Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

support for delay between request #11

Closed
0xAwali opened this issue Mar 6, 2022 · 4 comments · Fixed by #18 or #19
Closed

support for delay between request #11

0xAwali opened this issue Mar 6, 2022 · 4 comments · Fixed by #18 or #19
Assignees
@Mzack9999
Labels
Priority: Medium This issue may be useful, and needs some attention. Status: Completed Nothing further to be done with this issue. Awaiting to be closed. Type: Enhancement Most issues will probably ask for additions or changes.

Comments

@0xAwali
Copy link

0xAwali commented Mar 6, 2022
edited by ehsandeep

Based on censys docs it's has rate limited

Screenshot_2022-03-06_03_42_20

so while I used uncover I got too many requests so it's possible to add delay between requests when using censys engine to bypass rate limited , plus I think uncover doesn't randomize multiple tokens because I used one token and got 12K result then I got too many requests so I used multiple tokens and got the same result , I think if uncover randomize the multiple tokens we can bypass the rate limited

RATE-LIMIT:
   -delay int                    delay in seconds between requests to the same host (default 1)
@0xAwali 0xAwali added the Type: Enhancement Most issues will probably ask for additions or changes. label Mar 6, 2022
@ehsandeep ehsandeep changed the title it's possible to add delay between requests when using censys engine to bypass the rate limited support for rate limit per seconds / minutes Mar 6, 2022
@ehsandeep
Copy link
Member

@0xAwali thanks for creating this issue, about randomisation, it works based on execution, i.e new key will be picked on each execution of uncover and not per request as same key is required to rotate through multiple pages in case of results contains multiple results with higher limits.

@0xAwali
Copy link
Author

0xAwali commented Mar 6, 2022

censys depend on cursor value to get next page e.g.

curl -s -u API-KEY:SECRET -H 'Content-Type: application/json' "https://search.censys.io/api/v2/hosts/search?q=company&per_page=100&cursor=base64-value" | jq -r .result.links.next

so token not issue here , I think it will be more efficiency to randomize the multiple tokens instead of one token every time because rate limit per seconds or minutes will not solve this issue if your result e.g. 100k because censys allow 250 queries if you are normal user so e.g. I was using this script to bypass the rate limit and allowed queries

#!/usr/bin/env bash
Query="services.tls.certificates.leaf_data.subject.organization:Facebook\bInc."
TokenCount=$(shuf -n 1 token.txt)
Count=$(curl -s -u $TokenCount -H 'Content-Type: application/json' "https://search.censys.io/api/v2/hosts/search?q=$Query&per_page=100" | jq -r .result.total)
Iters=$(expr "$Count" / 100 + 1)
Cursor=""
for ((I = 1 ; I <= "$Iters" ; I++))
do
	TokenSearch=$(shuf -n 1 token.txt)
	curl -s -u $TokenSearch -H 'Content-Type: application/json' "https://search.censys.io/api/v2/hosts/search?q=$Query&per_page=100&cursor=$Cursor" | jq -r .result.hits[].ip | tee -a result.txt
	sleep 1
	Cursor=$(curl -s -u $TokenSearch -H 'Content-Type: application/json' "https://search.censys.io/api/v2/hosts/search?q=$Query&per_page=100&cursor=$Cursor" | jq -r .result.links.next)
done

@ehsandeep ehsandeep changed the title support for rate limit per seconds / minutes support for rate limit per seconds / minutes and delay between request Mar 8, 2022
@ehsandeep
Copy link
Member

thanks for sharing more information @0xAwali around randomization improvements, and yes you are right about the rate limit, a default delay would be a better option to avoid the rate limit in general across all the engines.

@ehsandeep ehsandeep added the Priority: Medium This issue may be useful, and needs some attention. label Mar 8, 2022
@ehsandeep ehsandeep changed the title support for rate limit per seconds / minutes and delay between request support for delay between request Mar 10, 2022
@Mzack9999 Mzack9999 self-assigned this Mar 18, 2022
@Mzack9999 Mzack9999 added the Status: In Progress This issue is being worked on, and has someone assigned. label Mar 18, 2022
@Mzack9999 Mzack9999 linked a pull request Mar 18, 2022 that will close this issue
Adding support for delay between requests #18
Merged
@Mzack9999 Mzack9999 added Status: Review Needed The issue has a PR attached to it which needs to be reviewed and removed Status: In Progress This issue is being worked on, and has someone assigned. labels Mar 18, 2022
@ehsandeep ehsandeep added Status: Completed Nothing further to be done with this issue. Awaiting to be closed. and removed Status: Review Needed The issue has a PR attached to it which needs to be reviewed labels Mar 18, 2022
@ehsandeep
Copy link
Member

@0xAwali should be fixed on the dev version, now as default delay of 1 second is added.

@ehsandeep ehsandeep linked a pull request Mar 18, 2022 that will close this issue
v0.0.3 #19
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Mzack9999 Mzack9999

Labels
Priority: Medium This issue may be useful, and needs some attention. Status: Completed Nothing further to be done with this issue. Awaiting to be closed. Type: Enhancement Most issues will probably ask for additions or changes.
Projects
None yet
Milestone
No milestone
3 participants
@ehsandeep @Mzack9999 @0xAwali