信息搜集：网络空间搜索引擎（Shodan)语法及API应用案例

---

使用Python去调用Shodan的API接口可以实现自动化信息搜集，首先需要注册用户，在My Account中可以看到API Key。本例如下图：

初始化API：

import shodan
SHODAN_AIP_KEY = 'SXEuzFfIj612RyNE5NcOhTeAtNHznp4s'
shodan_api = shodan.Shodan(SHODAN_AIP_KEY)

初始化API之后就可以使用Shodan的库函数，下面整理一些常用函数，具体详细资料可以参考Shodan官方给出的API文档的API文档。

​ § shodan_api.count(query, facets=None): 查询结果的数量

§ shodan_api.host(ip, history=False): 获取一个IP的详细信息

§ shodan_api.ports(): 获取Shodan可查询的端口号

§ shodan_api.protocols(): 获取Shodan可查询的协议

§ shodan_api.services(): 获取Shodan可查询的服务

§ shodan_api.scan(ips, force=False): 使用Shodan进行扫描，ips 可以为字符或字典类型

运 行 环 境：

OS: macOS Monterey Version 12.3.1

IDE: PyCharm 2020.1

Python: Version 3.9.9

案例1

使用host方法获取指定IP的相关信息，代码如下：

#_*_coding:utf-8_*_
# 作者      ：liuxiaowei
# 创建时间   ：4/19/22 9:53 AM
# 文件      ：Shadon_api.py
# IDE      ：PyCharmimport shodan
import jsonSHODAN_API_KEY = 'SXEuzFfIj612RyNE5NcOhTeAtNHznp4s'
shodan_api = shodan.Shodan(SHODAN_API_KEY)
ip = shodan_api.host('8.8.8.8')
print(json.dumps(ip))

运行结果如下：

{"city": "Mountain View", "region_code": "CA", "os": null, "tags": [], "ip": 134744072, "isp": "Google LLC", "area_code": null, "longitude": -122.0775, "last_update": "2022-04-19T02:38:32.837618", "ports": [443, 53], "latitude": 37.4056, "hostnames": ["dns.google"], "country_code": "US", "country_name": "United States", "domains": ["dns.google"], "org": "Google LLC", "data": [{"hash": -553166942, "timestamp": "2022-04-18T07:23:42.652073", "isp": "Google LLC", "transport": "tcp", "data": "\nRecursion: enabled", "asn": "AS15169", "port": 53, "hostnames": ["dns.google"], "location": {"city": "Mountain View", "region_code": "CA", "area_code": null, "longitude": -122.0775, "latitude": 37.4056, "country_code": "US", "country_name": "United States"}, "dns": {"resolver_hostname": null, "recursive": true, "resolver_id": null, "software": null}, "ip": 134744072, "domains": ["dns.google"], "org": "Google LLC", "os": null, "_shodan": {"crawler": "2f5130275f52c94d38258ee96eca67b55cafa776", "options": {"scan": "KN95r4vTe8wly4MW"}, "id": "38b68de6-ce5c-4314-b7f7-58396ce221b8", "module": "dns-tcp", "ptr": true}, "opts": {}, "ip_str": "8.8.8.8"}, {"hash": -553166942, "timestamp": "2022-04-19T02:38:32.837618", "isp": "Google LLC", "transport": "udp", "data": "\nRecursion: enabled", "asn": "AS15169", "port": 53, "hostnames": ["dns.google"], "location": {"city": "Mountain View", "region_code": "CA", "area_code": null, "longitude": -122.0775, "latitude": 37.4056, "country_code": "US", "country_name": "United States"}, "dns": {"resolver_hostname": null, "recursive": true, "resolver_id": null, "software": null}, "ip": 134744072, "domains": ["dns.google"], "org": "Google LLC", "os": null, "_shodan": {"crawler": "d905ab419aeb10e9c57a336c7e1aa9629ae4a733", "options": {}, "id": "f7281fa0-1141-4376-a460-cd590a0ecec9", "module": "dns-udp", "ptr": true}, "opts": {"raw": "34ef818200010000000000000776657273696f6e0462696e640000100003"}, "ip_str": "8.8.8.8"}, {"hash": 1696509865, "http": {"status": 200, "robots_hash": null, "redirects": [{"host": "8.8.8.8", "data": "HTTP/1.1 302 Found\r\nX-Content-Type-Options: nosniff\r\nAccess-Control-Allow-Origin: *\r\nLocation: https://dns.google/\r\nDate: Tue, 19 Apr 2022 00:52:38 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nServer: HTTP server (unknown)\r\nContent-Length: 216\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\nAlt-Svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\n\r\n", "location": "/"}], "securitytxt": null, "title": "Google Public DNS", "sitemap_hash": null, "html_hash": -2021997909, "robots": null, "favicon": {"hash": 56641965, "data": "https://dns.google:443/static/93dd5954/favicon.png"}, "headers_hash": 818523308, "host": "ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99"], "jarm": YYWjm0QvEQzYc24\n-----END "dabffa9af7941654c1dba20b34d77fe371c156d0f67f6c7a17478c711d01d97d", "sha1": "635ae6c71205980a921a20b65f2a15216998de01"}, "serial": 73727805016154393975703427613934250457, "subject": {"CN": "dns.google"}, "pubkey": {"type": "rsa", "bits": 2048}, "issuer": {"C": "US", "CN": "GTS CA 1C3", "O": "Google Trust Services LLC"}}, "cipher": {"version": "TLSv1/SSLv3", "bits": 128, "name": "ECDHE-RSA-AES128-GCM-SHA256"}, "trust": {"revoked": false, "browser": {"mozilla": true, "apple": true, "microsoft": true}}, "handshake_states": ["before/connect initialization", "SSLv2/v3 write client hello", "SSLv2/v3 read server hello", "SSLv3/TLS read server hello", "SSLv3/TLS read server certificate", "SSLv3/TLS read server key exchange", "SSLv3/TLS read server done", "SSLv3/TLS write client key exchange", "SSLv3/TLS write change cipher spec", "SSLv3/TLS write finished", "SSLv3/TLS flush data", "SSLv3/TLS read server session ticket", "SSLv3/TLS read finished", "SSL negotiation finished successfully"], "alpn": ["grpc-exp", "h2", "http/1.1"], "ocsp": {}}, "hostnames": ["dns.google"], "transport": "tcp", "ip": 134744072, "domains": ["dns.google"], "ip_str": "8.8.8.8", "os": null, "_shodan": {"crawler": "6d5195c331613d103027c23dc52e6d32fd2a74af", "options": {}, "id": "4979ad21-a189-4b14-ae5c-171190ca8bbb", "module": "https", "ptr": true}, "opts": {"vulns": [], "heartbleed": "2022/04/19 00:53:42 8.8.8.8:443 - SAFE\n"}, "location": {"city": "Mountain View", "region_code": "CA", "area_code": null, "longitude": -122.0775, "latitude": 37.4056, "country_code": "US", "country_name": "United States"}}], "asn": "AS15169", "ip_str": "8.8.8.8"}

案例2

搜索JAWS摄像头，将IP和端口打印出来，代码如下：

#_*_coding:utf-8_*_
# 作者      ：liuxiaowei
# 创建时间   ：4/19/22 10:23 AM
# 文件      ：shadon_api_webcam.py
# IDE      ：PyCharmimport shodan
import jsonSHODAN_AIP_KEY = 'z0AN9iiu3CmzLeFuStYHPGB7gNJw3Kt3'
shodan_api = shodan.Shodan(SHODAN_AIP_KEY)results = shodan_api.search('JAWS/1.0')
print(f'Results found:{results["total"]}')for result in results['matches']:print(result['ip_str'] + ":" + str(result['port']))

运行结果如下：

(venv) (base) liuxiaowei@MacBookAir 网络空间搜索 % python shadon_api_webcam.py 
Results found:75470
14.*.*.140:8081
149.*.*.142:4808
212.*.*.4:8081
149.*.*.245:9221
185.*.*.181:9000
125.*.*.98:80
159.*.*.176:7443
178.*.*.210:60001
88.*.*.57:49152