Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

提供零零信安平台调用子域名api接口脚本 #360

Open
union-cmd opened this issue Nov 28, 2023 · 2 comments
Open

提供零零信安平台调用子域名api接口脚本 #360

union-cmd opened this issue Nov 28, 2023 · 2 comments
Assignees
@shmilylty
Labels
bug Something isn't working

Comments

@union-cmd
Copy link

零零信安平台和fofa,是一个网络空间资产搜索引擎平台
截屏2023-11-28 18 22 15

代码如下:
`import time

from config import settings
from common.search import Search

class ZeroZoneQuery(Search):
def init(self, domain):
Search.init(self)
self.domain = domain
self.module = 'Search'
self.source = 'ZeroZoneQuery'
self.addr = 'https://0.zone/api/data/'
self.delay = 2
# 需要高级会员
self.key = settings.zero_zone_key

def search(self):
    """
    发送搜索请求并做子域匹配
    """
    self.pagesize = 40 # 每页条数,最大40
    self.page = 1
    while True:
        time.sleep(self.delay)
        self.header = self.get_header()
        self.proxy = self.get_proxy(self.source)
        params = {
                "query": f"(domain={self.domain})",
                "query_type": "domain",
                "page": self.page,
                "pagesize": self.pagesize,
                "zone_key_id": self.key
            }
        resp = self.post(self.addr, json=params)
        if not resp:
            return
        resp_json = resp.json()
        if resp_json['code'] != 0 or resp_json['message'] != 'success':
            break
        subdomains = self.match_subdomains(resp)
        if not subdomains:  # 搜索没有发现子域名则停止搜索
            break
        self.subdomains.update(subdomains)
        self.page += 1


def run(self):
    """
    类执行入口
    """
    if not self.have_api(self.key):
        return
    self.begin()
    self.search()
    self.finish()
    self.save_json()
    self.gen_result()
    self.save_db()

def run(domain):
"""
类统一调用入口

:param str domain: 域名
"""
search = ZeroZoneQuery(domain)
search.run()

if name == 'main':
run('xxx.com')
`

我自己跑过了是没有问题的
截屏2023-11-28 18 17 21

它的接口是按照它给出的模版写的
https://github.com/00sec-Ltd/zone-api-demo/blob/master/request.py
image

它这里是提供查询子域名的api,只需要将query_type改为domain,query为你要查询的子域名,但是格式要像这样(domain={baidu.com})

image

然后要调用这个子域名的api的话需要你充值高级会员,98元/年
image
@union-cmd union-cmd added the bug Something isn't working label Nov 28, 2023
@union-cmd
Copy link
Author

union-cmd commented Nov 28, 2023
edited

上面展示的代码有点问题,看下面这里

import time

from config import settings
from common.search import Search


class ZeroZoneQuery(Search):
    def __init__(self, domain):
        Search.__init__(self)
        self.domain = domain
        self.module = 'Search'
        self.source = 'ZeroZoneQuery'
        self.addr = 'https://0.zone/api/data/'
        self.delay = 2
        # 需要高级会员
        self.key = settings.zero_zone_key

    def search(self):
        """
        发送搜索请求并做子域匹配
        """
        self.pagesize = 40 # 每页条数,最大40
        self.page = 1
        while True:
            time.sleep(self.delay)
            self.header = self.get_header()
            self.proxy = self.get_proxy(self.source)
            params = {
                    "query": f"(domain={self.domain})",
                    "query_type": "domain",
                    "page": self.page,
                    "pagesize": self.pagesize,
                    "zone_key_id": self.key
                }
            resp = self.post(self.addr, json=params)
            if not resp:
                return
            resp_json = resp.json()
            if resp_json['code'] != 0 or resp_json['message'] != 'success':
                break
            subdomains = self.match_subdomains(resp)
            if not subdomains:  # 搜索没有发现子域名则停止搜索
                break
            self.subdomains.update(subdomains)
            self.page += 1


    def run(self):
        """
        类执行入口
        """
        if not self.have_api(self.key):
            return
        self.begin()
        self.search()
        self.finish()
        self.save_json()
        self.gen_result()
        self.save_db()


def run(domain):
    """
    类统一调用入口

    :param str domain: 域名
    """
    search = ZeroZoneQuery(domain)
    search.run()


if __name__ == '__main__':
    run('xxx.com')

@nikKrian
Copy link

nikKrian commented Jun 5, 2024

好用

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@shmilylty shmilylty

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@shmilylty @union-cmd @nikKrian