[Question] Async example working?

[noraj]

I'm able to make all the REST API examples work but not he async one, it always result nothign and exit without error. I quickly checked all the methods used seems not to have changed.

require 'async'
require 'shodanz'

client = Shodanz.client.new(key: "YOUR_API_KEY")

# Asynchronously stream banner info from shodan  and check any
# IP addresses against the experimental honeypot scoring service.
client.streaming_api.banners do |banner|
  if ip = banner['ip_str']
    Async do
      score = client.rest_api.honeypot_score(ip).wait
      puts "#{ip} has a #{score * 100}% chance of being a honeypot"
    rescue Shodanz::Errors::RateLimited
      sleep rand
      retry
    rescue # any other errors
      next
    end
  end
end

[picatz]

👋 Hello again @noraj!

🤔 I was able to run this successfully on 2.6 -- are you running on 2.7?

Maybe the token you have can't access the honeypot score API?

[picatz]

Can confirm on 2.7.0 the async example is working on my end. I think it might be permissions issue.

Using the #info method, I see:

$ ruby examples/debug.rb
From: /full/path/to/shodanz/examples/debug.rb @ line 11 :

     6: # streaming_api = Shodanz.api.streaming.new
     7: # exploits_api  = Shodanz.api.exploits.new
     8: 
     9: client = Shodanz.client.new
    10: 
 => 11: binding.pry

[1] pry(main)> client.info
=> {"scan_credits"=>65536,
 "usage_limits"=>{"scan_credits"=>65536, "query_credits"=>200000, "monitored_ips"=>131072},
 "plan"=>"edu",
 "https"=>true,
 "unlocked"=>true,
 "query_credits"=>200000,
 "monitored_ips"=>nil,
 "unlocked_left"=>200000,
 "telnet"=>true}

[noraj]

thinking I was able to run this successfully on 2.6 -- are you running on 2.7?

I ran with 2.6.5 and 2.7.0.

Maybe the token you have can't access the honeypot score API?

I was successful with the REST API directly :

$ curl -s 'https://api.shodan.io/labs/honeyscore/1.1.1.1?key=myKey' | jq
0.3

Ah!!!! The streaming API is available from the Freelancer plan, I have only the developer plan so the streaming API not available for me. Not an issue with shodanz.

[noraj]

PS : by the way, cool wrapper 🎉, awesome to have ruby infosec libs 💪

[picatz]

👍 Glad we got this sorted out. I should probably have a warning in the README for that example.

Thank you for contributing to some of my infosec ruby libs, it's very helpful! 🎉

[noraj]

+1 Glad we got this sorted out. I should probably have a warning in the README for that example.

Maybe you can detect the API output and add a class error for API level: WrongApiLevel ?

My API key with to low level priv trying accessing stream data:

curl -s 'https://stream.shodan.io/shodan/banners?key=myAPIkey' | jq
{
  "error": "Access denied"
}

No key, different error message:

curl -s 'https://stream.shodan.io/shodan/banners' | jq         
{
  "error": "Invalid API key"
}

Thank you for contributing to some of my infosec ruby libs, it's very helpful! tada

I'm writing an article about shodan, I'll quote shodanz in the lib section and give some examples with shodanz. I'll link you the article when it will be published. 📰

[picatz]

That's a great idea, and something I think could be added to make it more apparent to users.

Excited to read the article! 👏