Class: Fofa::API

Inherits:

Object

• Object
• Fofa::API

Defined in:

lib/fofa.rb

Instance Method Summary

• #import_service(file, options = {}) ⇒ Object

  Import asset into fofa.

• #initialize(email, apikey, options = {}) ⇒ API constructor

  A new instance of API.

• #search(query, options = {}) ⇒ Object

  Arguments: query: (String) fofa query string options: (Hash) page(default 1, only fetch one page), size(defualt 100).

• #search_all(query, options = {}) ⇒ Object

  Search all results from fofa.

Constructor Details

#initialize(email, apikey, options = {}) ⇒ API

Returns a new instance of API.

# File 'lib/fofa.rb', line 8

def initialize(email, apikey, options={})
  @options = {debug:false}.merge options
  @api_server = ENV['FOFA_API_SERVER'] || 'https://fofa.so'
  @email = email || ENV['FOFA_EMAIL']
  @apikey = apikey || ENV['FOFA_KEY']
end

Instance Method Details

#import_service(file, options = {}) ⇒ Object

Import asset into fofa

Example:

>> Fofa::API.new(email,apikey).import("./http80.txt")
=> {size:1, results:['1.1.1.1:80']}

Arguments:

file: (String) assets file
options: (Hash) page

# File 'lib/fofa.rb', line 102

def import_service(file, options={})
  options = {port:80, split_size:100}.merge(options)
  url = "#{@api_server}/api/v1/import/services?key=#{@apikey}&email=#{@email}&port=#{options[:port]}"
  puts url if @options[:debug]
  uri = URI.parse(url)
  http = Net::HTTP.new(uri.host, uri.port)
  if uri.scheme == 'https'
    http.use_ssl = true
  end
  http.set_debug_output $stderr if @options[:debug]

  File.open(file) do |f|
    results = [] 
    f.each_line.lazy.each_with_index do |line, i|

      line = line.strip
      if m = /Discovered open port (?<port>.*?)\/tcp on (?<host>.*?)$/.match(line)
        hostinfo = "#{m[:host]}:#{m[:port]}"
      elsif line.include?(':')
        hostinfo = line
      else
        hostinfo = "#{line}:#{options[:port]}"
      end

      results << line 
      if i % split_size == 0
        req = Net::HTTP::Post.new(uri.request_uri)
        req.body = results.join("\n")
        resp = http.request(req)
        puts resp if @options[:debug]
        results = [] 
      end
    end
  end
rescue => e
  {"error"=>"Error: #{e.to_s}"}
end

#search(query, options = {}) ⇒ Object

Arguments:

query: (String) fofa query string
options: (Hash) page(default 1, only fetch one page), size(defualt 100)

# File 'lib/fofa.rb', line 28

def search(query, options={})
    options = {page:1, size:100, fields:'host'}.merge(options)

    url = "#{@api_server}/api/v1/search/all?key=#{@apikey}&email=#{@email}&page=#{options[:page]}&size=#{options[:size]}&fields=#{options[:fields]}"
    url += "&q=#{URI.escape(query)}" unless options[:post]
    puts url if @options[:debug]
    uri = URI.parse(url)
    http = Net::HTTP.new(uri.host, uri.port)
    if uri.scheme == 'https'
      http.use_ssl = true
    end

    if options[:post]
      req = Net::HTTP::Post.new(uri.request_uri)
      req.body = query
    else
      req = Net::HTTP::Get.new(uri.request_uri)
    end

    resp = http.request(req)
    JSON.parse(resp.body)
rescue => e
  {"error"=>"Error: #{e.to_s}"}
end

#search_all(query, options = {}) ⇒ Object

Search all results from fofa

Example:

>> Fofa::API.new(email,apikey).search_all("domain==baidu.com") {|results, page| ... }
=> {size:1, results:['1.1.1.1:80']}

Example:

>> Fofa::API.new(email,apikey).search_all("domain==baidu.com", fields:'host,title,ip') {|results, page| ... }
=> {size:1, results:[['1.1.1.1:81', 'title', '1.1.1.1']]}

Arguments:

query: (String) fofa query string

# File 'lib/fofa.rb', line 65

def search_all(query, options={})
  all_size = options.delete :size if options.has_key?(:size)# do not pass to search
  if options.has_key?(:page_size)
    options[:size] = options.delete :page_size
  end
  all_res = []
  page = 0
  loop do
    page += 1
    res = search(query, {page:page}.merge(options))
    if !res['error'] && res['results'].size > 0
      all_res += res['results']
      yield(res['results'], page, res['size'].to_i) if block_given?

      if all_size && all_res.size > all_size.to_i
        all_res = all_res[0..all_size-1]
        break
      end

      break if all_res.size >= res['size'].to_i
    else
      raise res['errmsg'] if res['errmsg']
      break
    end
  end
  all_res
end