Class: Shodanz::API::Exploits

Inherits:

Object

• Object
• Shodanz::API::Exploits

Defined in:

lib/shodanz/apis/exploits.rb

Overview

The Exploits API provides access to several exploit and vulnerability data sources. At the moment, it searches across the following:

- Exploit DB
- Metasploit
- Common Vulnerabilities and Exposures (CVE)

Author:

• Kent ‘picat’ Gruber

Constant Summary

URL =

The path to the REST API endpoint.

'https://exploits.shodan.io/api/'.freeze

Instance Attribute Summary

• #key ⇒ String

Instance Method Summary

• #count(query = '', page: 1, **params) ⇒ Object

  This method behaves identical to the “/search” method with the difference that it doesn’t return any results.

• #get(path, **params) ⇒ Object

  Perform a direct GET HTTP request to the REST API.

• #initialize(key: ENV['SHODAN_API_KEY']) ⇒ Exploits constructor

  the SHODAN_API_KEY enviroment variable.

• #key? ⇒ String

  Check if there’s an API key.

• #search(query = '', page: 1, **params) ⇒ Object

  Search across a variety of data sources for exploits and use facets to get summary information.

Constructor Details

#initialize(key: ENV['SHODAN_API_KEY']) ⇒ Exploits

the SHODAN_API_KEY enviroment variable.

Parameters:

• key (String) (defaults to: ENV['SHODAN_API_KEY']) —

  SHODAN API key, defaulted to

# File 'lib/shodanz/apis/exploits.rb', line 20

def initialize(key: ENV['SHODAN_API_KEY'])
  self.key = key
  warn 'No key has been found or provided!' unless key?
end

Instance Attribute Details

#key ⇒ String

Returns:

• (String)

# File 'lib/shodanz/apis/exploits.rb', line 13

def key
  @key
end

Instance Method Details

#count(query = '', page: 1, **params) ⇒ Object

This method behaves identical to the “/search” method with the difference that it doesn’t return any results.

Example

api.count(type: "dos")

# File 'lib/shodanz/apis/exploits.rb', line 50

def count(query = '', page: 1, **params)
  params[:query] = query
  params = turn_into_query(params)
  facets = turn_into_facets(params)
  params[:page] = page
  get('count', params.merge(facets))
end

#get(path, **params) ⇒ Object

Perform a direct GET HTTP request to the REST API.

# File 'lib/shodanz/apis/exploits.rb', line 59

def get(path, **params)
  resp = Unirest.get "#{URL}#{path}?key=#{@key}", parameters: params
  if resp.code != 200 && resp.body.key?('error')
    raise resp.body['error']
  end
  resp.body
end

#key? ⇒ String

Check if there’s an API key.

Returns:

• (String)

# File 'lib/shodanz/apis/exploits.rb', line 27

def key?
  return true if @key
  false
end

#search(query = '', page: 1, **params) ⇒ Object

Search across a variety of data sources for exploits and use facets to get summary information.

Example

api.search("SQL", port: 443)
api.search(port: 22)
api.search(type: "dos")

# File 'lib/shodanz/apis/exploits.rb', line 38

def search(query = '', page: 1, **params)
  params[:query] = query
  params = turn_into_query(params)
  facets = turn_into_facets(facets)
  params[:page] = page
  get('search', params.merge(facets))
end