shodanz 2.0.1 → 2.0.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 32aa0999f1cb087637e0abe8428bd70592f22a3761da87be09bcf1a2bd8c2d37
-  data.tar.gz: a6d8a053446c3163bb3ee7630c5663510e6568469cd0569e6c6d4ad67d1873a3
+  metadata.gz: 6e20a19dd003d869e2c49037298314d78161c8b4d64d63057b90e34654a695dc
+  data.tar.gz: a3478a19294e1b3a8bba8d97b9903429ebefa8d0520c300802eb8293fcb8b578
 SHA512:
-  metadata.gz: d3c5e27187e510f5b811bee421194b269bcc1092bc4b212c7a172c342f1b6a4c932314e5198e89b16509ce6c1345714e232461e4c3b34de1bf2262797a435bdf
-  data.tar.gz: d66f4fc7e68963a54870b789a1b63ada8ffe3174947f6b641dfa8b43547d77ef37b73fc16ff7c4f8715244be8449037dcc5fa2b7028cf50424b43a6004c4297b
+  metadata.gz: 07aa5fa81751be8cf85ac4c048c1343bccc2f22fe1ef315d56eaa9fb69bdea8a0c0f9c02f0fd431f4480f7b4c10bc102346cb7169784f6cbadf3c71a47744376
+  data.tar.gz: 0b31ab27f9fc15b49d1b0ca7ba73c4964aa4569fddd65db6ed887ffefb1f9dff593b3b26ad26e9d8d2d0bd7e1762f017424ac56036e0b0378f78730140b0da25

data/.github/dependabot.yml

@@ -0,0 +1,15 @@
+version: 2
+updates:
+- package-ecosystem: bundler
+  directory: "/"
+  schedule:
+    interval: daily
+    time: "10:00"
+  open-pull-requests-limit: 10
+  ignore:
+  - dependency-name: async-http
+    versions:
+    - 0.55.0
+  - dependency-name: pry
+    versions:
+    - 0.14.0

data/.github/workflows/ci.yml

@@ -1,18 +1,22 @@
 name: CI
 
 on:
-  member:
   push:
     branches:
     - master
+  pull_request:
+    branches:
+    - master
   schedule:
   - cron: "0 9 * * *"
 
 jobs:
   test:
-
+    if: |
+      github.actor == 'picatz' ||
+      github.actor == 'dependabot[bot]' ||
+      github.actor == 'dependabot-preview[bot]'
     runs-on: ubuntu-latest
-
     steps:
     - uses: actions/checkout@v1
     - name: Set up Ruby 2.7

data/README.md

@@ -2,6 +2,7 @@
 
 [![Gem Version](https://badge.fury.io/rb/shodanz.svg)](https://badge.fury.io/rb/shodanz)
 [![Yard Docs](http://img.shields.io/badge/shodanz-docs-blue.svg)](https://www.rubydoc.info/gems/shodanz/)
+![CI](https://github.com/picatz/shodanz/workflows/CI/badge.svg)
 
 A modern, async Ruby [gem](https://rubygems.org/) for [Shodan](https://www.shodan.io/), the world's first search engine for Internet-connected devices.
 
@@ -289,10 +290,10 @@ The Exploits API provides access to several exploit/ vulnerability data sources.
 Search across a variety of data sources for exploits and use facets to get summary information.
 
 ```ruby
-client.search("python")             # Search for Snek vulns.
-client.search(post: 22)             # Port number for the affected service if the exploit is remote.
-client.search(type: "shellcode")    # A category of exploit to search for.
-client.search(osvdb: "100007")      # Open Source Vulnerability Database ID for the exploit.
+client.exploits_api.search("python")             # Search for python vulns.
+client.exploits_api.search(port: 22)             # Port number for the affected service if the exploit is remote.
+client.exploits_api.search(type: "shellcode")    # A category of exploit to search for.
+client.exploits_api.search(osvdb: "100007")      # Open Source Vulnerability Database ID for the exploit.
 ```
 
 #### Count
@@ -300,10 +301,10 @@ client.search(osvdb: "100007")      # Open Source Vulnerability Database ID for
 This method behaves identical to the Exploits API `search` method with the difference that it doesn't return any results.
 
 ```ruby
-client.count("python")             # Count Snek vulns.
-client.count(port: 22)             # Port number for the affected service if the exploit is remote.
-client.count(type: "shellcode")    # A category of exploit to search for.
-client.count(osvdb: "100007")      # Open Source Vulnerability Database ID for the exploit.
+client.exploits_api.count("python")             # Count python vulns.
+client.exploits_api.count(port: 22)             # Port number for the affected service if the exploit is remote.
+client.exploits_api.count(type: "shellcode")    # A category of exploit to search for.
+client.exploits_api.count(osvdb: "100007")      # Open Source Vulnerability Database ID for the exploit.
 ```
 
 ## License

data/lib/shodanz/apis/exploits.rb

@@ -19,13 +19,13 @@ module Shodanz
       attr_accessor :key
 
       # The path to the REST API endpoint.
-      URL = 'https://exploits.shodan.io/api/'
+      URL = 'https://exploits.shodan.io/'
 
       # @param key [String] SHODAN API key, defaulted to
       # the *SHODAN_API_KEY* enviroment variable.
       def initialize(key: ENV['SHODAN_API_KEY'])
         @url      = URL
-        @internet = Async::HTTP::Internet.new
+        @client   = Async::HTTP::Client.new(Async::HTTP::Endpoint.parse(@url))
         self.key  = key
 
         warn 'No key has been found or provided!' unless key?
@@ -50,7 +50,7 @@ module Shodanz
         params = turn_into_query(**params)
         facets = turn_into_facets(**facets)
         params[:page] = page
-        get('search', **params.merge(**facets))
+        get('api/search', **params.merge(**facets))
       end
 
       # This method behaves identical to the "/search" method with
@@ -62,7 +62,7 @@ module Shodanz
         params = turn_into_query(**params)
         facets = turn_into_facets(**facets)
         params[:page] = page
-        get('count', **params.merge(**facets))
+        get('api/count', **params.merge(**facets))
       end
     end
   end

data/lib/shodanz/apis/rest.rb

@@ -22,7 +22,7 @@ module Shodanz
       # @param key [String] SHODAN API key, defaulted to the *SHODAN_API_KEY* enviroment variable.
       def initialize(key: ENV['SHODAN_API_KEY'])
         @url      = URL
-        @internet = Async::HTTP::Internet.new
+        @client   = Async::HTTP::Client.new(Async::HTTP::Endpoint.parse(@url))
         self.key  = key
 
         warn 'No key has been found or provided!' unless key?

data/lib/shodanz/apis/streaming.rb

@@ -28,7 +28,7 @@ module Shodanz
       # @param key [String] SHODAN API key, defaulted to the *SHODAN_API_KEY* enviroment variable.
       def initialize(key: ENV['SHODAN_API_KEY'])
         @url      = URL
-        @internet = Async::HTTP::Internet.new
+        @client   = Async::HTTP::Client.new(Async::HTTP::Endpoint.parse(@url))
         self.key  = key
 
         warn 'No key has been found or provided!' unless key?

data/lib/shodanz/apis/utils.rb

@@ -20,10 +20,10 @@ module Shodanz
       end
 
       # Perform a direct POST HTTP request to the REST API.
-      def post(path, **params)
-        return sync_post(path, **params) unless Async::Task.current?
+      def post(path, body: nil, **params)
+        return sync_post(path, params: params, body: body) unless Async::Task.current?
 
-        async_post(path, **params)
+        async_post(path, params: params, body: body)
       end
 
       # Perform the main function of consuming the streaming API.
@@ -61,50 +61,78 @@ module Shodanz
 
       private
 
-      RATELIMIT = 'rate limit reached'
-      NOINFO    = 'no information available'
-      NOQUERY   = 'empty search query'
+      RATELIMIT    = 'rate limit reached'
+      NOINFO       = 'no information available'
+      NOQUERY      = 'empty search query'
+      ACCESSDENIED = 'access denied'
+      INVALIDKEY   = 'invalid API key'
 
       def handle_any_json_errors(json)
-        return json unless json.is_a?(Hash) && json.key?('error')
-
-        raise Shodanz::Errors::RateLimited if json['error'].casecmp(RATELIMIT) >= 0
-        raise Shodanz::Errors::NoInformation if json['error'].casecmp(NOINFO) >= 0
-        raise Shodanz::Errors::NoQuery if json['error'].casecmp(NOQUERY) >= 0
-
-        json
+        if json.is_a?(Hash) && json.key?('error')
+          raise Shodanz::Errors::RateLimited if json['error'].casecmp(RATELIMIT) >= 0
+          raise Shodanz::Errors::NoInformation if json['error'].casecmp(NOINFO) >= 0
+          raise Shodanz::Errors::NoQuery if json['error'].casecmp(NOQUERY) >= 0
+          raise Shodanz::Errors::AccessDenied if json['error'].casecmp(ACCESSDENIED) >= 0
+          raise Shodanz::Errors::InvalidKey if json['error'].casecmp(INVALIDKEY) >= 0
+        end
+        return json
       end
 
       def getter(path, **params)
         # param keys should all be strings
         params = params.transform_keys(&:to_s)
         # build up url string based on special params
-        url = "#{@url}#{path}?key=#{@key}"
+        url = "/#{path}?key=#{@key}"
         # special params
         params.each do |param,value|
-          url += "&#{param}=#{value}" unless value.is_a?(String) && value.empty?
+          next if value.is_a?(String) && value.empty?
+          value = URI.encode_www_form_component("#{value}")
+          url += "&#{param}=#{value}"
         end
-        resp = @internet.get(url)
 
-        # parse all lines in the response body as JSON
-        json = JSON.parse(resp.body.join)
+        resp = @client.get(url)
 
-        handle_any_json_errors(json)
+        if resp.success?
+          # parse all lines in the response body as JSON
+          json = JSON.parse(resp.body.join)
+
+          handle_any_json_errors(json)
+
+          return json
+        else
+          raise "Got response status #{resp.status}"
+        end
       ensure
+        @client.pool.close
         resp&.close
       end
 
-      def poster(path, **params)
+      def poster(path, one_shot: false, params: nil, body: nil)
         # param keys should all be strings
         params = params.transform_keys(&:to_s)
+        # and the key param is constant
+        params["key"] = @key
+        # encode as a URL string
+        params = URI.encode_www_form(params)
+        # optional JSON body string
+        json_body = body.nil? ? nil : JSON.dump(body)
+        # build URL path
+        path = "/#{path}?#{params}" 
+
         # make POST request to server
-        resp = @internet.post("#{@url}#{path}?key=#{@key}", params)
+        resp = @client.post(path, nil, json_body)
+
+        if resp.success?
+          json = JSON.parse(resp.body.join)
 
-        # parse all lines in the response body as JSON
-        json = JSON.parse(resp.body.join)
+          handle_any_json_errors(json)
 
-        handle_any_json_errors(json)
+          return json
+        else
+          raise "Got response status #{resp.status}"
+        end
       ensure
+        @client.pool.close
         resp&.close
       end
 
@@ -116,7 +144,7 @@ module Shodanz
           counter = 0
         end
         # make GET request to server
-        resp = @internet.get("#{@url}#{path}?key=#{@key}", params)
+        resp = @client.get("/#{path}?key=#{@key}", params)
         # read body line-by-line
         until resp.body.nil? || resp.body.empty?
           resp.body.read.each_line do |line|
@@ -145,15 +173,15 @@ module Shodanz
         end.wait
       end
 
-      def async_post(path, **params)
+      def async_post(path, params: nil, body: nil)
         Async::Task.current.async do
-          poster(path, **params)
+          poster(path, params: params, body: body)
         end
       end
 
-      def sync_post(path, **params)
+      def sync_post(path, params: nil, body: nil)
         Async do
-          poster(path, **params)
+          poster(path, params: params, body: body)
         end.wait
       end
 

data/lib/shodanz/errors.rb

@@ -15,7 +15,7 @@ module Shodanz
     end
 
     class NoAPIKey < StandardError
-      def initialize(msg = 'No API key has been found or provided! ( setup your SHODAN_API_KEY environment varialbe )')
+      def initialize(msg = 'No API key has been found or provided! ( setup your SHODAN_API_KEY environment variable )')
         super
       end
     end
@@ -25,5 +25,17 @@ module Shodanz
         super
       end
     end
+
+    class AccessDenied < StandardError
+      def initialize(msg = 'Shodan subscription doesn\'t support action, check API permissions!')
+        super
+      end
+    end
+
+    class InvalidKey < StandardError
+      def initialize(msg = 'Invalid API key used, or none given!')
+        super
+      end
+    end
   end
 end

data/lib/shodanz/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Shodanz
-  VERSION = '2.0.1'
+  VERSION = '2.0.5'
 end

data/shodanz.gemspec

@@ -20,13 +20,13 @@ Gem::Specification.new do |spec|
   end
   spec.require_paths = ['lib']
 
-  spec.add_dependency 'async-http', '>= 0.38.1', '< 0.51.0'
-  spec.add_dependency 'async', '>= 1.17.1', '< 1.25.0'
+  spec.add_dependency 'async-http', '>= 0.38.1', '< 0.55.0'
+  spec.add_dependency 'async', '>= 1.17.1', '< 1.31.0'
 
-  spec.add_development_dependency 'async-rspec', '~> 1.14.0'
-  spec.add_development_dependency 'bundler', '~> 2.1.2'
-  spec.add_development_dependency 'pry', '~> 0.12.2'
+  spec.add_development_dependency 'async-rspec', '~> 1.16.1'
+  spec.add_development_dependency 'bundler', '~> 2.2.0'
+  spec.add_development_dependency 'pry', '~> 0.14.1'
   spec.add_development_dependency 'rake', '~> 13.0.0'
   spec.add_development_dependency 'rb-readline', '~> 0.5.5'
-  spec.add_development_dependency 'rspec', '~> 3.9.0'
+  spec.add_development_dependency 'rspec', '~> 3.10.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: shodanz
 version: !ruby/object:Gem::Version
-  version: 2.0.1
+  version: 2.0.5
 platform: ruby
 authors:
 - Kent 'picatz' Gruber
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-01-28 00:00:00.000000000 Z
+date: 2021-09-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: async-http
@@ -19,7 +19,7 @@ dependencies:
         version: 0.38.1
     - - "<"
       - !ruby/object:Gem::Version
-        version: 0.51.0
+        version: 0.55.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: 0.38.1
     - - "<"
       - !ruby/object:Gem::Version
-        version: 0.51.0
+        version: 0.55.0
 - !ruby/object:Gem::Dependency
   name: async
   requirement: !ruby/object:Gem::Requirement
@@ -39,7 +39,7 @@ dependencies:
         version: 1.17.1
     - - "<"
       - !ruby/object:Gem::Version
-        version: 1.25.0
+        version: 1.31.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -49,49 +49,49 @@ dependencies:
         version: 1.17.1
     - - "<"
       - !ruby/object:Gem::Version
-        version: 1.25.0
+        version: 1.31.0
 - !ruby/object:Gem::Dependency
   name: async-rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.14.0
+        version: 1.16.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.14.0
+        version: 1.16.1
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.1.2
+        version: 2.2.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.1.2
+        version: 2.2.0
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.12.2
+        version: 0.14.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.12.2
+        version: 0.14.1
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -126,14 +126,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.9.0
+        version: 3.10.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.9.0
+        version: 3.10.0
 description: Featuring full support for the REST, Streaming and Exploits API
 email:
 - kgruber1@emich.edu
@@ -141,6 +141,7 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/dependabot.yml"
 - ".github/workflows/ci.yml"
 - ".gitignore"
 - ".rspec"
@@ -171,7 +172,7 @@ homepage: https://github.com/picatz/shodanz
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -186,8 +187,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
-signing_key: 
+rubygems_version: 3.0.6
+signing_key:
 specification_version: 4
 summary: A modern, async Ruby gem for Shodan, the world's first search engine for
   Internet-connected devices.