Created
December 2, 2019 15:22
Revisions
-
Techbrunch renamed this gist
Dec 2, 2019 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -65,4 +65,5 @@ def check_for_html_tag favicon = Favicon.new(ARGV[0]) puts favicon.uri puts favicon.host puts favicon.mmh3 puts "https://www.shodan.io/search?query=http.favicon.hash%3A" + favicon.mmh3.to_s -
Techbrunch created this gist
Dec 2, 2019 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,68 @@ # Initial code by Matt Harzewski # https://gist.github.com/mattvh/6692349 # Read more: http://www.webmaster-source.com/2013/09/25/finding-a-websites-favicon-with-ruby/ # https://github.com/hajimes/mmh3 require "httparty" require "nokogiri" require "base64" require "murmurhash3" class Favicon attr_reader :host attr_reader :uri attr_reader :base64 attr_reader :mmh3 def initialize(host) @host = host check_for_ico_file check_for_html_tag end # Check /favicon.ico def check_for_ico_file uri = URI::HTTP.build({:host => @host, :path => '/favicon.ico'}).to_s res = HTTParty.get(uri) if res.code == 200 # TIL: In python there is a newline every 76 characters and it end with a newline @base64 = Base64.strict_encode64(res.body).gsub!(/.{76}(?=.)/, '\0'+"\n") + "\n" @uri = uri # Needs to be signed @mmh3 = [MurmurHash3::V32.str_hash(@base64)].pack('L').unpack('l').first end end # Check "shortcut icon" tag def check_for_html_tag uri = URI::HTTP.build({:host => @host, :path => '/'}).to_s res = HTTParty.get(uri) doc = Nokogiri::HTML(res) doc.xpath('//link[@rel="shortcut icon"]').each do |tag| taguri = URI(tag['href']) unless taguri.host.to_s.length < 1 iconuri = taguri.to_s else iconuri = URI.join(uri, taguri).to_s end res = HTTParty.get(iconuri) if res.code == 200 # TIL: In python there is a newline every 76 characters and it end with a newline @base64 = Base64.strict_encode64(res.body).gsub!(/.{76}(?=.)/, '\0'+"\n") + "\n" @uri = iconuri # Needs to be signed @mmh3 = [MurmurHash3::V32.str_hash(@base64)].pack('L').unpack('l').first end end end end favicon = Favicon.new(ARGV[0]) puts favicon.uri puts favicon.host puts favicon.mmh3