Shodan API¶
You can save your Shodan API Key (https://www.shodan.io) to use it with Habu.
API Key Configuration¶
The configuration it’s really simple. Use the following command with your API Key:
$ habu.config.set SHODAN_APIKEY put-here-your-shodan-api-key
Usage¶
The command habu.shodan allows you to query for a specific IP address, like this:
$ habu.shodan 216.58.222.36
asn AS15169
isp Google
hostnames eze04s06-in-f4.1e100.net, gru09s17-in-f36.1e100.net
country_code US
region_code CA
city Mountain View
org Google
open_ports tcp/443, tcp/80
It supports four output formats: txt (default), csv, json and nmap (will be shown below).
The JSON output prints the whole Shodan API response.
The CSV output it’s good to process with other tools/script or save to a database.
Cache¶
By default, the command uses a requests cache, to no send repeated queries to the Shodan API.
If you want to disable the cache, use the option ‘–no-cache’.
Scan Open Ports with Nmap¶
If you want to use Nmap to scan only the ports that Shodan sees has open, you can use the ‘nmap’ output format as the port specification, like this:
$ nmap -v -p $(habu.shodan --format nmap 216.58.222.36) 216.58.222.36
Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-13 23:33 -03
Initiating Ping Scan at 23:33
Scanning 216.58.222.36 [2 ports]
Completed Ping Scan at 23:33, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 23:33
Completed Parallel DNS resolution of 1 host. at 23:33, 0.01s elapsed
Initiating Connect Scan at 23:33
Scanning eze04s06-in-f4.1e100.net (216.58.222.36) [2 ports]
Discovered open port 443/tcp on 216.58.222.36
Discovered open port 80/tcp on 216.58.222.36
Completed Connect Scan at 23:33, 0.04s elapsed (2 total ports)
Nmap scan report for eze04s06-in-f4.1e100.net (216.58.222.36)
Host is up (0.020s latency).
PORT STATE SERVICE
80/tcp open http
443/tcp open https
Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 0.09 seconds
Note: Obviously, you can customize the Nmap options. For example, to detect operating systems and service versions.