LuD1161 · March 8, 2022 02:52
diff --git a/f5_here_i_come.sh b/f5_here_i_come.sh
 # Get all the F5 IPs from Shodan | Get script here : https://gist.github.com/LuD1161/2087aea80e8771a4af069c33b4078570
 python3 shodan_query.py "http.favicon.hash:-335242539" results_f5.txt | tee -a output.txt

 cat output.txt | grep -i "host :" | cut -d":" -f2 | cut -d" " -f2 | httpx -threads 400 -ports 80,443,8443,4443 -silent | nuclei -t cves/CVE-2020-5902.yaml -o results.txt

 cut -d" " -f3 results.txt > targets.txt
 sed -i -e "s/\.\;/\.\\\;/g" targets.txt # escape semicolon to pass to interlace

 interlace -tL ./targets.txt -threads 100 -c "echo _target_; curl --insecure -v _target_ 2>&1 | awk 'BEGIN { cert=0 } /^\* SSL connection/ { cert=1 } /^\*/ { if (cert) print }'" -v | tee -a all_certs.txt

 grep 'issuer: ' all_certs.txt | grep -v '[email protected]'
	# Get all the F5 IPs from Shodan \| Get script here : https://gist.github.com/LuD1161/2087aea80e8771a4af069c33b4078570
	python3 shodan_query.py "http.favicon.hash:-335242539" results_f5.txt \| tee -a output.txt

	cat output.txt \| grep -i "host :" \| cut -d":" -f2 \| cut -d" " -f2 \| httpx -threads 400 -ports 80,443,8443,4443 -silent \| nuclei -t cves/CVE-2020-5902.yaml -o results.txt

	cut -d" " -f3 results.txt > targets.txt
	sed -i -e "s/\.\;/\.\\\;/g" targets.txt # escape semicolon to pass to interlace

	interlace -tL ./targets.txt -threads 100 -c "echo _target_; curl --insecure -v _target_ 2>&1 \| awk 'BEGIN { cert=0 } /^\* SSL connection/ { cert=1 } /^\*/ { if (cert) print }'" -v \| tee -a all_certs.txt

	grep 'issuer: ' all_certs.txt \| grep -v '[email protected]'