-
Notifications
You must be signed in to change notification settings - Fork 0
/
vuln_scan_2.py
51 lines (43 loc) · 1.38 KB
/
vuln_scan_2.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
import argparse
import subprocess
def scan_hosts(query):
# save IPs that have above keyword on hosts.txt file
with open("hosts.txt", "w") as f:
print("searching for ip address on shodan|", query)
args = 'shodan search --fields ip_str ' + query
p1 = subprocess.run(args,shell = True, stdout=f, text=True, input=query)
def find_vuln():
hf = open("hosts.txt", "r")
data = hf.readlines()
for line in data:
host = line.rsplit()
print(host)
#for each host search vulnerability using shodan host <ip_address> command
if len(host)>0:
args = "shodan host " + host[0]
t = open("temp.txt", "w")
p = subprocess.run(args, shell=True, stdout = t, text=True)
t.close()
t = open("temp.txt", "r")
banner = t.readlines()
for l in banner:
if l.startswith("Vulnerabilities"):
v = open("vuln.txt", "a")
s = host[0] +" has " + l
v.write(s)
if __name__ == "__main__":
parser = argparse.ArgumentParser()
parser.add_argument("keyword", help="keyword to query in shodan")
parser.add_argument("-l", "--limit", help="limit the number of results")
args = parser.parse_args()
if args.limit:
query ='--limit ' + args.limit + " "
query = query + args.keyword
#create hosts.txt
scan_hosts(query)
#create vuln.txt
v = open("vuln.txt", "w")
v.write("contains vulnerability of hosts")
v.close()
#scan hosts.txt and output vulnerabilities to vuln.txt
find_vuln()