I have a Shodan account and am trying to get it to scan an IP and report the results. Unfortunately, the method reported in the documentation for doing this doesn't seem to work. Here's what I've been doing, using the Shodan CLI. All of these commands are being issued using the same API key.
- Used the
shodan scan submit
command to initiate a scan of the desired IP. - Used
shodan scan list
to monitor the status of the scan I submitted. From the list entry, I can get the scan ID and its status. Wait until the scan status is "DONE" - According to the Shodan API documentation, the way to retrieve my results is by using
shodan download <download_file_name> scan:<my_scan_id>
. However, when I send that command I am informed it is downloading 0 results. - Searching the database with
shodan search scan:<my_scan_id>
also shows zero results.
I've looked through the documentation and there doesn't seem to be another way of getting results without a dedicated data pipe, which I can't since I'm on the $50 lifetime level. So what's going on? Has the API changed? Does it take time for the results of on-demand scans to be incorporated into the database?
Thanks in advance to anyone who can offer some insight on this.
So after a late night with Shodan's API, I think I've figured this one out. There does not appear to be a way to download your scan results after the fact. They appear on the command line that launched the scan once it concludes. The only way to save them is to use
scan submit --filename <your_file_name> <your_ip>
. This also means you need to make sure the process that submitted the scan is still around to receive the result.I can't account for the documentation saying you can use
shodan download
with your scan ID, but I've tried to multiple times from the Python API and the Shodan CLI and it doesn't seem to work. Unless someone comes along to tell me differently, I'm assuming that functionality is not available.