.6 + +install: + - pip install -r requirements.txt + +script: + - python ./pyShodan/__init__.py diff --git a/ChangeLog.md b/ChangeLog.md new file mode 100644 index 0000000..4b3b33b --- /dev/null +++ b/ChangeLog.md @@ -0,0 +1,10 @@ +## v0.2.7 - 2024-05-03 +- Last commit by sscottgvit: Code improvements, Add git actions, other cleanup +## v0.2.8 - 2024-05-03 +- Last commit by sscottgvit: Merge branch 'master' of github.com:GoVanguard/pyShodan +## v0.2.9 - 2024-05-03 +- Last commit by sscottgvit: Merge branch 'master' of github.com:GoVanguard/pyShodan +## v0.2.10 - 2024-05-03 +- Last commit by sscottgvit: Merge branch 'master' of github.com:GoVanguard/pyShodan +## v0.2.11 - 2024-05-03 +- Last commit by GitHub Action: Bump version to 0.2.10 and update ChangeLog diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..65c5ca8 --- /dev/null +++ b/LICENSE @@ -0,0 +1,165 @@ + GNU LESSER GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + + This version of the GNU Lesser General Public License incorporates +the terms and conditions of version 3 of the GNU General Public +License, supplemented by the additional permissions listed below. + + 0. Additional Definitions. + + As used herein, "this License" refers to version 3 of the GNU Lesser +General Public License, and the "GNU GPL" refers to version 3 of the GNU +General Public License. + + "The Library" refers to a covered work governed by this License, +other than an Application or a Combined Work as defined below. + + An "Application" is any work that makes use of an interface provided +by the Library, but which is not otherwise based on the Library. +Defining a subclass of a class defined by the Library is deemed a mode +of using an interface provided by the Library. + + A "Combined Work" is a work produced by combining or linking an +Application with the Library. The particular version of the Library +with which the Combined Work was made is also called the "Linked +Version". + + The "Minimal Corresponding Source" for a Combined Work means the +Corresponding Source for the Combined Work, excluding any source code +for portions of the Combined Work that, considered in isolation, are +based on the Application, and not on the Linked Version. + + The "Corresponding Application Code" for a Combined Work means the +object code and/or source code for the Application, including any data +and utility programs needed for reproducing the Combined Work from the +Application, but excluding the System Libraries of the Combined Work. + + 1. Exception to Section 3 of the GNU GPL. + + You may convey a covered work under sections 3 and 4 of this License +without being bound by section 3 of the GNU GPL. + + 2. Conveying Modified Versions. + + If you modify a copy of the Library, and, in your modifications, a +facility refers to a function or data to be supplied by an Application +that uses the facility (other than as an argument passed when the +facility is invoked), then you may convey a copy of the modified +version: + + a) under this License, provided that you make a good faith effort to + ensure that, in the event an Application does not supply the + function or data, the facility still operates, and performs + whatever part of its purpose remains meaningful, or + + b) under the GNU GPL, with none of the additional permissions of + this License applicable to that copy. + + 3. Object Code Incorporating Material from Library Header Files. + + The object code form of an Application may incorporate material from +a header file that is part of the Library. You may convey such object +code under terms of your choice, provided that, if the incorporated +material is not limited to numerical parameters, data structure +layouts and accessors, or small macros, inline functions and templates +(ten or fewer lines in length), you do both of the following: + + a) Give prominent notice with each copy of the object code that the + Library is used in it and that the Library and its use are + covered by this License. + + b) Accompany the object code with a copy of the GNU GPL and this license + document. + + 4. Combined Works. + + You may convey a Combined Work under terms of your choice that, +taken together, effectively do not restrict modification of the +portions of the Library contained in the Combined Work and reverse +engineering for debugging such modifications, if you also do each of +the following: + + a) Give prominent notice with each copy of the Combined Work that + the Library is used in it and that the Library and its use are + covered by this License. + + b) Accompany the Combined Work with a copy of the GNU GPL and this license + document. + + c) For a Combined Work that displays copyright notices during + execution, include the copyright notice for the Library among + these notices, as well as a reference directing the user to the + copies of the GNU GPL and this license document. + + d) Do one of the following: + + 0) Convey the Minimal Corresponding Source under the terms of this + License, and the Corresponding Application Code in a form + suitable for, and under terms that permit, the user to + recombine or relink the Application with a modified version of + the Linked Version to produce a modified Combined Work, in the + manner specified by section 6 of the GNU GPL for conveying + Corresponding Source. + + 1) Use a suitable shared library mechanism for linking with the + Library. A suitable mechanism is one that (a) uses at run time + a copy of the Library already present on the user's computer + system, and (b) will operate properly with a modified version + of the Library that is interface-compatible with the Linked + Version. + + e) Provide Installation Information, but only if you would otherwise + be required to provide such information under section 6 of the + GNU GPL, and only to the extent that such information is + necessary to install and execute a modified version of the + Combined Work produced by recombining or relinking the + Application with a modified version of the Linked Version. (If + you use option 4d0, the Installation Information must accompany + the Minimal Corresponding Source and Corresponding Application + Code. If you use option 4d1, you must provide the Installation + Information in the manner specified by section 6 of the GNU GPL + for conveying Corresponding Source.) + + 5. Combined Libraries. + + You may place library facilities that are a work based on the +Library side by side in a single library together with other library +facilities that are not Applications and are not covered by this +License, and convey such a combined library under terms of your +choice, if you do both of the following: + + a) Accompany the combined library with a copy of the same work based + on the Library, uncombined with any other library facilities, + conveyed under the terms of this License. + + b) Give prominent notice with the combined library that part of it + is a work based on the Library, and explaining where to find the + accompanying uncombined form of the same work. + + 6. Revised Versions of the GNU Lesser General Public License. + + The Free Software Foundation may publish revised and/or new versions +of the GNU Lesser General Public License from time to time. Such new +versions will be similar in spirit to the present version, but may +differ in detail to address new problems or concerns. + + Each version is given a distinguishing version number. If the +Library as you received it specifies that a certain numbered version +of the GNU Lesser General Public License "or any later version" +applies to it, you have the option of following the terms and +conditions either of that published version or of any later version +published by the Free Software Foundation. If the Library as you +received it does not specify a version number of the GNU Lesser +General Public License, you may choose any version of the GNU Lesser +General Public License ever published by the Free Software Foundation. + + If the Library as you received it specifies that a proxy can decide +whether future versions of the GNU Lesser General Public License shall +apply, that proxy's public statement of acceptance of any version is +permanent authorization for you to choose that version for the +Library. diff --git a/README.md b/README.md index 50e2692..f1cf2ab 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,11 @@ -# pyShodan -Python 3 script for interacting with Shodan API. Has three modes of operation: making an API query for a search term, for a single IP address, or for a list of IP addresses in a .txt file. +pyShodan (https://gotham-security.com) +== +[![Python package](https://github.com/GoVanguard/pyShodan/actions/workflows/master.yml/badge.svg)](https://github.com/GoVanguard/pyShodan/actions/workflows/master.yml) +[![Known Vulnerabilities](https://snyk.io/test/github/GoVanguard/pyShodan/badge.svg?targetFile=requirements.txt)](https://snyk.io/test/github/GoVanguard/pyShodan?targetFile=requirements.txt) +[![Maintainability](https://api.codeclimate.com/v1/badges/6b69cfa99c674d04e7a9/maintainability)](https://codeclimate.com/github/GoVanguard/pyShodan/maintainability) + +# About pyShodan +Python 3 script for interacting with Shodan API. Has three modes of operation: making an API query for a search term, a single IP address, or for a list of IP addresses in a .txt file. ## Installation ``` @@ -7,18 +13,9 @@ git clone https://github.com/GoVanguard/pyShodan.git ``` ## Recommended Python Version -Tested on Python 3.5+. +Tested on Python 3.6+. ## Dependencies * Shodan (pip3 install shodan) -## Usage -Short Form | Long Form | Description ------------------ | -------------- |------------- --h | --help | show this help message and exit --s | --search | Search Shodan for a general term --ip | --ipaddr | Search Shodan for a specific IP address -n/a | --iplist | Search Shodan for every IP address in a txt file --api | --api | Shodan API key (required) - Output is printed to stdout as well as CSV files in the script directory. diff --git a/pyShodan.py b/pyShodan.py deleted file mode 100644 index 50d4e1b..0000000 --- a/pyShodan.py +++ /dev/null @@ -1,120 +0,0 @@ -import shodan -import sys -import argparse -import csv -import time -import datetime - -def getApiKey(k): - SHODAN_API_KEY = k - api = shodan.Shodan(SHODAN_API_KEY) - return api - -def searchTerm(s): - searchStr = s - api = getApiKey(args.apiKey) - hostinfo = [] - # Wrap the request in a try/ except block to catch errors - # Search Shodan - results = api.search(searchStr) - - # Show the results - print('Results found: %s' % results['total']) - for result in results['matches']: - print('IP: %s' % result['ip_str']) - print(result['data']) - print('') - hostinfo.append([result['ip_str'].replace(","," "), result['data'].replace(","," ").encode("utf-8"),result['port']]) - - title = "shodanOutput-" + searchStr + ".csv" - with open(title,"w") as csvfile: - header = ["Host IP", "Banner","Ports"] - writer = csv.writer(csvfile, delimiter=",") - writer.writerow(header) - for i in range(len(hostinfo)): - writer.writerow(hostinfo[i]) - - print(title + " created in script directory") - -def searchIp(d): - searchHost = d - api = getApiKey(args.apiKey) - try: - host = api.host(searchHost) - # Print general info - print(""" - IP: %s - Organization: %s - Operating System: %s - """ % (host['ip_str'], host.get('org', 'n/a'), host.get('os', 'n/a'))) - - hostinfo = [] - - for item in host['data']: - hostinfo.append([item['ip_str'], item['org'], str(item['data'].replace(',',' ').strip('\t\n\r')), item['port']]) - print(""" - Port: %s - Banner: %s - """ % (item['port'], item['data'])) - title = "shodanOutput-" + searchHost + ".csv" - with open(title,"w") as csvfile: - header = ["Host IP", "FQDN", "Banner", "Ports"] - writer = csv.writer(csvfile, delimiter=",") - writer.writerow(header) - for i in range(len(hostinfo)): - writer.writerow(hostinfo[i]) - - print(title + " created in script directory") - except shodan.APIError as e: - print("Error: %s" % e) - -def searchList(f): - api = getApiKey(args.apiKey) - hostinfo = [] - - with open(f,'r') as dafile: - x = dafile.read().splitlines() - - for i in range(len(x)): - try: - time.sleep(2) - host = api.host(x[i]) - for item in host['data']: - hostinfo.append([item['ip_str'], item['org'], str(item['data']).replace(',',' ').strip('\r\n\t'), item['port']]) - except shodan.APIError as e: - print("Error: %s" % e) - if "no information available" in str(e).lower(): - print("No information is available for %s" % str(x[i])) - - for i in range(len(hostinfo)): - print("\n" + str(hostinfo[i]) + "\n") - - title = "shodanOutput-ipList-" + str(datetime.datetime.now()) + ".csv" - with open(title,"w") as csvfile: - header = ["Host IP", "FQDN", "Banner", "Ports"] - writer = csv.writer(csvfile, delimiter=",") - writer.writerow(header) - for i in range(len(hostinfo)): - writer.writerow(hostinfo[i]) - - print(title + " created in script directory") - -if __name__ == "__main__": - parser = argparse.ArgumentParser(description="Python script for interacting with Shodan API") - - parser.add_argument("--search", "-s", action="store", type=str, dest="searchVal", help="Search Shodan for a general term") - parser.add_argument("--ipaddr", "-ip", action="store", type=str, dest="ipSearch", help="Search Shodan for a specific IP address") - parser.add_argument("--iplist", action="store", dest="ipList", help="Search Shodan for every IP address in a txt file") - parser.add_argument("--api", "-api", action="store", type=str, dest="apiKey", required=True, help="Shodan API key") - args = parser.parse_args() - - if args.searchVal: - searchTerm(args.searchVal) - elif args.ipSearch: - searchIp(args.ipSearch) - elif args.ipList: - searchList(args.ipList) - elif args.apiKey: - getApiKey(apiKey) - else: - print("Invalid arguments, see -h for details. Example use: python pyShodan.py -s SearchTerm -ip IPAddress -api SHODAN-api-key") diff --git a/pyShodan/__init__.py b/pyShodan/__init__.py new file mode 100644 index 0000000..b2845b4 --- /dev/null +++ b/pyShodan/__init__.py @@ -0,0 +1,87 @@ +import shodan +import sys +import time +from IPy import IP +from typing import List, Union, Tuple + + +class PyShodan: + + def __init__(self, apiKey: str = None, debug: bool = False): + self.apiKey = apiKey + self.debug = debug + self.shodanSession = None + + def createSession(self) -> Union[None, str]: + if self.apiKey: + self.shodanSession = shodan.Shodan(self.apiKey) + else: + return 'Set API Key' + + def searchTerm(self, searchStr: str, allData: bool = False) -> Union[List[dict], str]: + if not self.shodanSession: + return 'Set API Key' + + if not searchStr: + return 'No search input' + + try: + apiResult = self.shodanSession.search(searchStr) + print(f'Results found: {apiResult["total"]}') + + if allData: + return apiResult['matches'] + else: + return [[result['ip_str'], result['data'], result['port']] for result in apiResult['matches']] + except shodan.APIError as e: + return f"Error: {e}" + + def searchIp(self, searchHost: str, allData: bool = False) -> Union[List[dict], str]: + if not self.shodanSession: + return 'Set API Key' + + if not searchHost: + return 'No search input' + + searchHostIpType = IP(searchHost).iptype() + + if searchHostIpType != "PUBLIC": + return f"Warning, {searchHost} isn't public. Shodan only tracks public IPs." + + try: + apiResult = self.shodanSession.host(searchHost) + + if allData: + return apiResult + else: + return [[item['ip_str'], item['org'], item['data'].replace(',', ' ').strip(), item['port']] for item in apiResult['data']] + except shodan.APIError as e: + return f"Error: {e}" + + def searchList(self, inputFile: str) -> Union[List[dict], str]: + if not self.shodanSession: + return 'Set API Key' + + if not inputFile: + return 'No input file' + + try: + with open(inputFile, 'r') as f: + ips = f.read().splitlines() + + hostInfo = [] + for ip in ips: + time.sleep(2) + try: + host = self.shodanSession.host(ip) + for item in host['data']: + hostInfo.append([item['ip_str'], item['org'], item['data'].replace(',', ' ').strip(), item['port']]) + except shodan.APIError as e: + if "no information available" in str(e).lower(): + print(f"No information is available for {ip}") + else: + print(f"Error: {e}") + + return hostInfo + except Exception as e: + return f"Error while reading file: {e}" diff --git a/pyShodan/test.py b/pyShodan/test.py new file mode 100644 index 0000000..3f97c4d --- /dev/null +++ b/pyShodan/test.py @@ -0,0 +1,73 @@ +from . import PyShodan +import shodan +import sys +import argparse +import csv +import time +import datetime + +def getApiKey(k): + api = k + return api + +def writeFile(t, h): + with open(t,"w") as csvfile: + header = ["Host IP", "FQDN", "Banner", "Ports"] + writer = csv.writer(csvfile, delimiter=",") + writer.writerow(header) + for i in range(len(h)): + writer.writerow(h[i]) + print(t + " created in script directory") + +def searchTerm(s): + searchStr = s + api = getApiKey(args.apiKey) + ps = PyShodan() + ps.apiKey = api + ps.createSession() + hostinfo = ps.searchTerm(searchStr) + title = "shodanOutput-" + searchStr + ".csv" + writeFile(title, hostinfo) + +def searchIp(d): + searchHost = d + api = getApiKey(args.apiKey) + ps = PyShodan() + ps.apiKey = api + ps.createSession() + try: + hostinfo = ps.searchIp(searchHost) + title = "shodanOutput-" + searchHost + ".csv" + writeFile(title, hostinfo) + except shodan.APIError as e: + print("Error: %s" % e) + +def searchList(f): + api = getApiKey(args.apiKey) + ps = PyShodan() + ps.apiKey = api + ps.createSession() + d = datetime.datetime.today() + hostinfo = ps.searchList(f) + title = "shodanOutput-ipList_" + d.strftime("%d-%m-%Y_%H-%M-%S") + ".csv" + writeFile(title, hostinfo) + +if __name__ == "__main__": + parser = argparse.ArgumentParser(description="pyShodan test script") + + parser.add_argument("--search", "-s", action="store", type=str, dest="searchVal", help="Search Shodan for a general term") + parser.add_argument("--ipaddr", "-ip", action="store", type=str, dest="ipSearch", help="Search Shodan for a specific IP address") + parser.add_argument("--iplist", action="store", dest="ipList", help="Search Shodan for every IP address in a txt file") + parser.add_argument("--api", "-api", action="store", type=str, dest="apiKey", required=True, help="Shodan API key") + args = parser.parse_args() + + if args.searchVal: + searchTerm(args.searchVal) + elif args.ipSearch: + searchIp(args.ipSearch) + elif args.ipList: + searchList(args.ipList) + elif args.apiKey: + getApiKey(args.apiKey) + else: + print("Invalid arguments, see -h for details. Example use: python pyShodan.py -s SearchTerm -ip IPAddress -api SHODAN-api-key") diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..f34a04e --- /dev/null +++ b/requirements.txt @@ -0,0 +1,5 @@ +shodan +IPy +certifi>=2024.7.4 # not directly required, pinned by Snyk to avoid a vulnerability +idna>=3.7 # not directly required, pinned by Snyk to avoid a vulnerability +requests>=2.31.0 # not directly required, pinned by Snyk to avoid a vulnerability diff --git a/setup.cfg b/setup.cfg new file mode 100644 index 0000000..e7e517c --- /dev/null +++ b/setup.cfg @@ -0,0 +1,4 @@ +[flake8] +select=E501,F811,F823,F831,F841,E502,E703,E704,E713,E741,E742,E743,W291,W601,W602 +exclude=.git,.idea,tmp,backup,log,images,venv +max-line-length: 120 diff --git a/setup.py b/setup.py new file mode 100644 index 0000000..0baf7ff --- /dev/null +++ b/setup.py @@ -0,0 +1,29 @@ +import setuptools + +with open("README.md", "r") as fh: + long_description = str(fh.read()) + +setuptools.setup( + name="pyShodan", + version="0.2.11", + author="Shane Scott", + author_email="sscott@gotham-security.com", + description="Python library for querying the Shodan API", + long_description=long_description, + long_description_content_type="text/markdown", + url="https://github.com/GoVanguard/pyShodan", + packages=['pyShodan'], + install_requires=["shodan", "IPy"], + classifiers=( + 'Development Status :: 4 - Beta', + 'Intended Audience :: Developers', + 'License :: OSI Approved :: GNU General Public License v3 (GPLv3)', + 'Programming Language :: Python :: 3.6', + 'Programming Language :: Python :: 3.7', + 'Programming Language :: Python :: 3.8', + 'Programming Language :: Python :: 3.9', + 'Programming Language :: Python :: 3.10', + 'Programming Language :: Python :: 3.11', + 'Operating System :: OS Independent', + ), +)