private void Start() { try { //ejecutamos el evento de inicio OnStartEvent(null); OnLogEvent(new EventsThreads.ThreadStringEventArgs( $"Starting Shodan search in {lstIPs.Count} IP Addresses")); foreach (string ip in lstIPs.Where(p => Functions.IsIP(p))) { ShodanIPInformation ipInfo = GetShodanInformation(ip); if (ipInfo != null) { OnDataFoundEvent(new EventsThreads.CollectionFound <ShodanIPInformation>(new[] { ipInfo })); } } OnLogEvent(new EventsThreads.ThreadStringEventArgs("Shodan search finished")); OnEndEvent( new EventsThreads.ThreadEndEventArgs(EventsThreads.ThreadEndEventArgs.EndReasonEnum.NoMoreData)); } catch (ThreadAbortException) { OnLogEvent(new EventsThreads.ThreadStringEventArgs("Shodan search aborted")); OnEndEvent(new EventsThreads.ThreadEndEventArgs(EventsThreads.ThreadEndEventArgs.EndReasonEnum.Stopped)); } catch (Exception e) { OnLogEvent(new EventsThreads.ThreadStringEventArgs($"Shodan search aborted error: {e.Message}")); OnEndEvent( new EventsThreads.ThreadEndEventArgs(EventsThreads.ThreadEndEventArgs.EndReasonEnum.ErrorFound)); } }
/// <summary> /// Dado un documento Json obtiene los resultados dados por Shodan /// </summary> /// <param name="JSON"></param> /// <returns>Devuelve una lista ya que shodan no da un solo resultado, da varios</returns> private List <ShodanIPInformation> ParseJsonShodan(string JSON) { var lstShodan = new List <ShodanIPInformation>(); var serializer = new DataContractJsonSerializer(typeof(ShodanJson)); var ms = new MemoryStream(Encoding.ASCII.GetBytes(JSON)); try { var sj = (ShodanJson)serializer.ReadObject(ms); ms.Close(); foreach (var m in sj.matches) { var si = new ShodanIPInformation { Country = m.country, IPAddress = m.ip, OS = m.os }; si.HostNames.AddRange(m.hostnames); var dummy = 0; si.ServerBanner = Functions.SearchBetweenDelimiters(m.data, "Server: ", "\r", ref dummy, StringComparison.InvariantCulture); si.ShodanResponse = JSON; lstShodan.Add(si); } } catch { Program.LogThis(new Log(Log.ModuleType.ShodanSearch, "Couldn't parse Shodan JSON reponse", Log.LogType.debug)); } return(lstShodan); }
/// <summary> /// Dada una IP devuelve la información que obtiene el búscador Shodan de ella /// </summary> /// <param name="strIPAddress"></param> /// <returns></returns> private ShodanIPInformation GetShodanInformation(string strIPAddress) { //Obtiene el HTML de la petición string json = MakeShodanRequestIP(strIPAddress); //Parsea el HTML y obtiene los datos de respuesta List <ShodanIPInformation> lstSIPinfo = ParseJsonShodan(json); //Filtra los datos para que se quede solo con los de la ip buscada ShodanIPInformation SIPinfo = lstSIPinfo.FirstOrDefault(p => p.IPAddress == strIPAddress); //Damos prioridad al fprinting de shodan al del modulo fingerprinting/http.cs if (SIPinfo != null && String.IsNullOrWhiteSpace(SIPinfo.OS)) { SIPinfo.OS = HTTP.GetOsFromBanner(SIPinfo.ServerBanner).ToString(); } return(SIPinfo); }