-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDetective.py
118 lines (106 loc) · 2.8 KB
/
Detective.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
import requests
import argparse
import banner
import ipaddress
from tqdm import tqdm
QUERY = [
"D-Link IP Camera",
"WVC80N",
"ExacqVision",
"AXIS webcams",
"JUNG KNX",
"Jeedom",
"Somfy alarm system",
"polycom command shell",
]
def get_args():
parser = argparse.ArgumentParser(
description="Do a security check on your IoT products!"
)
parser.add_argument(
"-k", "--key", type=str, required=True, help="Enter the CIP API key"
)
parser.add_argument(
"-i", "--ip", type=str, required=True, help="Enter the IP address"
)
return parser.parse_args()
def check_key(key):
url = "https://api.criminalip.io/v1/user/me"
payload = {}
headers = {
"x-api-key": key
}
response = requests.request("POST", url, headers=headers, data=payload)
if response.status_code != 200:
return False, None
response = response.json()
name = response["data"]["name"]
return True, name
def check_ip(ip):
try:
ipaddress.ip_address(ip)
return True
except ValueError:
return False
def extract_cve(ip, key):
url = f"https://api.criminalip.io/v1/asset/ip/report?ip={ip}"
payload={}
headers = {
"x-api-key": key
}
response = requests.request("GET", url, headers=headers, data=payload)
vulns = response.json()["vulnerability"]["data"]
cve_id = []
for vuln in vulns:
cve_id.append(vuln["cve_id"])
cve_id = list(set(cve_id))
print("Your IoT device is at risk of the following vulnerabilities:")
for i in cve_id:
print(i)
def check_iot(ip, key):
url = "https://api.criminalip.io/v1/banner/search?query=ssh&offset=0"
payload={}
headers = {
"x-api-key": key
}
has_cve = False
progress_bar = tqdm(
QUERY,
desc="Investigating,,,",
ncols=100,
bar_format="{l_bar}{bar}| {percentage:3.0f}%",
colour="green",
)
for q in progress_bar:
url = f"https://api.criminalip.io/v1/banner/search?query={q} ip:{ip}&offset=0"
response = requests.request("GET", url, headers=headers, data=payload)
response = response.json()
data = response["data"]["result"]
if len(data) == 0:
continue
q_has_cve = data[0]["has_cve"]
if q_has_cve == True:
has_cve = True
if has_cve == False:
print("🎉 Your IP does not have IoT devices or is safe! 🎉")
else:
print(
"🚨 Investigation Finds Your IoT Is Not Safe! We will conduct further investigations 🚨"
)
extract_cve(ip, key)
def main():
args = get_args()
check, name = check_key(args.key)
if check == False:
print("Invalid API key. Please try again.")
exit()
check = check_ip(args.ip)
if check == False:
print("Invalid IP address. Please try again.")
exit()
banner.print_ascii()
print(f"Welcome, {name}!")
print("Your IP : ", args.ip)
check_iot(args.ip, args.key)
if __name__ == "__main__":
main()