getZoomEyeIpList.py

# !/usr/bin/env python
# -*- coding: utf-8 -*-

# Author  : starnight_cyber
# Time: 2020-04-15
# Email: starnight_cyber@foxmail.com
# Github: https://github.com/starnightcyber/
# Refer: https://github.com/Xyntax/POC-T/blob/2.0/lib/api/zoomeye/

import os
import requests
import json
import time


class ZoomEye(object):
    def __init__(self, username=None, password=None):
        self.username = username
        self.password = password

        self.access_token = ''
        # self.zoomeye_login_api = "https://api.zoomeye.org/user/login"
        # self.zoomeye_dork_api = "https://api.zoomeye.org/{}/search"

        self.ip_port_list = []

        self.load_access_token()

    def load_access_token(self):
        if not os.path.isfile('access_token.txt'):
            print('[-] info : access_token file is not exist, please login first...')
            self.login()
        else:
            with open('access_token.txt', 'r') as fr:
                self.access_token = fr.read()

    def save_access_token(self):
        with open('access_token.txt', 'w') as fw:
            fw.write(self.access_token)

    def login(self):
        """
        Prompt to input account name and password
        :return: None
        """
        self.username = input('[-] input : username :').strip()
        self.password = input('[-] input : password :').strip()
        print('[*] try to login ...')
        data = {
            'username': self.username,
            'password': self.password
        }

        headers = {
            'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0'
        }

        # dumps 将 python 对象转换成 json 字符串
        data_encoded = json.dumps(data)
        try:
            resp = requests.post(url='https://api.zoomeye.org/user/login', data=data_encoded, headers=headers)
            # loads() 将 json 字符串转换成 python 对象
            r_decoded = json.loads(resp.text)

            # 获取到账户的access_token
            access_token = r_decoded['access_token']
            self.access_token = access_token
            self.save_access_token()
        except:
            print('[-] info : username or password is wrong, please try again ')
            exit()

    def search(self):

        if not self.access_token:
            self.login()

        # 将 token 格式化并添加到 HTTP Header 中
        headers = {
            'Authorization': 'JWT ' + self.access_token,
            'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0'
        }

        # 要搜索的字符串  query = 'port:80 weblogic country:China'
        query = input('[*] please input search string : ')

        # 设置获取结果的起始页面,对于量比较大的时候比较有用
        page = int(input('[*] please input start page : '))

        # 设置获取的结果页数
        num = int(input('[*] please input number of pages you want to retrieve : '))

        index = 0
        while True:
            try:
                # 将查询字符串和页数结合在一起构造URL
                if index == num:
                    break
                msg = '[{}/{}] fetch page: {}'.format(index+1, num, page)
                print(msg)

                api = 'https://api.zoomeye.org/host/search'
                # searchurl = '{}{}&page={}'.format(api, query, page)
                print('query==>', query)

                # 用于获取下一页的结果
                page += 1
                index += 1

                resp = requests.get(api, headers=headers, params={"query": query, "page": page})
                r_decoded = json.loads(resp.text)
                for x in r_decoded['matches']:
                    print(x['ip'], ':', x['portinfo']['port'])
                    self.ip_port_list.append(x['ip'] + ':' + str(x['portinfo']['port']))
            except Exception as e:
                # 若搜索请求超过 API 允许的最大条目限制 或者 全部搜索结束，则终止请求
                if str(e) == 'matches':
                    print('[-] info : account was break, excceeding the max limitations')
                    break
                else:
                    print('[-] info : ', str(e))
        self.save_result()
        pass

    def save_result(self):
        # 以当前运行脚本的时间创建文件,这样就可以保证脚本运行时创建的文件不会重名
        xtime = time.strftime("[%Y-%m-%d][%H.%M.%S]")
        ip_port_list_file = '{}.txt'.format(xtime)

        #  将ip:port写入文件中
        with open(ip_port_list_file, 'w') as fw:
            for line in self.ip_port_list:
                fw.write(line + '\n')
        pass


if __name__ == '__main__':
    zoomeye = ZoomEye()
    zoomeye.search()
    pass