fofa 0.3.15 → 0.3.17

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3702c8e5ab5d5135d9fbb5a704d664a5e1204ae3
-  data.tar.gz: 84e1115974c19064259ee09203955b018721098c
+  metadata.gz: c547727d9ed816e3d644f0416cc146bf6e856914
+  data.tar.gz: 4b972ee2dc95eefadfe1233d4ab01cd912c790d1
 SHA512:
-  metadata.gz: 5d311b9c353802d07313c945b7a1d89e06dac4cc794d2a34b486b42ae9f90a69c3eb66bb6df79ade84c13c71ae1efbdac711ff09118daefb9d1ec8ebd8f27890
-  data.tar.gz: 05dafa6ddca51d34bc9a9723e83762b4a2e7aaca0bd31f012220d8ec5171394f7b12dc93f18bc8a683cde3061d8bba64ef337dd99453a4d9c563f58957963a60
+  metadata.gz: e3650e6c08280779282fd7865c912d9e2ec152ca3b8aea318e43f7a6e70014ca32308b7a38de9a45edb2b9e27434dc74fba6c9d2811f05648aea9ba7acff7863
+  data.tar.gz: 2e919a75409e0c1a6fc7ee1eba8f9c094f630c061eaabbfa2d84e56519efe98c9583040177503eb48a701f9bf18c913c0419c5d77908c4249a28a05cba5a79b3

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    fofa (0.3.14)
+    fofa (0.3.16)
       colorize
       concurrent-ruby
 
@@ -38,4 +38,4 @@ DEPENDENCIES
   rspec (~> 3.0)
 
 BUNDLED WITH
-   1.14.6
+   1.15.1

data/bin/fofacli

@@ -18,7 +18,10 @@ options = {
   fields: 'host',
   post: false,
   query: nil,
-	format: 'csv'
+	format: 'csv',
+	check_app_category: nil,
+  check_app_application: nil,
+	check_app_all: false
 }
 
 ARGV.options do |opts|
@@ -39,7 +42,7 @@ ARGV.options do |opts|
 			options[:page] = val.to_i
 	end
 
-	opts.on('-m', '--mode=MODE', String, 'Mode, default to [search], -m should be specified when [import_service, query_ip_list] ') do |val|
+	opts.on('-m', '--mode=MODE', String, 'Mode, default to [search], -m should be specified when [import_service, query_ip_list, check_app] ') do |val|
 			options[:mode] = val.to_sym
 	end
 
@@ -67,6 +70,16 @@ ARGV.options do |opts|
 		raise "File not exist of #{val}" unless File.exists? val
     options[:query] = File.read(val).strip
 		options[:post] = true
+  end
+
+	opts.on('-l', "--application=APPLICATION", String, "Application to check, only used in check_app mode." ) do |val|
+		options[:check_app_application] = val
+		options[:mode] = :check_app
+  end
+
+	opts.on('-g', "--category=CATEGORY", String, "Category to check, only used in check_app mode." ) do |val|
+		options[:check_app_category] = val
+		options[:mode] = :check_app
 	end
 	
 	opts.separator "Common Options:"
@@ -84,6 +97,12 @@ ARGV.options do |opts|
 		options[:verbose] = true
   end
 
+	opts.on( nil, "--check_app_all", "Check all applications, only used in check_app mode." ) do
+		options[:check_app_all] = true
+	end
+
+
+
 	opts.separator ""
 	opts.separator "For example:"
 	opts.separator "\t fofacli -e aaa@bbb.com -a xxx domain=\"baidu.com\""
@@ -91,7 +110,7 @@ ARGV.options do |opts|
 	opts.separator "\t fofacli -e aaa@bbb.com -a xxx --query_file /tmp/fofaquery"
 	opts.separator "\t fofacli -e aaa@bbb.com -a xxx -d ip,domain,title,port,protocol -m query_ip_list -f ip.txt"
 	opts.separator %Q@\t cat vapps.txt | xargs -I{} -n 1 sh -c 'fofacli "app=$1" -d host,ip,port,country,province,city -s 1000 -o json -v > "$1.txt"' -- {}@
-	
+
 	begin
 		opts.parse!
 	rescue OptionParser::InvalidOption => e
@@ -227,5 +246,18 @@ case options[:mode]
     } #File
 		pool.shutdown
 		pool.wait_for_termination
+  when :check_app
+		query = options[:query] || ARGV.join(' ')
+		res = Fofa::API.new(options[:email], options[:apikey], {debug:options[:verbose]})
+				.check_app(query, {
+						category:options[:check_app_category],
+						application:options[:check_app_application],
+						all:options[:all],
+				})
+
+		res.each{|r|
+			log_record(options, r)
+		}
+
 end
 

data/lib/fofa.rb

@@ -33,10 +33,7 @@ module Fofa
     		url += "&qbase64=#{Base64.encode64(query)}" unless options[:post]
         puts url if @options[:debug]
     		uri = URI.parse(url)
-        http = Net::HTTP.new(uri.host, uri.port)
-        if uri.scheme == 'https'
-          http.use_ssl = true
-        end
+        http = http_new(uri)
 
         if options[:post]
           req = Net::HTTP::Post.new(uri.request_uri)
@@ -106,11 +103,7 @@ module Fofa
       url = "#{@api_server}/api/v1/import/services?key=#{@apikey}&email=#{@email}&port=#{options[:port]}"
       puts url if @options[:debug]
       uri = URI.parse(url)
-      http = Net::HTTP.new(uri.host, uri.port)
-      if uri.scheme == 'https'
-        http.use_ssl = true
-      end
-      http.set_debug_output $stderr if @options[:debug]
+      http = http_new(uri)
 
       File.open(file) do |f|
         results = [] 
@@ -139,5 +132,63 @@ module Fofa
       {"error"=>"Error: #{e.to_s}"}
     end
 
+    # Check applications of asset
+    #
+    # Example:
+    #   >> Fofa::API.new(email,apikey).checkapp("mail.tsinghua.edu.cn", category:"邮件系统")
+    #   => ["Coremail"]
+    #
+    # Arguments:
+    #   host: (String) Category name
+    #   options: (Hash) category: Category name, application: Application name, all: return all applications or break when match first
+    def check_app(host, options={})
+      options = {all:false}.merge(options)
+      url = "#{@api_server}/api/v1/search/checkapp?key=#{@apikey}&email=#{@email}&host=#{host}"
+      url += "&all=#{options[:all]}" if options[:all]
+      url += "&application=#{URI.escape(options[:application])}" if options[:application]
+      url += "&category=#{URI.escape(options[:category])}" if options[:category]
+      puts url if @options[:debug]
+      uri = URI.parse(url)
+      http = http_new(uri)
+      req = Net::HTTP::Get.new(uri.request_uri)
+      resp = http.request(req)
+      JSON.parse(resp.body)
+
+      # File.open(file) do |f|
+      #   results = []
+      #   f.each_line.lazy.each_with_index do |line, i|
+      #
+      #     line = line.strip
+      #     if m = /Discovered open port (?<port>.*?)\/tcp on (?<host>.*?)$/.match(line)
+      #       hostinfo = "#{m[:host]}:#{m[:port]}"
+      #     elsif line.include?(':')
+      #       hostinfo = line
+      #     else
+      #       hostinfo = "#{line}:#{options[:port]}"
+      #     end
+      #
+      #     results << line
+      #     if i % split_size == 0
+      #       req = Net::HTTP::Post.new(uri.request_uri)
+      #       req.body = results.join("\n")
+      #       resp = http.request(req)
+      #       puts resp if @options[:debug]
+      #       results = []
+      #     end
+      #   end
+      # end
+    rescue => e
+      {"error"=>"Error: #{e.to_s}"}
+    end
+
+    private
+    def http_new(uri)
+      http = Net::HTTP.new(uri.host, uri.port)
+      if uri.scheme == 'https'
+        http.use_ssl = true
+      end
+      http.set_debug_output $stderr if @options[:debug]
+      http
+    end
   end
 end

data/lib/fofa/version.rb

@@ -1,3 +1,6 @@
+# 0.3.17
+#   add checkapp api call
+#
 # 0.3.15
 #   fixed query encode bug of '&&'
 #
@@ -25,5 +28,5 @@
 # 0.3.6
 #   add fields
 module Fofa
-  VERSION = "0.3.15"
+  VERSION = "0.3.17"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: fofa
 version: !ruby/object:Gem::Version
-  version: 0.3.15
+  version: 0.3.17
 platform: ruby
 authors:
 - fofa