Initial Bitcoin OSINT commit

bitcoinOsint.py

@@ -0,0 +1,17 @@
+#!/usr/bin/env python
+
+import sys
+import osint_runner
+import optparse
+
+
+def run(bitcoin, output = None):
+    osint_runner.run("bitcoin", "bitcoins", bitcoin, output)
+
+
+if __name__ == "__main__":
+    parser = optparse.OptionParser()
+    parser.add_option('-o', '--output', action="store", dest="output", help="Save output in either JSON or HTML")
+    options, args = parser.parse_args()
+    bitcoin = args[0]
+    run(bitcoin, options.output)

bitcoins/__init__.py

@@ -0,0 +1,11 @@
+
+from os.path import dirname, basename, isfile, abspath
+import glob, importlib, sys
+
+modules = glob.glob(dirname(__file__) + "/bitcoin_*.py")
+__all__ = [basename(f)[:-3] for f in modules if isfile(f)]
+sys.path.append(dirname(abspath(__file__)))
+
+for m in __all__:
+        __import__(m, locals(), globals())
+del m, f, dirname, basename, isfile, abspath, glob, importlib, sys, modules

bitcoins/base.py

@@ -0,0 +1,5 @@
+import sys
+import os
+
+dir_path = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
+sys.path.insert(0, dir_path)

bitcoins/bitcoin_blockexplorer.py

@@ -0,0 +1,75 @@
+#!/usr/bin/env python
+
+import base
+import config as cfg
+import sys
+from termcolor import colored
+import requests
+
+# Control whether the module is enabled or not
+ENABLED = True
+
+class style:
+    BOLD = '\033[1m'
+    END = '\033[0m'
+
+def validate(bitcoin_address):
+    r = requests.get("https://blockexplorer.com/api/addr-validate/" + bitcoin_address)
+    return r.content
+
+def get_data(bitcoin_address, url):
+    block_explorer_url_full = "https://blockexplorer.com/api/addr/" + bitcoin_address + url
+    res = requests.get(block_explorer_url_full)
+    # Status 400 - Some internal error "Bitcoin JSON-RPC: Work queue depth exceeded. Code:429"
+    # Status 502 - Internal server error. Cloudflare error page breaks the code.
+    while res.status_code == 400 or res.status_code == 502: 
+      res = requests.get(block_explorer_url_full)
+    return res.content
+
+def get_account_properties(bitcoin_address):
+    try:
+        print "[!] Details in Satoshis (1 BTC = 100,000,000 Satoshis)"
+
+        balance = get_data(bitcoin_address, "/balance")
+        print "[+] Balance             : %s" % balance
+
+        total_received = get_data(bitcoin_address, "/totalReceived")
+        print "[+] Total Received      : %s" % total_received
+
+        total_sent = get_data(bitcoin_address, "/totalSent")
+        print "[+] Total Sent          : %s" % total_sent
+
+        unconfirmed_balance = get_data(bitcoin_address, "/unconfirmedBalance")
+        print "[+] Unconfirmed Balance : %s" % unconfirmed_balance
+
+        print ""
+    except Exception as e:
+        print e
+        print "[-] Error retrieving bitcoin wallet balance\n"
+
+def banner():
+    print colored(style.BOLD + '---> Finding details of this Bitcoin wallet\n' + style.END, 'blue')
+
+
+def main(bitcoin):
+    if validate(bitcoin) == 'true':
+        print "[+] Bitcoin address exists\n"
+        get_account_properties(bitcoin)
+    else:
+        print "[-] Invalid Bitcoin address"
+
+# def output(data, bitcoin=""):
+#    for i in data:
+#        print i
+
+
+if __name__ == "__main__":
+    try:
+        bitcoin = sys.argv[1]
+        banner()
+        #result = main(bitcoin)
+        #output(result, bitcoin)
+        main(bitcoin)
+    except Exception as e:
+        print e
+        print "Please provide an valid Bitcoin address as argument"

bitcoins/template.py

@@ -0,0 +1,37 @@
+#!/usr/bin/env python
+
+import base
+import config as cfg
+import sys
+from termcolor import colored
+
+# Control whether the module is enabled or not
+ENABLED = True
+
+
+def banner():
+    # Write a cool banner here
+    pass
+
+
+def main(bitcoin):
+    # Use the bitcoin variable to do some stuff and return the data
+    print bitcoin
+    return []
+
+
+def output(data, bitcoin=""):
+    # Use the data variable to print out to console as you like
+    for i in data:
+        print i
+
+
+if __name__ == "__main__":
+    try:
+        bitcoin = sys.argv[1]
+        banner()
+        result = main(bitcoin)
+        output(result, bitcoin)
+    except Exception as e:
+        print e
+        print "Please provide an valid Bitcoin address as argument"

datasploit.py

@@ -9,11 +9,11 @@
 import emailOsint
 import domainOsint
 import ipOsint
+import bitcoinOsint
 import usernameOsint
 from tld import get_tld
 from netaddr import IPAddress,AddrFormatError
 
-
 def main(argv):
     output=None
     desc="""                                                           
@@ -77,6 +77,9 @@ def main(argv):
             elif get_tld(user_input, fix_protocol=True,fail_silently=True) is not None:
                 print "Looks like a DOMAIN, running domainOsint...\n"
                 domainOsint.run(user_input, output)
+            elif re.match('^[13][a-km-zA-HJ-NP-Z1-9]{25,34}$', user_input):
+                print "Looks like a Bitcoin address...\n"
+                bitcoinOsint.run(user_input, output)
             else:
                 print "Nothing Matched assuming username, running usernameOsint...\n"
                 usernameOsint.run(user_input, output)