├── README.md
└── shodankeys.py


/README.md:
--------------------------------------------------------------------------------
 1 | # Shodan API Key Checker
 2 | This is a quick script written for sorting and categorizing Shodan API keys acquired via scraping the internet.  
 3 | I wrote it because I kept finding people leaving their API keys unprotected all over the shop, and frankly, sometimes I need a Shodan API key quickly and can't be arsed finding my own one.
 4 | 
 5 | Anyways, this script breaks it down into "paid accounts" and "non paid accounts" after its done checking for validity of keys. You could also check which have telnet enabled or whatnot depending on your usecase.
 6 | 
 7 | You can find peoples API keys... All over the net, yo.
 8 | 
 9 | ## Use
10 | Just give it a text file of possible API keys, one API key per line, and let her rip.
11 | 
12 | ## Requirements
13 | You will require the [shodan](https://github.com/achillean/shodan-python) module for this.  
14 | ```
15 | pip install shodan
16 | ```
17 | 
18 | ## Licence
19 | [Licenced under the WTFPL](http://wtfpl.net)
20 | 
21 | ## Beer
22 | All beer donations can go to 1F3sPdKSEL9mM8LBnymGG8Dv3QCPDSRYeh ;)
23 | 


--------------------------------------------------------------------------------
/shodankeys.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/python2
 2 | # coding: utf-8
 3 | # Quick script I wrote for sorting and categorizing Shodan API
 4 | # keys 'borrowed' en masse from Github. 
 5 | # The reason for discerning between paid and unpaid keys, is we
 6 | # can do more with a paid key, so its best to not burn those on
 7 | # just blasting out queries all day erry day.
 8 | # 
 9 | # Author: skyhighatrist \ @dailydavedavids \ 0x27.me
10 | # Licence: WTFPL \ http://wtfpl.net
11 | # BTC: 1F3sPdKSEL9mM8LBnymGG8Dv3QCPDSRYeh
12 | # Ver: 05102015.1
13 | # https://github.com/0x27
14 | import shodan
15 | import sys
16 | 
17 | def test(key):
18 |     api = shodan.Shodan(key)
19 |     print "{+} Testing Key: %s" %(key)
20 |     try:
21 |         info = api.info()
22 |     except Exception:
23 |         print "{-} Key %s is invalid!" %(key)
24 |         return False,False
25 |     if info['plan'] == 'dev' or info['plan'] == 'edu': #this seems to be how they are categorized
26 |         print "{+} Key %s appears to be valid, and bonus, paid!" %(key)
27 |         return True,True
28 |     elif info['plan'] == 'oss': # however I might be wrong. oh well.
29 |         print "{*} Key %s appears to be valid! Not paid for though!" %(key)
30 |         return True,False
31 | 
32 | 
33 | def main(args):
34 |     if len(args) != 2:
35 |         sys.exit("Shodan API Key List Checker (for testing githubbed keys)\nusage: %s keys-to-test.txt" %(args[0]))
36 |     f = open(args[1], "r")
37 |     keys = f.readlines()
38 |     valid_keys = []
39 |     paid_keys = []
40 |     comm_keys = []
41 |     for key in keys:
42 |         key = key.strip()
43 |         is_valid,is_paid = test(key=key)
44 |         if is_valid == True:
45 |             valid_keys.append(key)
46 |             if is_paid == True:
47 |                 paid_keys.append(key)
48 |             else:
49 |                 comm_keys.append(key)
50 |         else:
51 |             pass
52 |     print "\n\n{+} Acquired %d valid keys" %(len(valid_keys))
53 |     print "{+} Acquired %d paid-keys" %(len(paid_keys))
54 |     print "{+} Acquired %d community-keys" %(len(comm_keys))
55 |     print "\n{+} Paid Keys..."
56 |     for key in paid_keys:
57 |         print key
58 |     print "\n{+}Community Keys..."
59 |     for key in comm_keys:
60 |         print key
61 | 
62 | 
63 | if __name__ == "__main__":
64 |     main(args=sys.argv)
65 | 


--------------------------------------------------------------------------------