Jun 10
Shodan API and Automation Part 1
I was working on an engagement with a customer and decided to start monitoring their external infrastructure to identify specific exposed ports and use some tools to verify this as well, this will probably be a multi-part series as it started off with just interacting with the tool on the command line then shifting to scripting with Python and ended up with the use of automation tools so that this could be applied at a larger scale.
First lets start off with getting our environment setup so that we can use Shodan’s API on our command line interface. So as per the recommendations on their website https://cli.shodan.io/ you need to be running python3 on your system then we can install it using pip.
Installing python is out of the scope here, you can go ahead and check out the official website: https://www.python.org/downloads/
Lets just verify that python is working in our environment:
Then we can use pip to install Shodan, we are lucky to have all this simplicity in 2022 and Shoan will be able to run from the CLI now:
Before we can actually use the tool we need to initialize it, you can grab the API key from your account, and I will be redacting the key for security reasons from this blog. If it was successfully initialized you would see that in the output.
shodan init api_key_hereNow you should be able to run queries for whatever you want to search for. Here is the reference: https://cli.shodan.io/
Here is an example of how it would work:
Let's start automating some of this using python because automation is the way of the future… we will be doing this using the REST API. According to Redhat A REST API (also known as RESTful API) is an application programming interface (API or web API) that conforms to the constraints of REST architectural style and allows for interaction with RESTful web services. REST stands for representational state transfer and was created by computer scientist Roy Fielding.
I use visual studio code for most of the things I do so I will be assuming that you are following me on this one, first check what your ENV is so that we can set the correct interpreter in Visual studio code:
Then you can go ahead and set this in VSCode, you can follow this https://python.plainenglish.io/how-to-set-default-python-interpreter-in-vs-code-76c38c210dc3:
That's it for this entry, as we want to try and keep them short enough to follow. In part 2 we will be building the Python script and start interacting the Shodan’s API a little bit differently.
