Skip to content

Instantly share code, notes, and snippets.

@SecurityDragon

SecurityDragon/gist:0c3be9444026bce89ef16623b3f44dfb

Last active March 15, 2019 12:59
Show Gist options
  • Save SecurityDragon/0c3be9444026bce89ef16623b3f44dfb to your computer and use it in GitHub Desktop.
Save SecurityDragon/0c3be9444026bce89ef16623b3f44dfb to your computer and use it in GitHub Desktop.
Download ZIP
Shodan Demo Report
Raw
gistfile1.txt
# ---------------------------------------------
# Proof of Concept Script
# H. Sonesson, Atea
# 190313
# --------------------------------------------- #
# https://shodan.readthedocs.io/en/latest/tutorial.html#connect-to-the-api
# Change IP-Range: XXX.XXX.64.0/20 to scan other network...
from shodan import Shodan
from shodan.cli.helpers import get_api_key
from docx import Document
from docx.shared import Inches
# Init docx ----
document = Document()
# Create Document Header ----
document.add_picture('XXX.png', width=Inches(1.25))
document.add_heading('Atea Open Source Intelligence Report', 1)
document.add_page_break()
# Init Shodan API Key ----
api = Shodan(get_api_key())
# IIS/7.5 ----
for banner in api.search_cursor('net:XXX.XXX.64.0/20 Server: Microsoft-IIS/7.5'):
print (banner['ip_str']) + " har version IIS/7.5..."
document.add_heading('Har version IIS/7.5...', 1)
document.add_paragraph((banner['ip_str']), style='List Bullet')
# IIS/7.0 ----
for banner in api.search_cursor('net:XXX.XXX.64.0/20 Server: Microsoft-IIS/7.0'):
print (banner['ip_str']) + " har version IIS/7.0..."
document.add_heading('Har version IIS/7.0', 1)
document.add_paragraph((banner['ip_str']), style='List Bullet')
# IIS/6.0 ---
for banner in api.search_cursor('net:XXX.XXX.64.0/20 Server: Microsoft-IIS/6.0'):
print (banner['ip_str']) + " har version IIS/6.0..."
document.add_heading('Har version IIS/6.0', 1)
document.add_paragraph((banner['ip_str']), style='List Bullet')
# Apache/2.2.15
for banner in api.search_cursor('net:XXX.XXX.64.0/20 Server: Apache/2.2.15'):
print (banner['ip_str']) + " har version Apache/2.2.15..."
document.add_heading('Har version Apache/2.2.15...', 1)
document.add_paragraph((banner['ip_str']), style='List Bullet')
# Apache/2.2.25 ----
for banner in api.search_cursor('net:XXX.XXX.64.0/20 Server: Apache/2.2.25'):
print (banner['ip_str']) + " har version Apache/2.2.25..."
document.add_heading('Har version Apache/2.2.25...', 1)
document.add_paragraph((banner['ip_str']), style='List Bullet')
# RDP/5900 ---
for banner in api.search_cursor('net:XXX.XXX.64.0/20 port:5900'):
print (banner['ip_str']) + " RDP - port 5900..."
document.add_heading('RDP - port 5900', 1)
document.add_paragraph((banner['ip_str']), style='List Bullet')
# Anonymous FTP/21 ---
for banner in api.search_cursor('net:XXX.XXX.64.0/20 port:21 230'):
print (banner['ip_str']) + " Anonymous FTP - port 21..."
document.add_heading('Anonymous FTP - port 21', 1)
document.add_paragraph((banner['ip_str']), style='List Bullet')
# SMB IPC$ ---
for banner in api.search_cursor('net:XXX.XXX.64.0/20 IPC'):
print (banner['ip_str']) + " IPC$ - SMB Version: 1..."
document.add_heading('IPC$ - SMB Version: 1', 1)
document.add_paragraph((banner['ip_str']), style='List Bullet')
# Port 8080 ---
for banner in api.search_cursor('net:XXX.XXX.64.0/20 port:8080'):
print (banner['ip_str']) + " Port 8080..."
document.add_heading('Port 8080 Open', 1)
document.add_paragraph((banner['ip_str']), style='List Bullet')
# SIP ---
for banner in api.search_cursor('net:XXX.XXX.64.0/20 SIP'):
print (banner['ip_str']) + " SIP/2.0..."
document.add_heading('SIP/2.0', 1)
document.add_paragraph((banner['ip_str']), style='List Bullet')
# Saving the document ----
document.save("Discovery-XYZ.docx")
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment