Search Shodan for Minecraft server IPs to grief

Overview

GriefBuddy

This script searches Shodan for Minecraft server IPs to grief. This will return all servers connected to the public internet which Shodan has indexed, regardless of whether or not they have been advertised anywhere. Some will have a whitelist, but I've found that most don't.

Results are output in the format <IP>:<PORT>. IPs will be output ordered by how recently Shodan indexed them, so results near the top will be "fresher".

Setup

  1. First you need a Shodan API key. Go to https://shodan.io/ and register for a free account. Then go to https://account.shodan.io/, copy your API key, and paste it between the empty quotes after "API_KEY:" in config.json. Don't share your API key or commit it to version control!

  2. Next, install Python 3 and the pip package manager, if you don't have them.

  3. Install the requests library: $ python3 -m pip install requests.

  4. Clone this repository: $ git clone https://github.com/k0rnh0li0/GriefBuddy.git.

  5. Edit config.json according to your preferences. See section "Configuration" for details. At minimum, you must enter your API key.

  6. Run the script: $ python3 griefbuddy.py

NOTE: Griefing Minecraft servers is not illegal. However, be aware that only you, and no one else, are responsible for any illegal activities you may partake in based on these IP lists. Don't be stupid.

Configuration

This section documents the settings in config.json. It's not necessary to edit config.json other than to enter your API key, but you can change the script's behavior by editing this file.

  • API_KEY - This must be set. Get your API key from https://account.shodan.io/.
  • PAGES - How many pages of results to query. Shodan returns 100 results per page. The first page is always free, but querying any pages beyond the first page will charge you 1 API credit. For example, if you set PAGES to 5, you will be charged 4 API credits total when you run the script. The first page is usually good enough anyway, it gets updated often as Shodan indexes new servers.
  • MC_VERSION - Search for a specific Minecraft server version. You can leave this blank, but results may be less reliable and the script may not work correctly. I recommend having a Minecraft version set.
  • ACTIVE_ONLY - If you set this to true, IPs will only be output if Shodan shows that they have a non-zero Online Players count. This would be a good way to find servers that people are currently playing on.
  • OUTPUT_FILE - Leave this blank if you want to display the IP list directly in the terminal. If you set this to a filename, the script will attempt to write the IP results to the file you specified.

Contributing

Contributions are welcome in the form of pull requests, issues, and epic grief screenshots in the Discussions tab.

If you open an issue about a bug, it would be helpful to include the contents of your config.json file WITH YOUR API KEY REDACTED so we can figure out what's going on.

Owner
I NEED TP FOR MY BUNGHOLIO [email protected]
To explore creating an application that detects available connections at once from wifi and bluetooth

Signalum A Linux Package to detect and analyze existing connections from wifi and bluetooth. Also checkout the Desktop Application. Signalum Installat

BISOHNS 56 Mar 03, 2021
Python exploit code for CVE-2021-4034 (pwnkit)

Python3 code to exploit CVE-2021-4034 (PWNKIT). This was an exercise in "can I make this work in Python?", and not meant as a robust exploit. It Works

Joe Ammond 92 Dec 29, 2022
Exploit for CVE-2017-17562 vulnerability, that allows RCE on GoAhead (< v3.6.5) if the CGI is enabled and a CGI program is dynamically linked.

GoAhead RCE Exploit Exploit for CVE-2017-17562 vulnerability, that allows RCE on GoAhead ( v3.6.5) if the CGI is enabled and a CGI program is dynamic

Francisco Spínola 2 Dec 12, 2021
将hw时信息收集以及简单的漏洞操作步骤简单化

Braised-vegetables 将hw时信息收集以及简单的漏洞扫描操作步骤简单化 使用subfinder(被动子域名爆破收集) subdomain(主动域名爆破) nabbu(端口扫描) httpx(探测目录浏览) crawlergo(360深度爬虫) chorme(谷歌浏览器) xray(漏

19 Nov 15, 2022
DependConfusion-X Tool is written in Python3 that scans and monitors list of hosts for Dependency Confusion

DependConfusion-X Tool is written in Python3 which allows security researcher/bug bounty hunter to scan and monitor list of hosts for Dependency Confusion.

Ali Fathi Ali Sawehli 4 Dec 21, 2021
"KeyLogger-WebService" Is a Keylogger Write In python.

KeyLogger-WebService "KeyLogger-WebService" Is a Keylogger Write In python. When you Inject the file on a computer once the file is opened on the comp

Freddox 21 Dec 16, 2022
This is a repository filled with scripts that were made with Python, and designed to exploit computer systems.

PYTHON-EXPLOITATION This is a repository filled with scripts that were made with Python, and designed to exploit computer systems. Networking tcp_clin

Nathan Galindo 1 Oct 30, 2021
A small POC plugin for launching dumpulator emulation within IDA, passing it addresses from your IDA view using the context menu.

Dumpulator-IDA Currently proof-of-concept This project is a small POC plugin for launching dumpulator emulation within IDA, passing it addresses from

Michael 9 Sep 21, 2022
Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.

sshuttle: where transparent proxy meets VPN meets ssh As far as I know, sshuttle is the only program that solves the following common case: Your clien

9.4k Jan 04, 2023
Osint-Tool - Information collection tool in python

Osint-Tool Herramienta para la recolección de información Pronto más opciones In

3 Apr 09, 2022
TOOLS CRACK FACEBOOK

Installation $ pkg update && pkg upgrade $ pkg install python2 $ pkg install git $ git clone https://github.com/Mark-Zuck/zafi $ cd zafi $ pip2 instal

Romi Afrizal 50 Dec 26, 2022
hackinsta: a program to hack instagram

hackinsta a program to hack instagram Yokoback_(instahack) is the file to open, you need libraries write on import. You run that file in the same fold

1 Dec 04, 2021
PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager)

PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager) This script allows to check and exploit missing authentication checks in

chipik 82 Nov 09, 2022
CVE 2020-14871 Solaris exploit

CVE 2020-14871 Solaris exploit This is a basic ROP based exploit for CVE 2020-14871. CVE 2020-14871 is a vulnerability in Sun Solaris systems. The act

Robin Massink 2 Oct 25, 2022
Crowbar - A windows post exploitation tool

Crowbar - A windows post exploitation tool Status - ✔️ This project is now considered finished. Any updates from now on will most likely be new script

29 Nov 20, 2022
Bilgi Sistemleri Projesi için yapılan keylogger

Keylogger Bilgi Sistemleri Projesi için yapılan keylogger Projede kullanılan kütüphanelere sahip olmasanız da python dosyası çalıştığında kendisi gere

Tarik Bulut 1 Jan 07, 2022
Web3 Pancakeswap Sniper & honeypot detector Take Profit/StopLose bot written in python3, For ANDROID WIN MAC & LINUX

🏆 Pancakeswap BSC Sniper Bot web3 with honeypot detector (ANDROID WINDOWS MAC LINUX) 🥇 ⭐️ ⭐️ ⭐️ First SNIPER BOT for ANDROID & WINDOWS with honeypot

Mayank 12 Jan 07, 2023
HashDB API hash lookup plugin for IDA Pro

HashDB IDA Plugin Malware string hash lookup plugin for IDA Pro. This plugin connects to the OALABS HashDB Lookup Service. Adding New Hash Algorithms

OALabs 237 Dec 21, 2022
Kriecher is a simple Web Scanner which will run it's own checks for the OWASP

Kriecher is a simple Web Scanner which will run it's own checks for the OWASP top 10 https://owasp.org/www-project-top-ten/# as well as run a

1 Nov 12, 2021
Fetch Chrome, Firefox, WiFi password and system info

DISCLAIMER : OUR TOOLS ARE FOR EDUCATIONAL PURPOSES ONLY. DON'T USE THEM FOR ILLEGAL ACTIVITIES. YOU ARE THE ONLY RESPONSABLE FOR YOUR ACTIONS! OUR TO

Genos 59 Nov 17, 2022