Skip to content

Instantly share code, notes, and snippets.

@jgamblin

jgamblin/internetdb.ipynb

Created March 14, 2022 19:07
Show Gist options
  • Save jgamblin/16553c7a71052214ef04591aa0cf5cf8 to your computer and use it in GitHub Desktop.
Save jgamblin/16553c7a71052214ef04591aa0cf5cf8 to your computer and use it in GitHub Desktop.
Download ZIP
CIDR lookup tool for the InternetDB API
Display the source blob
Display the rendered blob
Raw
internetdb.ipynb
{
"cells": [
{
"cell_type": "markdown",
"id": "secret-receptor",
"metadata": {
"tags": []
},
"source": [
"# Internetdb CIDR Lookup"
]
},
{
"cell_type": "markdown",
"id": "departmental-third",
"metadata": {},
"source": [
"Shodan released InternetDB that allows fast lookup of IP addresses and returns open ports, hostnames, and CVEs. I have put together this jupyter notebook that allows CIDR searchs. "
]
},
{
"cell_type": "code",
"execution_count": 1,
"id": "removable-princess",
"metadata": {},
"outputs": [],
"source": [
"from netaddr import IPNetwork\n",
"import requests\n",
"import pandas as pd\n",
"from tqdm.notebook import tqdm"
]
},
{
"cell_type": "markdown",
"id": "similar-chance",
"metadata": {},
"source": [
"Update CIDR Here:"
]
},
{
"cell_type": "code",
"execution_count": 2,
"id": "stainless-extra",
"metadata": {},
"outputs": [],
"source": [
"iprange = '128.206.8.0/24'"
]
},
{
"cell_type": "code",
"execution_count": 3,
"id": "incredible-montana",
"metadata": {},
"outputs": [
{
"data": {
"application/vnd.jupyter.widget-view+json": {
"model_id": "3bdd24ef6acf48e28bdaf2074e3e45a0",
"version_major": 2,
"version_minor": 0
},
"text/plain": [
" 0%| | 0/256 [00:00<?, ?it/s]"
]
},
"metadata": {},
"output_type": "display_data"
}
],
"source": [
"headers = {\n",
" 'accept': 'application/json',\n",
"}\n",
"\n",
"row_accumulator = []\n",
"\n",
"for ip in tqdm(IPNetwork(iprange)):\n",
" response = requests.get('https://internetdb.shodan.io/' + str(ip))\n",
" #response = requests.get('https://internetdb.shodan.io/168.166.54.52')\n",
" data = response.json()\n",
" try:\n",
" ip_address = data['ip']\n",
" except KeyError:\n",
" ip_address ='None'\n",
" try: \n",
" ports = data['ports']\n",
" except KeyError:\n",
" ports ='None'\n",
" try: \n",
" hostnames = data['hostnames']\n",
" except KeyError:\n",
" hostnames = 'None'\n",
" try: \n",
" vulns = data['vulns']\n",
" except KeyError:\n",
" vulns = 'None'\n",
" new_row = { \n",
" 'IP': ip_address,\n",
" 'Hostname': hostnames,\n",
" 'Ports': ports,\n",
" 'Vulns' : vulns\n",
" }\n",
" row_accumulator.append(new_row)\n",
"\n",
"intenetdb = pd.DataFrame(row_accumulator)\n",
"intenetdb = intenetdb[~intenetdb.IP.str.contains(\"None\")]\n",
"intenetdb = intenetdb[intenetdb['Vulns'].map(lambda d: len(d)) > 0]\n",
"\n"
]
},
{
"cell_type": "code",
"execution_count": 4,
"id": "worth-florist",
"metadata": {},
"outputs": [
{
"data": {
"text/html": [
"<div>\n",
"<style scoped>\n",
" .dataframe tbody tr th:only-of-type {\n",
" vertical-align: middle;\n",
" }\n",
"\n",
" .dataframe tbody tr th {\n",
" vertical-align: top;\n",
" }\n",
"\n",
" .dataframe thead th {\n",
" text-align: right;\n",
" }\n",
"</style>\n",
"<table border=\"1\" class=\"dataframe\">\n",
" <thead>\n",
" <tr style=\"text-align: right;\">\n",
" <th></th>\n",
" <th>IP</th>\n",
" <th>Hostname</th>\n",
" <th>Ports</th>\n",
" <th>Vulns</th>\n",
" </tr>\n",
" </thead>\n",
" <tbody>\n",
" <tr>\n",
" <th>31</th>\n",
" <td>128.206.8.31</td>\n",
" <td>[tru-wserver.missouri.edu]</td>\n",
" <td>[80]</td>\n",
" <td>[CVE-2014-4078]</td>\n",
" </tr>\n",
" <tr>\n",
" <th>53</th>\n",
" <td>128.206.8.53</td>\n",
" <td>[kilgore.missouri.edu]</td>\n",
" <td>[22]</td>\n",
" <td>[CVE-2006-5051, CVE-2006-5052, CVE-2009-2904, ...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>72</th>\n",
" <td>128.206.8.72</td>\n",
" <td>[cds-nutrition.col.missouri.edu]</td>\n",
" <td>[80, 443]</td>\n",
" <td>[CVE-2014-4078]</td>\n",
" </tr>\n",
" <tr>\n",
" <th>77</th>\n",
" <td>128.206.8.77</td>\n",
" <td>[cvm-wordpress-alpha.missouri.edu]</td>\n",
" <td>[80, 443]</td>\n",
" <td>[CVE-2018-5407, CVE-2014-3523, CVE-2017-7679, ...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>223</th>\n",
" <td>128.206.8.223</td>\n",
" <td>[vmdb-w.cvm.missouri.edu]</td>\n",
" <td>[22, 80, 443]</td>\n",
" <td>[CVE-2018-5407, CVE-2014-3523, CVE-2017-7679, ...</td>\n",
" </tr>\n",
" <tr>\n",
" <th>240</th>\n",
" <td>128.206.8.240</td>\n",
" <td>[mulegames.missouri.edu]</td>\n",
" <td>[22]</td>\n",
" <td>[CVE-2018-15919, CVE-2017-15906]</td>\n",
" </tr>\n",
" </tbody>\n",
"</table>\n",
"</div>"
],
"text/plain": [
" IP Hostname Ports \\\n",
"31 128.206.8.31 [tru-wserver.missouri.edu] [80] \n",
"53 128.206.8.53 [kilgore.missouri.edu] [22] \n",
"72 128.206.8.72 [cds-nutrition.col.missouri.edu] [80, 443] \n",
"77 128.206.8.77 [cvm-wordpress-alpha.missouri.edu] [80, 443] \n",
"223 128.206.8.223 [vmdb-w.cvm.missouri.edu] [22, 80, 443] \n",
"240 128.206.8.240 [mulegames.missouri.edu] [22] \n",
"\n",
" Vulns \n",
"31 [CVE-2014-4078] \n",
"53 [CVE-2006-5051, CVE-2006-5052, CVE-2009-2904, ... \n",
"72 [CVE-2014-4078] \n",
"77 [CVE-2018-5407, CVE-2014-3523, CVE-2017-7679, ... \n",
"223 [CVE-2018-5407, CVE-2014-3523, CVE-2017-7679, ... \n",
"240 [CVE-2018-15919, CVE-2017-15906] "
]
},
"execution_count": 4,
"metadata": {},
"output_type": "execute_result"
}
],
"source": [
"intenetdb"
]
}
],
"metadata": {
"kernelspec": {
"display_name": "Python 3",
"language": "python",
"name": "python3"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 3
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.7.3"
}
},
"nbformat": 4,
"nbformat_minor": 5
}
@bartolialberto
Copy link

Nice work, thanks for making it available.

I have slightly modified it and made it available to my students as a Google Colab, with due credits.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment