![]() You can use this website to generate a contab schedule, if you are not ‘fluent’ in it’s syntax: 0 0,6,12,18 * * * sh -c '/usr/local/bin/woleet-cli anchor -token ***** -directory /some/path > /path/to/log/file 2>&1' It’s advised to automate woleet-cli invocations, you can do it either via a crontab or via the Systemd timers, It’s not necessary to run it more than once every 6 hours CRON Wait for proofs to be confirmed and you will have this output: private: If set, create non discoverable proofs If used with -strict If set, checks the hash of the original file and compares it to the one stored in the receipt, if they do not matches, the outdated receipt is deleted. prune If set, deletes the receipts that are not beside the original file. strict If set, recheck every file and re-anchor the ones that have changed since the last run recursive If set, woleet-cli also anchors subfolders and add a tag to the anchor named as the subfolder exitOnError If set, woleet-cli stops at the first error it encounter for example, if the API token is not valid or if there is a network issue. There is also some flags that sightly changes the usage of this tool: directory The directory that contains the files you wish to anchor. To anchor the content of a folder there is few mandatory flags to add to the command: Note: tags are added to the anchors according to the name of sub-folders To sum up, the Woleet CLI command line tool allows to automate the creation and maintenance of the timestamped proofs of existence or signature associated with a set of files present in a given directory. If the original file is no longer present and the option -prune is provided, the old receipt/pending file is deleted. If they differ, the file is re-processed and the old receipt is kept (except if –prune is set: in that case the old receipt is deleted). If the option -strict is provided, for each file that already have a proof receipt, the tool checks that the hash of the file still matches the hash in the receipt (to detect file changes). Obviously, the files that were already anchored or signed are not processed twice. Since proof receipt creation is not a real time operation, the tool is designed to be run on a regular basis (or at least a second time once proof receipts are ready to download). It automatically gathers all the proof receipts and stores them beside anchored or signed files (a proof receipt is a JSON file named -.(anchor|signature)-receipt.json). To search Microsoft IIS 6.0 and print out their IP, port, organization and hostnames use the following command: $ shodan search -fields ip_str,port,org,hostnames microsoft iis 6.The Woleet command line interface tool allows to scan a folder recursively and to anchor or sign all files found in it. You can use the -fields parameter to print whichever banner fields you're interested in. By default it will display the IP, port, hostnames and data. This command lets you search Shodan and view the results in a terminal-friendly way. The following command outputs the IP address, port and organization in CSV format for the previously downloaded Microsoft-IIS data: $ shodan parse -fields ip_str,port,org -separator, search It lets you filter out the fields that you're interested in, convert the JSON to a CSV and is friendly for pipe-ing to other scripts. Use parse to analyze a file that was generated using the download command. See information about the host such as where it's located, what ports are open and which organization owns the IP. Because paging through results uses query credits, it makes sense to always store searches that you're doing so you won't need to use query credits for a search you already did in the past. The download command is what you should be using most often when getting results from Shodan since it lets you save the results and process them afterwards using the parse command. ![]() For more information on what the banner contains check out: Banner Specificationīy default it will only download 1,000 results, if you want to download more look at the -limit flag. ![]() Search Shodan and download the results into a file where each line is a JSON banner. Returns the number of results for a search query. For the full list of commands just run the tool without any arguments: $ shodan count The shodan CLI has a lot of commands, the most popular/ common ones are documented below. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |