LoginSignup
3
4

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 1 year has passed since last update.

@Sh1n0g1

SHODAN APIから大量のデータを持ってくる場合のコツ

Last updated at Posted at 2023-07-20

問題点

  • SHODANのAPIは1度に100件ずつしか取得できない。
  • pageパラメータがあり、101件目~200件目はpage=2とすることで引き出すことができる。
  • しかし、数万、時には数十万の情報が必要となるとき、途中で500エラーや不正なクエリなどのエラーが発生し、不安定な動作をするときがある。
  • おそらくSHODANのアーキテクチャーとして数万件単位のクエリは想定していない。

解決手法

  • ネットブロックで区切って問い合わせる
    • クエリに net:1.0.0.0/8を付けて問い合わせる
    • クエリに net:2.0.0.0/8を付けて問い合わせる
    • クエリに net:3.0.0.0/8を付けて問い合わせる
      中略
    • クエリにnet:223.0.0.0/8を付けて問い合わせる
  • こうすることで網羅的かつ細切れに情報を得ることができる
  • また一括で取得した際に漏れがあったのが解消されるケースもあった。

メリット:安定性が圧倒的に増す
デメリット:クエリ数が増えて、時間とAPI消費数が増加する
例えば、30000件の場合

  • 従来の一括取得だと300回の問い合わせが必要(page=1300
  • 本記事の方法で、仮に各ネットブロックで150件ずつだとすると、ネットブロックごとに2回の問い合わせ(page=1page=2)が必要となり、合計で220ネットブロック×2回で440回問い合わせる必要がある

別のアイディア

country:jpのように国ごとに問いあわせることもできるが、ネットブロックよりも偏りが大きいと思われる(アメリカとか)

参考:パブリックなクラスAのネットブロック

[
  "1.0.0.0/8",
  "2.0.0.0/8",
  "3.0.0.0/8",
  "4.0.0.0/8",
  "5.0.0.0/8",
  "6.0.0.0/8",
  "7.0.0.0/8",
  "8.0.0.0/8",
  "9.0.0.0/8",
  "11.0.0.0/8",
  "12.0.0.0/8",
  "13.0.0.0/8",
  "14.0.0.0/8",
  "15.0.0.0/8",
  "16.0.0.0/8",
  "17.0.0.0/8",
  "18.0.0.0/8",
  "19.0.0.0/8",
  "20.0.0.0/8",
  "21.0.0.0/8",
  "22.0.0.0/8",
  "23.0.0.0/8",
  "24.0.0.0/8",
  "25.0.0.0/8",
  "26.0.0.0/8",
  "27.0.0.0/8",
  "28.0.0.0/8",
  "29.0.0.0/8",
  "30.0.0.0/8",
  "31.0.0.0/8",
  "32.0.0.0/8",
  "33.0.0.0/8",
  "34.0.0.0/8",
  "35.0.0.0/8",
  "36.0.0.0/8",
  "37.0.0.0/8",
  "38.0.0.0/8",
  "39.0.0.0/8",
  "40.0.0.0/8",
  "41.0.0.0/8",
  "42.0.0.0/8",
  "43.0.0.0/8",
  "44.0.0.0/8",
  "45.0.0.0/8",
  "46.0.0.0/8",
  "47.0.0.0/8",
  "48.0.0.0/8",
  "49.0.0.0/8",
  "50.0.0.0/8",
  "51.0.0.0/8",
  "52.0.0.0/8",
  "53.0.0.0/8",
  "54.0.0.0/8",
  "55.0.0.0/8",
  "56.0.0.0/8",
  "57.0.0.0/8",
  "58.0.0.0/8",
  "59.0.0.0/8",
  "60.0.0.0/8",
  "61.0.0.0/8",
  "62.0.0.0/8",
  "63.0.0.0/8",
  "64.0.0.0/8",
  "65.0.0.0/8",
  "66.0.0.0/8",
  "67.0.0.0/8",
  "68.0.0.0/8",
  "69.0.0.0/8",
  "70.0.0.0/8",
  "71.0.0.0/8",
  "72.0.0.0/8",
  "73.0.0.0/8",
  "74.0.0.0/8",
  "75.0.0.0/8",
  "76.0.0.0/8",
  "77.0.0.0/8",
  "78.0.0.0/8",
  "79.0.0.0/8",
  "80.0.0.0/8",
  "81.0.0.0/8",
  "82.0.0.0/8",
  "83.0.0.0/8",
  "84.0.0.0/8",
  "85.0.0.0/8",
  "86.0.0.0/8",
  "87.0.0.0/8",
  "88.0.0.0/8",
  "89.0.0.0/8",
  "90.0.0.0/8",
  "91.0.0.0/8",
  "92.0.0.0/8",
  "93.0.0.0/8",
  "94.0.0.0/8",
  "95.0.0.0/8",
  "96.0.0.0/8",
  "97.0.0.0/8",
  "98.0.0.0/8",
  "99.0.0.0/8",
  "100.0.0.0/8",
  "101.0.0.0/8",
  "102.0.0.0/8",
  "103.0.0.0/8",
  "104.0.0.0/8",
  "105.0.0.0/8",
  "106.0.0.0/8",
  "107.0.0.0/8",
  "108.0.0.0/8",
  "109.0.0.0/8",
  "110.0.0.0/8",
  "111.0.0.0/8",
  "112.0.0.0/8",
  "113.0.0.0/8",
  "114.0.0.0/8",
  "115.0.0.0/8",
  "116.0.0.0/8",
  "117.0.0.0/8",
  "118.0.0.0/8",
  "119.0.0.0/8",
  "120.0.0.0/8",
  "121.0.0.0/8",
  "122.0.0.0/8",
  "123.0.0.0/8",
  "124.0.0.0/8",
  "125.0.0.0/8",
  "126.0.0.0/8",
  "128.0.0.0/8",
  "129.0.0.0/8",
  "130.0.0.0/8",
  "131.0.0.0/8",
  "132.0.0.0/8",
  "133.0.0.0/8",
  "134.0.0.0/8",
  "135.0.0.0/8",
  "136.0.0.0/8",
  "137.0.0.0/8",
  "138.0.0.0/8",
  "139.0.0.0/8",
  "140.0.0.0/8",
  "141.0.0.0/8",
  "142.0.0.0/8",
  "143.0.0.0/8",
  "144.0.0.0/8",
  "145.0.0.0/8",
  "146.0.0.0/8",
  "147.0.0.0/8",
  "148.0.0.0/8",
  "149.0.0.0/8",
  "150.0.0.0/8",
  "151.0.0.0/8",
  "152.0.0.0/8",
  "153.0.0.0/8",
  "154.0.0.0/8",
  "155.0.0.0/8",
  "156.0.0.0/8",
  "157.0.0.0/8",
  "158.0.0.0/8",
  "159.0.0.0/8",
  "160.0.0.0/8",
  "161.0.0.0/8",
  "162.0.0.0/8",
  "163.0.0.0/8",
  "164.0.0.0/8",
  "165.0.0.0/8",
  "166.0.0.0/8",
  "167.0.0.0/8",
  "168.0.0.0/8",
  "169.0.0.0/8",
  "170.0.0.0/8",
  "171.0.0.0/8",
  "172.0.0.0/8",
  "173.0.0.0/8",
  "174.0.0.0/8",
  "175.0.0.0/8",
  "176.0.0.0/8",
  "177.0.0.0/8",
  "178.0.0.0/8",
  "179.0.0.0/8",
  "180.0.0.0/8",
  "181.0.0.0/8",
  "182.0.0.0/8",
  "183.0.0.0/8",
  "184.0.0.0/8",
  "185.0.0.0/8",
  "186.0.0.0/8",
  "187.0.0.0/8",
  "188.0.0.0/8",
  "189.0.0.0/8",
  "190.0.0.0/8",
  "191.0.0.0/8",
  "192.0.0.0/8",
  "193.0.0.0/8",
  "194.0.0.0/8",
  "195.0.0.0/8",
  "196.0.0.0/8",
  "197.0.0.0/8",
  "198.0.0.0/8",
  "199.0.0.0/8",
  "200.0.0.0/8",
  "201.0.0.0/8",
  "202.0.0.0/8",
  "203.0.0.0/8",
  "204.0.0.0/8",
  "205.0.0.0/8",
  "206.0.0.0/8",
  "207.0.0.0/8",
  "208.0.0.0/8",
  "209.0.0.0/8",
  "210.0.0.0/8",
  "211.0.0.0/8",
  "212.0.0.0/8",
  "213.0.0.0/8",
  "214.0.0.0/8",
  "215.0.0.0/8",
  "216.0.0.0/8",
  "217.0.0.0/8",
  "218.0.0.0/8",
  "219.0.0.0/8",
  "220.0.0.0/8",
  "221.0.0.0/8",
  "222.0.0.0/8",
  "223.0.0.0/8"
]

適当なポート54321でホスト数を調べた結果

  • 一括だと23169台 (231クエリ)
  • 細切れだと23171台見つかった(351クエリ)
[+] Query:port:54321 net:1.0.0.0/8 Num:63
[+] Query:port:54321 net:2.0.0.0/8 Num:14
[+] Query:port:54321 net:3.0.0.0/8 Num:536
[+] Query:port:54321 net:4.0.0.0/8 Num:50
[+] Query:port:54321 net:5.0.0.0/8 Num:45
[+] Query:port:54321 net:6.0.0.0/8 Num:0
[+] Query:port:54321 net:7.0.0.0/8 Num:0
[+] Query:port:54321 net:8.0.0.0/8 Num:19
[+] Query:port:54321 net:9.0.0.0/8 Num:0
[+] Query:port:54321 net:11.0.0.0/8 Num:0
[+] Query:port:54321 net:12.0.0.0/8 Num:167
[+] Query:port:54321 net:13.0.0.0/8 Num:617
[+] Query:port:54321 net:14.0.0.0/8 Num:67
[+] Query:port:54321 net:15.0.0.0/8 Num:191
[+] Query:port:54321 net:16.0.0.0/8 Num:65
[+] Query:port:54321 net:17.0.0.0/8 Num:0
[+] Query:port:54321 net:18.0.0.0/8 Num:336
[+] Query:port:54321 net:19.0.0.0/8 Num:0
[+] Query:port:54321 net:20.0.0.0/8 Num:45
[+] Query:port:54321 net:21.0.0.0/8 Num:0
[+] Query:port:54321 net:22.0.0.0/8 Num:0
[+] Query:port:54321 net:23.0.0.0/8 Num:188
[+] Query:port:54321 net:24.0.0.0/8 Num:715
[+] Query:port:54321 net:25.0.0.0/8 Num:0
[+] Query:port:54321 net:26.0.0.0/8 Num:0
[+] Query:port:54321 net:27.0.0.0/8 Num:81
[+] Query:port:54321 net:28.0.0.0/8 Num:0
[+] Query:port:54321 net:29.0.0.0/8 Num:0
[+] Query:port:54321 net:30.0.0.0/8 Num:0
[+] Query:port:54321 net:31.0.0.0/8 Num:37
[+] Query:port:54321 net:32.0.0.0/8 Num:129
[+] Query:port:54321 net:33.0.0.0/8 Num:0
[+] Query:port:54321 net:34.0.0.0/8 Num:108
[+] Query:port:54321 net:35.0.0.0/8 Num:224
[+] Query:port:54321 net:36.0.0.0/8 Num:42
[+] Query:port:54321 net:37.0.0.0/8 Num:36
[+] Query:port:54321 net:38.0.0.0/8 Num:63
[+] Query:port:54321 net:39.0.0.0/8 Num:27
[+] Query:port:54321 net:40.0.0.0/8 Num:18
[+] Query:port:54321 net:41.0.0.0/8 Num:29
[+] Query:port:54321 net:42.0.0.0/8 Num:52
[+] Query:port:54321 net:43.0.0.0/8 Num:93
[+] Query:port:54321 net:44.0.0.0/8 Num:43
[+] Query:port:54321 net:45.0.0.0/8 Num:147
[+] Query:port:54321 net:46.0.0.0/8 Num:49
[+] Query:port:54321 net:47.0.0.0/8 Num:332
[+] Query:port:54321 net:48.0.0.0/8 Num:0
[+] Query:port:54321 net:49.0.0.0/8 Num:188
[+] Query:port:54321 net:50.0.0.0/8 Num:1362
[+] Query:port:54321 net:51.0.0.0/8 Num:39
[+] Query:port:54321 net:52.0.0.0/8 Num:279
[+] Query:port:54321 net:53.0.0.0/8 Num:0
[+] Query:port:54321 net:54.0.0.0/8 Num:296
[+] Query:port:54321 net:55.0.0.0/8 Num:0
[+] Query:port:54321 net:56.0.0.0/8 Num:0
[+] Query:port:54321 net:57.0.0.0/8 Num:0
[+] Query:port:54321 net:58.0.0.0/8 Num:115
[+] Query:port:54321 net:59.0.0.0/8 Num:68
[+] Query:port:54321 net:60.0.0.0/8 Num:75
[+] Query:port:54321 net:61.0.0.0/8 Num:95
[+] Query:port:54321 net:62.0.0.0/8 Num:114
[+] Query:port:54321 net:63.0.0.0/8 Num:140
[+] Query:port:54321 net:64.0.0.0/8 Num:192
[+] Query:port:54321 net:65.0.0.0/8 Num:171
[+] Query:port:54321 net:66.0.0.0/8 Num:210
[+] Query:port:54321 net:67.0.0.0/8 Num:179
[+] Query:port:54321 net:68.0.0.0/8 Num:271
[+] Query:port:54321 net:69.0.0.0/8 Num:236
[+] Query:port:54321 net:70.0.0.0/8 Num:423
[+] Query:port:54321 net:71.0.0.0/8 Num:555
[+] Query:port:54321 net:72.0.0.0/8 Num:240
[+] Query:port:54321 net:73.0.0.0/8 Num:453
[+] Query:port:54321 net:74.0.0.0/8 Num:310
[+] Query:port:54321 net:75.0.0.0/8 Num:460
[+] Query:port:54321 net:76.0.0.0/8 Num:284
[+] Query:port:54321 net:77.0.0.0/8 Num:28
[+] Query:port:54321 net:78.0.0.0/8 Num:50
[+] Query:port:54321 net:79.0.0.0/8 Num:29
[+] Query:port:54321 net:80.0.0.0/8 Num:46
[+] Query:port:54321 net:81.0.0.0/8 Num:26
[+] Query:port:54321 net:82.0.0.0/8 Num:20
[+] Query:port:54321 net:83.0.0.0/8 Num:64
[+] Query:port:54321 net:84.0.0.0/8 Num:43
[+] Query:port:54321 net:85.0.0.0/8 Num:64
[+] Query:port:54321 net:86.0.0.0/8 Num:20
[+] Query:port:54321 net:87.0.0.0/8 Num:74
[+] Query:port:54321 net:88.0.0.0/8 Num:45
[+] Query:port:54321 net:89.0.0.0/8 Num:98
[+] Query:port:54321 net:90.0.0.0/8 Num:25
[+] Query:port:54321 net:91.0.0.0/8 Num:87
[+] Query:port:54321 net:92.0.0.0/8 Num:61
[+] Query:port:54321 net:93.0.0.0/8 Num:67
[+] Query:port:54321 net:94.0.0.0/8 Num:39
[+] Query:port:54321 net:95.0.0.0/8 Num:50
[+] Query:port:54321 net:96.0.0.0/8 Num:974
[+] Query:port:54321 net:97.0.0.0/8 Num:171
[+] Query:port:54321 net:98.0.0.0/8 Num:450
[+] Query:port:54321 net:99.0.0.0/8 Num:334
[+] Query:port:54321 net:100.0.0.0/8 Num:15
[+] Query:port:54321 net:101.0.0.0/8 Num:46
[+] Query:port:54321 net:102.0.0.0/8 Num:96
[+] Query:port:54321 net:103.0.0.0/8 Num:103
[+] Query:port:54321 net:104.0.0.0/8 Num:247
[+] Query:port:54321 net:105.0.0.0/8 Num:5
[+] Query:port:54321 net:106.0.0.0/8 Num:32
[+] Query:port:54321 net:107.0.0.0/8 Num:222
[+] Query:port:54321 net:108.0.0.0/8 Num:408
[+] Query:port:54321 net:109.0.0.0/8 Num:37
[+] Query:port:54321 net:110.0.0.0/8 Num:78
[+] Query:port:54321 net:111.0.0.0/8 Num:66
[+] Query:port:54321 net:112.0.0.0/8 Num:123
[+] Query:port:54321 net:113.0.0.0/8 Num:127
[+] Query:port:54321 net:114.0.0.0/8 Num:81
[+] Query:port:54321 net:115.0.0.0/8 Num:85
[+] Query:port:54321 net:116.0.0.0/8 Num:80
[+] Query:port:54321 net:117.0.0.0/8 Num:67
[+] Query:port:54321 net:118.0.0.0/8 Num:63
[+] Query:port:54321 net:119.0.0.0/8 Num:108
[+] Query:port:54321 net:120.0.0.0/8 Num:57
[+] Query:port:54321 net:121.0.0.0/8 Num:92
[+] Query:port:54321 net:122.0.0.0/8 Num:53
[+] Query:port:54321 net:123.0.0.0/8 Num:140
[+] Query:port:54321 net:124.0.0.0/8 Num:47
[+] Query:port:54321 net:125.0.0.0/8 Num:71
[+] Query:port:54321 net:126.0.0.0/8 Num:626
[+] Query:port:54321 net:128.0.0.0/8 Num:10
[+] Query:port:54321 net:129.0.0.0/8 Num:12
[+] Query:port:54321 net:130.0.0.0/8 Num:10
[+] Query:port:54321 net:131.0.0.0/8 Num:21
[+] Query:port:54321 net:132.0.0.0/8 Num:11
[+] Query:port:54321 net:133.0.0.0/8 Num:5
[+] Query:port:54321 net:134.0.0.0/8 Num:102
[+] Query:port:54321 net:135.0.0.0/8 Num:6
[+] Query:port:54321 net:136.0.0.0/8 Num:4
[+] Query:port:54321 net:137.0.0.0/8 Num:107
[+] Query:port:54321 net:138.0.0.0/8 Num:27
[+] Query:port:54321 net:139.0.0.0/8 Num:65
[+] Query:port:54321 net:140.0.0.0/8 Num:15
[+] Query:port:54321 net:141.0.0.0/8 Num:21
[+] Query:port:54321 net:142.0.0.0/8 Num:25
[+] Query:port:54321 net:143.0.0.0/8 Num:65
[+] Query:port:54321 net:144.0.0.0/8 Num:108
[+] Query:port:54321 net:145.0.0.0/8 Num:5
[+] Query:port:54321 net:146.0.0.0/8 Num:5
[+] Query:port:54321 net:147.0.0.0/8 Num:30
[+] Query:port:54321 net:148.0.0.0/8 Num:11
[+] Query:port:54321 net:149.0.0.0/8 Num:23
[+] Query:port:54321 net:150.0.0.0/8 Num:30
[+] Query:port:54321 net:151.0.0.0/8 Num:17
[+] Query:port:54321 net:152.0.0.0/8 Num:71
[+] Query:port:54321 net:153.0.0.0/8 Num:18
[+] Query:port:54321 net:154.0.0.0/8 Num:36
[+] Query:port:54321 net:155.0.0.0/8 Num:7
[+] Query:port:54321 net:156.0.0.0/8 Num:38
[+] Query:port:54321 net:157.0.0.0/8 Num:27
[+] Query:port:54321 net:158.0.0.0/8 Num:13
[+] Query:port:54321 net:159.0.0.0/8 Num:35
[+] Query:port:54321 net:160.0.0.0/8 Num:22
[+] Query:port:54321 net:161.0.0.0/8 Num:50
[+] Query:port:54321 net:162.0.0.0/8 Num:157
[+] Query:port:54321 net:163.0.0.0/8 Num:4
[+] Query:port:54321 net:164.0.0.0/8 Num:10
[+] Query:port:54321 net:165.0.0.0/8 Num:14
[+] Query:port:54321 net:166.0.0.0/8 Num:261
[+] Query:port:54321 net:167.0.0.0/8 Num:12
[+] Query:port:54321 net:168.0.0.0/8 Num:8
[+] Query:port:54321 net:169.0.0.0/8 Num:4
[+] Query:port:54321 net:170.0.0.0/8 Num:24
[+] Query:port:54321 net:171.0.0.0/8 Num:53
[+] Query:port:54321 net:172.0.0.0/8 Num:158
[+] Query:port:54321 net:173.0.0.0/8 Num:555
[+] Query:port:54321 net:174.0.0.0/8 Num:301
[+] Query:port:54321 net:175.0.0.0/8 Num:90
[+] Query:port:54321 net:176.0.0.0/8 Num:40
[+] Query:port:54321 net:177.0.0.0/8 Num:15
[+] Query:port:54321 net:178.0.0.0/8 Num:48
[+] Query:port:54321 net:179.0.0.0/8 Num:18
[+] Query:port:54321 net:180.0.0.0/8 Num:84
[+] Query:port:54321 net:181.0.0.0/8 Num:16
[+] Query:port:54321 net:182.0.0.0/8 Num:143
[+] Query:port:54321 net:183.0.0.0/8 Num:80
[+] Query:port:54321 net:184.0.0.0/8 Num:160
[+] Query:port:54321 net:185.0.0.0/8 Num:121
[+] Query:port:54321 net:186.0.0.0/8 Num:14
[+] Query:port:54321 net:187.0.0.0/8 Num:23
[+] Query:port:54321 net:188.0.0.0/8 Num:85
[+] Query:port:54321 net:189.0.0.0/8 Num:26
[+] Query:port:54321 net:190.0.0.0/8 Num:32
[+] Query:port:54321 net:191.0.0.0/8 Num:9
[+] Query:port:54321 net:192.0.0.0/8 Num:65
[+] Query:port:54321 net:193.0.0.0/8 Num:34
[+] Query:port:54321 net:194.0.0.0/8 Num:40
[+] Query:port:54321 net:195.0.0.0/8 Num:34
[+] Query:port:54321 net:196.0.0.0/8 Num:47
[+] Query:port:54321 net:197.0.0.0/8 Num:16
[+] Query:port:54321 net:198.0.0.0/8 Num:67
[+] Query:port:54321 net:199.0.0.0/8 Num:23
[+] Query:port:54321 net:200.0.0.0/8 Num:19
[+] Query:port:54321 net:201.0.0.0/8 Num:18
[+] Query:port:54321 net:202.0.0.0/8 Num:43
[+] Query:port:54321 net:203.0.0.0/8 Num:174
[+] Query:port:54321 net:204.0.0.0/8 Num:73
[+] Query:port:54321 net:205.0.0.0/8 Num:31
[+] Query:port:54321 net:206.0.0.0/8 Num:34
[+] Query:port:54321 net:207.0.0.0/8 Num:111
[+] Query:port:54321 net:208.0.0.0/8 Num:141
[+] Query:port:54321 net:209.0.0.0/8 Num:85
[+] Query:port:54321 net:210.0.0.0/8 Num:112
[+] Query:port:54321 net:211.0.0.0/8 Num:118
[+] Query:port:54321 net:212.0.0.0/8 Num:64
[+] Query:port:54321 net:213.0.0.0/8 Num:73
[+] Query:port:54321 net:214.0.0.0/8 Num:1
[+] Query:port:54321 net:215.0.0.0/8 Num:0
[+] Query:port:54321 net:216.0.0.0/8 Num:69
[+] Query:port:54321 net:217.0.0.0/8 Num:55
[+] Query:port:54321 net:218.0.0.0/8 Num:89
[+] Query:port:54321 net:219.0.0.0/8 Num:192
[+] Query:port:54321 net:220.0.0.0/8 Num:74
[+] Query:port:54321 net:221.0.0.0/8 Num:81
[+] Query:port:54321 net:222.0.0.0/8 Num:103
[+] Query:port:54321 net:223.0.0.0/8 Num:45
3
4
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
3
4

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?