/ones

可用于多个网络资产测绘引擎 API 的命令行查询工具

Primary LanguageGoApache License 2.0Apache-2.0


ones

可用于多个网络资产测绘引擎 API 的命令行查询工具,写个2个版本,一个 go 版本,一个 bash shell 脚本的版本


开始

go 版本使用

1. 下载

2. 创建配置文件

将下方字段中的 key 改为你自己的,如果不填就保留默认的 xxxx

tee ones-config.json <<-'EOF'
{
  "fofa_key": [
    "changme@163.com:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
  ],
  "zoom_key": [
    "xxxxxxxx-xxxx-xxxxx-xxxx-xxxxxxxxxx"
  ],
  "shodan_key": [
    "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
  ],
  "quake_key": [
    "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx"
  ],
  "hunter_key": [
    "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
  ],
  "chaos_key": [
    "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
  ]
}
EOF

ones 支持加载多密钥配置,格式如下

{
  "fofa_key": [
    "changme@163.com:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    "changme2@163.com:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
  ],
  "zoom_key": [
    "xxxxxxxx-xxxx-xxxxx-xxxx-xxxxxxxxxx",
    "xxxxxxxx-xxxx-xxxxx-xxxx-xxxxxxxxxx"
  ],
  "shodan_key": [
    "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
  ],
  "quake_key": [
    "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx",
    "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx"
  ],
  "hunter_key": [
    "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
  ],
  "chaos_key": [
    "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
  ]
}

3. 支持选项

ones -help

ones 支持以下选项

Usage:
    ones [flags]

INPUT:
    -fofa string        fofa 查询
    -quake string       quake 查询
    -zoom string        zoomeye 查询 (不支持json导出)
    -shodan string      shodan 查询 (不支持json导出)
    -hunter string      huneter 查询
    -chaos string       chaos 查询

OUTPUT:
    -json string        导出 json 格式 (源格式,无处理)
    -txt string         导出 txt 格式 (ip:port 格式,经过处理)

CONFIGURATIONS:
    -num int            查询数量 (默认100)

4. 使用

查询案例,fofa 查询 tomcat,只查询20个,默认输出

./ones -fofa 'app="APACHE-Tomcat"' -num 20

fofa 查询 tomcat,只查询15个,输出 json 格式的数据到 output123.json 中

./ones -fofa 'app="APACHE-Tomcat"' -num 15 -json output123.json

quake 查询 shiro ,查询10个,输出 txt 格式的数据到 output321.txt 中,输出 json 格式的数据到 output123.json 中

./ones -quake 'app:"Shiro权限管理系统"' -num 10 -txt output321.txt -json output123.json

同时查询 fofa 和 quake 的 shiro ,输出 txt 到 all.txt 中 (注意: 查询多个引擎时,不可导出为 json)

./ones -fofa 'app="APACHE-Shiro"' -quake 'app:"Shiro权限管理系统"' -txt all.txt


bash shell 版本使用

1. 下载

wget -O ones https://f8x.io/ones && mv --force ones /usr/local/bin/ones && chmod +x /usr/local/bin/ones

2. 创建配置文件

将下方字段中的 key 改为你自己的,如果不填就保留默认的 xxxx

tee /root/ones.conf <<-'EOF'
{
  "fofa_email": "changme@163.com",
  "fofa_key": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
  "zoom_key": "xxxxxxxx-xxxx-xxxxx-xxxx-xxxxxxxxxx",
  "shodan_key": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
  "quake_key": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx",
  "hunter_key": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
  "chaos_key": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
}
EOF

3. 初始化环境

ones -init

注意 : 初始化不会安装 chaos ,请自行安装

4. 使用

ones -help

ones -fofa 'app="tomcat"' 100
ones -quake 'tomcat' 100
ones -zoom 'tomcat' 100
ones -shodan 'tomcat' 100
ones -hunter 'tomcat' 100
ones -chaos 'ffffffff0x.com'

API-KEY 的获取


License

Apache License 2.0


Special Thanks

Special thanks to JetBrains for their support to this project.


create by ffffffff0x