-
Notifications
You must be signed in to change notification settings - Fork 23
/
censys_a.py
43 lines (38 loc) · 2.04 KB
/
censys_a.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
from recon.core.module import BaseModule
import json
class Module(BaseModule):
meta = {
'name': 'Censys.io A Record Retriever',
'author': 'ScumSec 0x1414',
'description': 'Retrieves the A records for each host. Updates the \'ports\' table with the results.',
'query': 'SELECT DISTINCT host FROM hosts WHERE host IS NOT NULL',
}
def module_run(self, hosts):
api_id = self.get_key('censysio_id')
api_secret = self.get_key('censysio_secret')
base_url = 'https://censys.io/api/v1/search/ipv4'
for host in hosts:
self.heading(host, level=0)
payload = json.dumps({'query': 'a:%s' % host})
resp = self.request(base_url, payload=payload, auth=(api_id, api_secret), method='POST', content='JSON')
# print resp.json
if resp.status_code == 200:
pages = resp.json['metadata']['pages']
for element in resp.json['results']:
ip_address = element['ip']
for protocol in element['protocols']:
port, service = protocol.split('/')
self.add_ports(ip_address=ip_address, host=host, port=port, protocol=service)
if pages > 1:
for i in range(pages)[1:]:
page_id = i + 1
payload = json.dumps({'page': page_id, 'query': 'a:%s' % host})
resp = self.request(base_url, payload=payload, auth=(api_id, api_secret), method='POST', content='JSON')
if resp.status_code == 200:
for element in resp.json['results']:
ip_address = element['ip']
for protocol in element['protocols']:
port, service = protocol.split('/')
self.add_ports(ip_address=ip_address, host=host, port=port, protocol=service)
else:
self.output('%s => Bad request!' % host)