Hello everyone, hope you are doing well. I'm new here and created this simple Python Shodan code that can use multiple API keys. Please check out my code below:
You can copy and paste the provided API keys. Please remember that this script is designed to retrieve information about Windows RDP and VPS servers, including their Windows version. Here is an example of the results:
20.141.220.29,3389,,Windows (build 6.3.9600)
47.254.14.109,3389,,Windows Server 2022 (build 10.0.20348)
8.136.202.88,3389,,Windows (build 10.0.14393)
124.221.196.169,3389,,Windows (build 10.0.14393)
106.55.92.205,3389,,Windows (build 10.0.14393)
106.54.2.250,3389,,Windows (build 6.3.9600)
1.116.160.162,3389,,Windows (build 6.3.9600)
124.221.66.43,3389,,Windows (build 10.0.14393)
106.55.48.117,3389,,Windows (build 10.0.17763)
With this information, brute-forcing passwords, especially for accounts with default credentials like 'ADMIN' (for Windows 8 and above) or 'ADMINISTRATOR' for any Windows Server, becomes easier. I hope you find my work useful!"
SO WITH THIS WE CAN USE MORE THAN 10K API KEYS AND GET MORE RESULTS
Python:
import shodan
def perform_search(query, filename, start, api_key):
SHODAN_API_KEY = api_key
api = shodan.Shodan(SHODAN_API_KEY)
try:
results = api.search(query, page=start // 1000 + 1)
with open(filename, "a") as f:
for result in results['matches']:
ip = result['ip_str']
port = result['port']
hostname = result['hostnames'][0] if result['hostnames'] else ''
os_info = result['os']
f.write(f"{ip},{port},{hostname},{os_info}\n")
print(f"Query {start // 1000 + 1} completed.")
except Exception as e:
print("Error:", e)
def main():
query = "port:3389"
total_results = 10000000
chunk_size = 1000
num_queries = total_results // chunk_size
filename = "results.txt"
api_keys = [
"QsLloESzY3u7gCtCtxv0irZZyCbQayZN",
"YQchKbHxjEgzXUqoR1qbtxec79P23owU",
"RCnzhJzhIWkxj0jYPgmU5Vsy5sA6vSo8",
"OyiLN1i5O5zjVMUlxQJcT9ok8Fk3Mx2R",
"aOBiFDhcrb2imxa2pnEGHSNSz8ECCFL6",
"SBnsRkcwfOvHXV3aooYdR8AjGfoe5OjS",
"blTHFCI4CDyfVb1i6LcVr3F0P71m3cil",
"CCdN8Gk1F2V913pjshFeh2vOkFo89g6a",
"nd64StuNeYhjusVslqdD5W8cCgeF6IGz",
"HhYCrvvlQ555ODywots5yfXkO15zNEWG",
"IEjEinzxyp6Tna3FTTUHVsMoiWE2Kq9o",
"o8FaqOWBLx55mj6sMpvRojwxC0uiWwG9",
"mjflOguXHtnUUIiK9mTWewPJw0N3ItZl"
# Add more API keys here
]
key_index = 0
for i in range(num_queries):
start_index = i * chunk_size
perform_search(query, filename, start_index, api_keys[key_index])
key_index = (key_index + 1) % len(api_keys)
print(f"All queries completed. Results saved to {filename}")
if __name__ == "__main__":
main()You can copy and paste the provided API keys. Please remember that this script is designed to retrieve information about Windows RDP and VPS servers, including their Windows version. Here is an example of the results:
20.141.220.29,3389,,Windows (build 6.3.9600)
47.254.14.109,3389,,Windows Server 2022 (build 10.0.20348)
8.136.202.88,3389,,Windows (build 10.0.14393)
124.221.196.169,3389,,Windows (build 10.0.14393)
106.55.92.205,3389,,Windows (build 10.0.14393)
106.54.2.250,3389,,Windows (build 6.3.9600)
1.116.160.162,3389,,Windows (build 6.3.9600)
124.221.66.43,3389,,Windows (build 10.0.14393)
106.55.48.117,3389,,Windows (build 10.0.17763)
With this information, brute-forcing passwords, especially for accounts with default credentials like 'ADMIN' (for Windows 8 and above) or 'ADMINISTRATOR' for any Windows Server, becomes easier. I hope you find my work useful!"
SO WITH THIS WE CAN USE MORE THAN 10K API KEYS AND GET MORE RESULTS
