Sha256: 89b19873f2d142b6428cfe928ce97197ecb06e8a711681cbc41c41bd3962ee89
Contents?: true
Size: 1.43 KB
Versions: 8
Compression:
Stored size: 1.43 KB
Contents
# frozen_string_literal: true require "shodan" module Mihari module Analyzers class Shodan < Base param :query option :title, default: proc { "Shodan search" } option :description, default: proc { "query = #{query}" } option :tags, default: proc { [] } def artifacts results = search return [] unless results || results.empty? results.map do |result| matches = result["matches"] || [] matches.filter_map do |match| match["ip_str"] end end.flatten.compact.uniq end private PAGE_SIZE = 100 def configuration_keys %w[shodan_api_key] end def api @api ||= ::Shodan::API.new(key: Mihari.config.shodan_api_key) end def search_with_page(query, page: 1) api.host.search(query, page: page) rescue ::Shodan::Error => e raise RetryableError, e if e.message.include?("request timed out") raise e end def search responses = [] (1..Float::INFINITY).each do |page| res = search_with_page(query, page: page) break unless res responses << res break if res["total"].to_i <= page * PAGE_SIZE rescue JSON::ParserError # ignore JSON::ParserError # ref. https://github.com/ninoseki/mihari/issues/197 next end responses end end end end
Version data entries
8 entries across 8 versions & 1 rubygems