fofa 0.3.13 → 0.4.20

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 46230a00b448e0d6fa729755b2d1b3c03c5450c5
-  data.tar.gz: 7841106b219d240133f9741f4618df11349dcede
+SHA256:
+  metadata.gz: d545f5e3f2e72200759bf4f2f113cf4ae3933cacc79e7436db2948fca942f092
+  data.tar.gz: e72a5f234fdd0d8ffc0319140dd1e9a5493f53da7c0d212c19807be4a516f0b9
 SHA512:
-  metadata.gz: d758ac844158fb49512e24c36587c4ff22562c5ddf33d7f5fa028d383b2dcc8d79262937917cdafe56b6481273857d98129a8ede3335072dadf04e0e494127da
-  data.tar.gz: 935ca8c4e45adf3835057f0a6bda9050e9049686ec7971de51b90e9a5e76e95207b529d299c5177b282268695c6a9b8baf97013c8a1052b4bf2183224d8dd72f
+  metadata.gz: 0f610a997d2fc71c76c2d960426d1fc80346a19ef306d808c8e7a09175cd4e625105a108d4534a4dc01e49546b4f730cc05014c28ffed22e87ac5bdf364fabda
+  data.tar.gz: c768c528f1ba58e8e5823df16e4b2ea533800057c24411f0d47989ef3f0ef117e162073e60348ac4eb31840b0e03ba49ec349d4c4b09e67e892459e0f84c740b

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    fofa (0.3.12)
+    fofa (0.3.19)
       colorize
       concurrent-ruby
 
@@ -38,4 +38,4 @@ DEPENDENCIES
   rspec (~> 3.0)
 
 BUNDLED WITH
-   1.14.6
+   1.16.4

data/bin/fofacli

@@ -18,7 +18,11 @@ options = {
   fields: 'host',
   post: false,
   query: nil,
-	format: 'csv'
+	format: 'csv',
+	check_app_category: nil,
+  check_app_application: nil,
+	check_app_all: false,
+	task_id: nil
 }
 
 ARGV.options do |opts|
@@ -39,12 +43,16 @@ ARGV.options do |opts|
 			options[:page] = val.to_i
 	end
 
-	opts.on('-m', '--mode=MODE', String, 'Mode, default to [search], -m should be specified when [import_service, query_ip_list] ') do |val|
+	opts.on('-m', '--mode=MODE', String, 'Mode, default to [search], -m should be specified when [import_service, query_ip_list, check_app, ip_tags] ') do |val|
 			options[:mode] = val.to_sym
 	end
 
-	opts.on('-f', '--file=FILE', String, 'Used at [import_service] mode') do |val|
+	opts.on('-f', '--file=FILE', String, 'Used at [import_service, check_app, ip_tags] mode') do |val|
 			options[:file] = val
+  end
+
+	opts.on('-t', '--task_id=ID', Integer, 'Used at [ip_tags] mode') do |val|
+		options[:task_id] = val.to_i
 	end
 
 	opts.on('-s', '--limit=SIZE', Integer, "Limit size to fetch, default to #{options[:limit]}") do |val|
@@ -67,7 +75,17 @@ ARGV.options do |opts|
 		raise "File not exist of #{val}" unless File.exists? val
     options[:query] = File.read(val).strip
 		options[:post] = true
-	end
+  end
+
+	opts.on('-l', "--application=APPLICATION", String, "Application to check, only used in check_app mode." ) do |val|
+		options[:check_app_application] = val
+		options[:mode] = :check_app
+  end
+
+	opts.on('-g', "--category=CATEGORY", String, "Category to check, only used in check_app mode." ) do |val|
+		options[:check_app_category] = val
+		options[:mode] = :check_app
+  end
 	
 	opts.separator "Common Options:"
 
@@ -84,6 +102,17 @@ ARGV.options do |opts|
 		options[:verbose] = true
   end
 
+	opts.on( "-V", "--version", "Display version" ) do
+    puts "Version: #{Fofa::VERSION}"
+    exit(0)
+	end
+
+	opts.on( nil, "--check_app_all", "Check all applications, only used in check_app mode." ) do
+		options[:check_app_all] = true
+  end
+
+
+
 	opts.separator ""
 	opts.separator "For example:"
 	opts.separator "\t fofacli -e aaa@bbb.com -a xxx domain=\"baidu.com\""
@@ -91,7 +120,10 @@ ARGV.options do |opts|
 	opts.separator "\t fofacli -e aaa@bbb.com -a xxx --query_file /tmp/fofaquery"
 	opts.separator "\t fofacli -e aaa@bbb.com -a xxx -d ip,domain,title,port,protocol -m query_ip_list -f ip.txt"
 	opts.separator %Q@\t cat vapps.txt | xargs -I{} -n 1 sh -c 'fofacli "app=$1" -d host,ip,port,country,province,city -s 1000 -o json -v > "$1.txt"' -- {}@
-	
+	opts.separator "\t fofacli -m check_app --app \"Coremail\" mail.tsinghua.edu.cn"
+	opts.separator "\t fofacli -e aaa@bbb.com -a xxx -m ip_tags -f ./ip.txt"
+	opts.separator "\t fofacli -e aaa@bbb.com -a xxx -m ip_tags -t 1"
+
 	begin
 		opts.parse!
 	rescue OptionParser::InvalidOption => e
@@ -227,5 +259,86 @@ case options[:mode]
     } #File
 		pool.shutdown
 		pool.wait_for_termination
+  when :check_app
+		query = options[:query] || ARGV.join(' ')
+		fofa = Fofa::API.new(options[:email], options[:apikey], {debug:options[:verbose]})
+		if options[:file]
+			File.open(options[:file]){|f|
+        f.each_line{|line|
+					query = line.strip
+					res = fofa.check_app(query, {
+							category:options[:check_app_category],
+							application:options[:check_app_application],
+							all:options[:all],
+					})
+
+          if res && res.size>0
+						res.each{|r|
+							log_record(options, [query, r])
+						}
+          else
+						log_record(options, [query, nil])
+          end
+
+        }
+      }
+    else
+			res = fofa.check_app(query, {
+					category:options[:check_app_category],
+					application:options[:check_app_application],
+					all:options[:all],
+			})
+
+			if res && res.size>0
+				res.each{|r|
+					log_record(options, r)
+				}
+      else
+        $stderr.puts "[WARNING] No result!"
+      end
+
+    end
+	when :ip_tags
+		fofa = Fofa::API.new(options[:email], options[:apikey], {debug:options[:verbose]})
+    if options[:task_id]
+			task_id = options[:task_id]
+    else
+			unless options[:file]
+				puts "File not specified.".red
+				puts ARGV.options
+				exit -1
+			end
+			puts "Import ip and get tags from '#{options[:file]}'"
+			result = fofa.ip_tags(options[:file])
+			if result['error']
+				puts result
+				exit -1
+      end
+			puts result
+			task_id = result['task_id']
+    end
+
+    if task_id
+      get_info = -> (fofa, id) { fofa.tag_info(id) }
+      puts "Checking progress!"
+      sleep(2)
+
+      loop do
+				info = get_info.call(fofa, task_id)
+				if info['error']
+					puts info
+					break
+        elsif info['progress'].to_i == 100
+					puts "state: #{info['state']}; progress: #{info['progress']}."
+					puts info['download_url']
+					break
+        else
+          puts "state: #{info['state']}; progress: #{info['progress']}."
+          sleep(10)
+				end
+      end
+
+    end
+
 end
 

data/lib/fofa.rb

@@ -1,6 +1,7 @@
 require "fofa/version"
 require 'net/http'
 require 'json'
+require 'base64'
 
 module Fofa
   class API
@@ -29,13 +30,10 @@ module Fofa
         options = {page:1, size:100, fields:'host'}.merge(options)
 
     		url = "#{@api_server}/api/v1/search/all?key=#{@apikey}&email=#{@email}&page=#{options[:page]}&size=#{options[:size]}&fields=#{options[:fields]}"
-    		url += "&q=#{URI.escape(query)}" unless options[:post]
+    		url += "&qbase64=#{Base64.encode64(query)}" unless options[:post]
         puts url if @options[:debug]
     		uri = URI.parse(url)
-        http = Net::HTTP.new(uri.host, uri.port)
-        if uri.scheme == 'https'
-          http.use_ssl = true
-        end
+        http = http_new(uri)
 
         if options[:post]
           req = Net::HTTP::Post.new(uri.request_uri)
@@ -47,6 +45,7 @@ module Fofa
         resp = http.request(req)
         JSON.parse(resp.body)
     rescue => e
+      $stderr.puts "[WARNING]: #{e.to_s}"
     	{"error"=>"Error: #{e.to_s}"}
     end
 
@@ -104,11 +103,7 @@ module Fofa
       url = "#{@api_server}/api/v1/import/services?key=#{@apikey}&email=#{@email}&port=#{options[:port]}"
       puts url if @options[:debug]
       uri = URI.parse(url)
-      http = Net::HTTP.new(uri.host, uri.port)
-      if uri.scheme == 'https'
-        http.use_ssl = true
-      end
-      http.set_debug_output $stderr if @options[:debug]
+      http = http_new(uri)
 
       File.open(file) do |f|
         results = [] 
@@ -137,5 +132,99 @@ module Fofa
       {"error"=>"Error: #{e.to_s}"}
     end
 
+    # Check applications of asset
+    #
+    # Example:
+    #   >> Fofa::API.new(email,apikey).checkapp("mail.tsinghua.edu.cn", category:"邮件系统")
+    #   => ["Coremail"]
+    #
+    # Arguments:
+    #   host: (String) Category name
+    #   options: (Hash) category: Category name, application: Application name, all: return all applications or break when match first
+    def check_app(host, options={})
+      options = {all:false}.merge(options)
+      url = "#{@api_server}/api/v1/search/checkapp?key=#{@apikey}&email=#{@email}&host=#{host}"
+      url += "&all=#{options[:all]}" if options[:all]
+      url += "&application=#{URI.escape(options[:application])}" if options[:application]
+      url += "&category=#{URI.escape(options[:category])}" if options[:category]
+      puts url if @options[:debug]
+      uri = URI.parse(url)
+      http = http_new(uri)
+      req = Net::HTTP::Get.new(uri.request_uri)
+      resp = http.request(req)
+      JSON.parse(resp.body)
+    rescue => e
+      {"error"=>"Error: #{e.to_s}"}
+    end
+
+    # Import ip and get tags
+    #
+    # Example:
+    #   >> Fofa::API.new(email,apikey).ip_tags('./ips.txt')
+    #   => {"task_id"=>1}
+    #
+    # Arguments:
+    #   file: (String) ip file
+    def ip_tags(file)
+      url = "#{@api_server}/api/v1/ip_tags?key=#{@apikey}&email=#{@email}"
+      puts url if @options[:debug]
+
+      # Token used to terminate the file in the post body. Make sure it is not
+      # present in the file you're uploading.
+      # You might want to use `SecureRandom` class to generate this random strings
+      boundary = "AaB03x"
+      uri = URI.parse(url)
+
+      post_body = []
+      post_body << "--#{boundary}\r\n"
+      post_body << "Content-Disposition: form-data; name=\"file\"; filename=\"#{File.basename(file)}\"\r\n"
+      post_body << "Content-Type: text/plain\r\n"
+      post_body << "\r\n"
+      post_body << File.read(file)
+      post_body << "\r\n--#{boundary}--\r\n"
+
+      http = http_new(uri)
+      req = Net::HTTP::Post.new(uri.request_uri)
+      req.body = post_body.join
+      req["Content-Type"] = "multipart/form-data, boundary=#{boundary}"
+
+      resp = http.request(req)
+      puts resp if @options[:debug]
+      JSON.parse(resp.body)
+    rescue => e
+      {"error"=>"Error: #{e.to_s}"}
+    end
+
+    # Check ip_tags's task state, progress, and download_url
+    #
+    # Example:
+    #   >> Fofa::API.new(email,apikey).tag_info(1)
+    #   => {"state"=>"success", "progress"=>100, "download_url"=>"https://host/xxx/56af409c1c55762a7b9e9a39a801f80d.json"}
+    #
+    # Arguments:
+    #   task_id: (Integer) task id
+    def tag_info(task_id)
+      url = "#{@api_server}/api/v1/ip_tags/info?key=#{@apikey}&email=#{@email}&task_id=#{task_id}"
+      puts url if @options[:debug]
+      uri = URI.parse(url)
+      http = http_new(uri)
+      req = Net::HTTP::Get.new(uri.request_uri)
+
+      resp = http.request(req)
+      JSON.parse(resp.body)
+    rescue => e
+      $stderr.puts "[WARNING]: #{e.to_s}"
+      {"error"=>"Error: #{e.to_s}"}
+    end
+
+    private
+    def http_new(uri)
+      http = Net::HTTP.new(uri.host, uri.port)
+      if uri.scheme == 'https'
+        http.use_ssl = true
+      end
+      http.set_debug_output $stderr if @options[:debug]
+      http
+    end
   end
 end

data/lib/fofa/version.rb

@@ -1,3 +1,21 @@
+# 0.4.20
+#   add -V option, and ip_tags method need to upgrade major version
+#
+# 0.3.19
+#   add feature: ip_tags, tag_info
+#
+# 0.3.18
+#   add feature: check applications from file
+#
+# 0.3.17
+#   add checkapp api call
+#
+# 0.3.15
+#   fixed query encode bug of '&&'
+#
+# 0.3.14
+#   fixed bug of search_all yield when size reached
+#
 # 0.3.13
 #   search_all yield with all size
 #
@@ -19,5 +37,5 @@
 # 0.3.6
 #   add fields
 module Fofa
-  VERSION = "0.3.13"
+  VERSION = "0.4.20"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: fofa
 version: !ruby/object:Gem::Version
-  version: 0.3.13
+  version: 0.4.20
 platform: ruby
 authors:
 - fofa
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-05-16 00:00:00.000000000 Z
+date: 2020-06-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -106,7 +106,7 @@ homepage: https://fofa.so
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -121,9 +121,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.3
-signing_key: 
+rubygems_version: 3.0.6
+signing_key:
 specification_version: 4
 summary: A Ruby library to interact with the FOFA API. https://fofa.so
 test_files: []