private void Start()
{
try
{
//ejecutamos el evento de inicio
OnStartEvent(null);
OnLogEvent(new EventsThreads.ThreadStringEventArgs(
$"Starting Shodan search in {lstIPs.Count} IP Addresses"));
foreach (string ip in lstIPs.Where(p => Functions.IsIP(p)))
{
ShodanIPInformation ipInfo = GetShodanInformation(ip);
if (ipInfo != null)
{
OnDataFoundEvent(new EventsThreads.CollectionFound <ShodanIPInformation>(new[] { ipInfo }));
}
}
OnLogEvent(new EventsThreads.ThreadStringEventArgs("Shodan search finished"));
OnEndEvent(
new EventsThreads.ThreadEndEventArgs(EventsThreads.ThreadEndEventArgs.EndReasonEnum.NoMoreData));
}
catch (ThreadAbortException)
{
OnLogEvent(new EventsThreads.ThreadStringEventArgs("Shodan search aborted"));
OnEndEvent(new EventsThreads.ThreadEndEventArgs(EventsThreads.ThreadEndEventArgs.EndReasonEnum.Stopped));
}
catch (Exception e)
{
OnLogEvent(new EventsThreads.ThreadStringEventArgs($"Shodan search aborted error: {e.Message}"));
OnEndEvent(
new EventsThreads.ThreadEndEventArgs(EventsThreads.ThreadEndEventArgs.EndReasonEnum.ErrorFound));
}
}
/// <summary>
/// Dado un documento Json obtiene los resultados dados por Shodan
/// </summary>
/// <param name="JSON"></param>
/// <returns>Devuelve una lista ya que shodan no da un solo resultado, da varios</returns>
private List <ShodanIPInformation> ParseJsonShodan(string JSON)
{
var lstShodan = new List <ShodanIPInformation>();
var serializer = new DataContractJsonSerializer(typeof(ShodanJson));
var ms = new MemoryStream(Encoding.ASCII.GetBytes(JSON));
try
{
var sj = (ShodanJson)serializer.ReadObject(ms);
ms.Close();
foreach (var m in sj.matches)
{
var si = new ShodanIPInformation
{
Country = m.country,
IPAddress = m.ip,
OS = m.os
};
si.HostNames.AddRange(m.hostnames);
var dummy = 0;
si.ServerBanner = Functions.SearchBetweenDelimiters(m.data, "Server: ", "\r", ref dummy,
StringComparison.InvariantCulture);
si.ShodanResponse = JSON;
lstShodan.Add(si);
}
}
catch
{
Program.LogThis(new Log(Log.ModuleType.ShodanSearch, "Couldn't parse Shodan JSON reponse",
Log.LogType.debug));
}
return(lstShodan);
}
/// <summary>
/// Dada una IP devuelve la información que obtiene el búscador Shodan de ella
/// </summary>
/// <param name="strIPAddress"></param>
/// <returns></returns>
private ShodanIPInformation GetShodanInformation(string strIPAddress)
{
//Obtiene el HTML de la petición
string json = MakeShodanRequestIP(strIPAddress);
//Parsea el HTML y obtiene los datos de respuesta
List <ShodanIPInformation> lstSIPinfo = ParseJsonShodan(json);
//Filtra los datos para que se quede solo con los de la ip buscada
ShodanIPInformation SIPinfo = lstSIPinfo.FirstOrDefault(p => p.IPAddress == strIPAddress);
//Damos prioridad al fprinting de shodan al del modulo fingerprinting/http.cs
if (SIPinfo != null && String.IsNullOrWhiteSpace(SIPinfo.OS))
{
SIPinfo.OS = HTTP.GetOsFromBanner(SIPinfo.ServerBanner).ToString();
}
return(SIPinfo);
}
