WingsSec/Meppo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add hunterapi

Browse Source
This commit is contained in:
RabbitMask
2022-04-08 17:09:05 +08:00
parent b1919a4b24
commit e58415930d
4 changed files with 112 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
Config/config_api.py
View File

@@ -7,6 +7,7 @@
| _ < (_| | |_) | |_) | | |_| | | | (_| \__ \ <
|_| \_\__,_|_.__/|_.__/|_|\__|_| |_|\__,_|___/_|\_\
'''
# Seek 配置信息
########################################################################################################################
# Shodan 配置信息 Shodan 一美元账户最高设置为1000
@@ -14,8 +15,14 @@ SHODAN_API_KEY = ''
########################################################################################################################
# Seek 配置信息
# Fofa 配置信息
FOFA_EAMIL=''
FOFA_API_KEY=''
########################################################################################################################
# Hunter 配置信息
HUNTER_USERNAME=''
HUNTER_API_KEY=''
########################################################################################################################

30
Framework/console_main.py
View File

@@ -9,10 +9,10 @@
'''
import argparse
from Config.config_api import FOFA_API_KEY, SHODAN_API_KEY
from Config.config_api import FOFA_API_KEY, SHODAN_API_KEY, HUNTER_API_KEY
from Config.config_print import status_print
from Framework import console_attack
from Seek import fofaapi, shodanapi
from Seek import fofaapi, shodanapi, hunterapi
from Framework.console_attack import get_urls
from Framework.console_list import moudle_list, payload_list, payload_list_all
from Moudle.Moudle_index import *
@@ -38,6 +38,7 @@ def Console():
#资产爬取模块
M_SEEK.add_argument("-fofa", dest='fofa',help="资产爬取")
M_SEEK.add_argument("-hunter", dest='hunter',help="资产爬取")
M_SEEK.add_argument("-shodan", dest='shodan',help="资产爬取")
M_SEEK.add_argument("-num", dest='num',help="资产数量")
@@ -56,10 +57,10 @@ def Console():
fofaapi.run(args.fofa,1000)
else:
status_print("如需使用FofaAPI请在Config/config_api下完成相关配置",2)
except:
status_print("如需使用FofaAPI请在Config/config_api下完成相关配置",2)
except Exception as e:
status_print("FofaAPI发生错误,%s"%e,3)
elif args.shodan:
# try:
try:
if SHODAN_API_KEY:
if args.num and int(args.num) > 1000:
status_print("Num Don't > 1000 PLS~",2)
@@ -69,8 +70,21 @@ def Console():
shodanapi.run(args.shodan,1000)
else:
status_print("如需使用ShodanAPI请在Config/config_api下完成相关配置",2)
# except:
# print("如需使用ShodanAPI请在Config/config_api下完成相关配置")
except Exception as e:
status_print("ShodanAPI发生错误%s" % e, 3)
elif args.hunter:
try:
if HUNTER_API_KEY:
if args.num and int(args.num) > 10000:
status_print("Num Don't > 10000 PLS~",2)
elif args.num and int(args.num) <= 1000:
hunterapi.run(args.hunter, args.num)
else:
hunterapi.run(args.hunter,1000)
else:
status_print("如需使用HunterAPI请在Config/config_api下完成相关配置",2)
except Exception as e:
status_print("HunterAPI发生错误%s" % e, 3)
elif args.poc:
try:
if args.url:
@@ -108,6 +122,8 @@ def Console():
"\n\tpython Meppo.py -m xxx -f targets.txt\t\t多目标 模块监测"
"\n\tpython Meppo.py -fofa APP=\"DEMO\"\t\tFOFA API 报告导出 num默认1000"
"\n\tpython Meppo.py -fofa APP=\"DEMO\" -num 100\tFOFA API 报告导出 自定义数量"
"\n\tpython Meppo.py -hunter APP=\"DEMO\"\t\tHUNTER API 报告导出 num默认1000"
"\n\tpython Meppo.py -hunter APP=\"DEMO\" -num 100\tSHODAN HUNTER 报告导出 自定义数量"
"\n\tpython Meppo.py -shodan APP=\"DEMO\"\t\tSHODAN API 报告导出 num默认1000"
"\n\tpython Meppo.py -shodan APP=\"DEMO\" -num 100\tSHODAN API 报告导出 自定义数量",5)

4
README.md
View File

@@ -33,6 +33,8 @@ Usage:
python Meppo.py -m xxx -f targets.txt 多目标 模块监测
python Meppo.py -fofa APP="DEMO" FOFA API 报告导出 num默认1000
python Meppo.py -fofa APP="DEMO" -num 100 FOFA API 报告导出 自定义数量
python Meppo.py -hunter APP="DEMO" HUNTER API 报告导出 num默认1000
python Meppo.py -hunter APP="DEMO" -num 100 SHODAN HUNTER 报告导出 自定义数量
python Meppo.py -shodan APP="DEMO" SHODAN API 报告导出 num默认1000
python Meppo.py -shodan APP="DEMO" -num 100 SHODAN API 报告导出 自定义数量
@@ -63,8 +65,10 @@ options:
资产爬取模块:
-fofa FOFA 资产爬取
-hunter HUNTER 资产爬取
-shodan SHODAN 资产爬取
-num NUM 资产数量
```
```angular2html
_____

77
Seek/hunterapi.py Normal file
View File

@@ -0,0 +1,77 @@
import base64
import datetime
from time import sleep
import requests
from Config.config_api import HUNTER_USERNAME, HUNTER_API_KEY
from Config.config_decorators import Save_Csv
from Config.config_print import status_print
start_time=((datetime.datetime.now() - datetime.timedelta(365)).strftime("%Y-%m-%d %H:%M:%S"))
end_time=(datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S"))
def huntersearch(keyword,page,size):
reslist=[]
bkeyword = bytes(keyword, encoding="utf8")
bs64 = base64.urlsafe_b64encode(bkeyword)
bs64 = bs64.decode()
res=requests.get('https://hunter.qianxin.com/openApi/search?username={}&api-key={}&search={}&page={}&page_size={}&is_web=1&start_time={}&end_time={}'.format(HUNTER_USERNAME,HUNTER_API_KEY,bs64,str(page),str(size),start_time,end_time))
result = res.json()['data']
for i in result['arr']:
dic = {}
dic['host'] = i['url']
dic['ip'] = i['ip']
dic['port'] = i['port']
dic['country'] = i['country']
dic['city'] = i['city']
server=''
try:
for j in i['component']:
server=server+j['name']+" : "+j['version']+'\t'
except:
pass
dic['server'] = server
dic['title'] = i['web_title']
reslist.append(dic)
print(dic)
consume_quota=result['consume_quota']
rest_quota=result['rest_quota']
status_print(consume_quota +'\t'+rest_quota,0)
return reslist,result['total']
def hunterapi(keyword,num):
reslist=[]
if int(num)<= 100:
reslist = reslist + huntersearch(keyword,1,num)[0]
else:
a,b=huntersearch(keyword, 1, 100)
reslist = reslist + a
tmp=int(b) // 100
if tmp == 0:
pages = (int(b) // 100)
else:
pages = (int(b) // 100) + 1
tmp=int(num) % 100
if tmp == 0 :
needpage = (int(num) // 100)
else:
needpage = (int(num) // 100) + 1
sleep(3)
for i in range(pages):
if i + 2 > needpage:
break
sleep(3)
reslist = reslist + huntersearch(keyword, i + 2,100)[0]
return reslist
@Save_Csv
def run(keyword,num):
return hunterapi(keyword,num)
if __name__ == '__main__':
(hunterapi('title="北京"',1))