Kingsleystech: ✳️ Fav-Up : IP Lookup By Favicon Using Shodan

Kali Linux Hackingz

HomeNetworking toolsFav-Up : IP Lookup By Favicon Using Shodan

Fav-Up : IP Lookup By Favicon Using Shodan

ADMINJUNE 05, 2021

Fav-Up is a tool used for lookups for real IP starting from the favicon icon and using Shodan.

Installation

pip3 install -r requirements.txt

Shodan API key (not the free one)

Usage

CLI

First define how you pass the API key:

-k or --key to pass the key to the stdin

-kf or --key-file to pass the filename which get the key from

-sc or --shodan-cli to get the key from Shodan CLI (if you initialized it)

As of now, this tool can be used in three different ways

-ff or --favicon-file: you store locally a favicon icon which you want to lookup

-fu or --favicon-url: you don’t store locally the favicon icon, but you know the exact url where it resides

-w or --web: you don’t know the URL of the favicon icon, but you still know that’s there

-fh or --favicon-hash: you know the hash and want to search the entire internet.

You can specify input files which may contain urls to domain, to favicon icons, or simply locations of locally stored icons:

-fl, --favicon-list: the file contains the full path of all the icons which you want to lookup

-ul, --url-list: the file contains the full URL of all the icons which you want to lookup

-wl, --web-list: the contains all the domains which you want to lookup

You can also save the results to a CSV/JSON file:

-o, --output: specify the output and the format, e.g.: results.csv will save to a CSV file (the type is automatically recognized by the extension of the output file)

Examples

Favicon-file

python3 favUp.py –favicon-file favicon.ico -sc

Favicon-url

python3 favUp.py –favicon-url https://domain.behind.cloudflare/assets/favicon.ico -sc

Web

python3 favUp.py –web domain.behind.cloudflare -sc

Module

from favUp import FavUp

f = FavUp()

f.shodanCLI = True

f.web = “domain.behind.cloudflare”

f.show = True

f.run()

for result in f.faviconsList:

print(f”Real-IP: {result[‘found_ips’]}”)

print(f”Hash: {result[‘favhash’]}”)

All Attributes

Variable Type

FavUp.show bool

FavUp.key str

FavUp.keyFile str

FavUp.shodanCLI bool

FavUp.faviconFile str

FavUp.faviconURL str

FavUp.web str

FavUp.shodan Shodan class

FavUp.faviconsList list[dict]

FavUp.faviconsList stores all the results, the key fields depend by the type of the lookup you want to do.

In case of –favicon-file or –favicon-list:

favhash stores the hash of the favicon icon

file stores the path

In case of –favicon-url or –url-list:

favhash stores the hash of the favicon icon

url stores the URL of the favicon icon

domain stores the domain name

maskIP stores the “fake” IP (e.g. the Cloudflare one)

maskISP store the ISP name associated to the maskIP

In case of –web or –web-list:

favhash stores the hash of the favicon icon

domain stores the domain name

maskIP stores the “fake” IP (e.g. the Cloudflare one)

maskISP store the ISP name associated to the maskIP

(in this case the URL of the favicon icon is returned by the href attribute of HTML element)

If, while searching for the favicon icon, nothing useful is found, not-found will be returned.

In all three cases, found_ips field is added for every checked entry. If no IP(s) have been found, not-found will be

Compatibility

At least python3.6 is required due to spicy syntax.

Disclaimer

This tool is for educational purposes only. The authors and contributors don’t take any responsibility for the misuse of this tool. Use It At Your Own Risk!

Download

Kingsleystech

Friday, July 8, 2022

✳️ Fav-Up : IP Lookup By Favicon Using Shodan

0 Comments:

Post a Comment

About Me

Previous Posts