From 88e64ad59f8f4ae30e4efdbbc9c270a2e09fa74c Mon Sep 17 00:00:00 2001
From: Bhagirath Saxena <72344025+rix4uni@users.noreply.github.com>
Date: Fri, 9 Aug 2024 20:32:04 +0530
Subject: [PATCH] Update oif

---
 oif | 31 +++++++++++++++++++++++++++++--
 1 file changed, 29 insertions(+), 2 deletions(-)

diff --git a/oif b/oif
index cb25901..d497d7a 100644
--- a/oif
+++ b/oif
@@ -1,10 +1,22 @@
 #!/bin/bash
 
-while getopts "d:" opt; do
+while getopts "d:c:s:h:z:" opt; do
   case $opt in
     d)
       domain=$OPTARG
       ;;
+    censys)
+      CENSYS_API_ID_CENSYS_API_SECRET=$OPTARG
+      ;;
+    securitytrails)
+      SECURITYTRAILS_API=$OPTARG
+      ;;
+    hunter)
+      HUNTER_API=$OPTARG
+      ;;
+    zoomeye)
+      ZOOMEYE_API=$OPTARG
+      ;;
     \?)
       echo "Invalid option: -$OPTARG" >&2
       exit 1
@@ -29,7 +41,22 @@ echo $domain | httpx -duc -silent -sc -cl -title
 echo -e "\n\033[96mOrigin IPs Info:\033[0m"
 dig=$(dig @1.1.1.1 $domain A +short)
 shodan=$(shodan search ssl:$domain --fields ip_str,port --separator ":" | sed 's/:$//' | sed 's/:\(80\|443\)$//')
+censys=$(curl -s -g -X 'GET' "https://search.censys.io/api/v2/hosts/search?per_page=25&virtual_hosts=EXCLUDE&q=$domain" -H 'Accept: application/json' --user "$CENSYS_API_ID_CENSYS_API_SECRET" | jq -r '.result.hits[] | (.ip + ":" + (.services[] | .port | tostring))' | sed 's/:\(80\|443\)$//')
+securitytrails=$(curl -s --request GET --url "https://api.securitytrails.com/v1/history/$domain/dns/a" --header "apikey: $SECURITYTRAILS_API" | jq -r '.records[].values[].ip')
+viewdns=$(curl -s "https://viewdns.info/iphistory/?domain=$domain" -H 'referer: https://viewdns.info/iphistory/?domain=rix4uni.com' -H 'user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36' | grep -oP '(?<=<td>)(\d{1,3}\.){3}\d{1,3}(?=</td>)')
+
+hunterqbase64=$(echo -n "cert.subject=\"$domain\"" | base64)
+end_time=$(date +%Y-%m-%d)
+start_time=$(date -d "$end_time - 31 days" +%Y-%m-%d)
+hunter=$(curl -s -k -X GET "https://api.hunter.how/search?api-key=$HUNTER_API&query=$hunterqbase64&page=1&page_size=10&start_time=$start_time&end_time=$end_time" | jq -r '.data.list[] | "\(.ip):\(.port)"' | sed 's/:\(80\|443\)$//')
+
+fofaqbase64=$(echo -n "cert.subject.cn=\"$domain\"" | base64)
+fofa=$(curl -s "https://en.fofa.info/result?qbase64=$fofaqbase64&page=1&page_size=10" | grep -oP '(?<=</p><p><a href="/result\?qbase64=)[^"]+(?=" class)' | base64 --decode | grep -oP '(?<=ip=")[^"]+')
+
+zoomeye=$(curl -s -H "API-KEY: $ZOOMEYE_API" "https://api.zoomeye.hk/web/search?query=site:"$domain"&page=1" | jq -r '.matches[].ip[]')
+
+zoomeye_without_api=$(curl -s "https://www.zoomeye.hk/api/search?q=site:"$domain"&page=1&t=v4+v6+web" | jq -r '.matches[].ip[]')
 
-echo $shodan $dig | tr ' ' '\n' | sort -u | httpx -duc -silent -sc -cl -title
+echo $dig $shodan $censys $securitytrails $viewdns $hunter $fofa $zoomeye $zoomeye_without_api | tr ' ' '\n' | sort -u | httpx -duc -silent -sc -cl -title
 
 echo -e "\n\033[91mNOTE: Check Same Content Length and Same Title that's Your Origin IPs:\033[0m"