cpe_lookup
Search for Common Platform Enumeration entries by product name in Shodan's CVEDB to identify specific software and hardware versions and configurations.
Instructions
Search for Common Platform Enumeration (CPE) entries by product name in Shodan's CVEDB. Supports pagination and can return either full CPE details or just the total count. Useful for identifying specific versions and configurations of software and hardware.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| count | No | If true, returns only the count of matching CPEs. | |
| limit | No | Maximum number of CPEs to return (max 1000). | |
| product | Yes | The name of the product to search for CPEs. | |
| skip | No | Number of CPEs to skip (for pagination). |
Implementation Reference
- src/index.ts:594-637 (handler)Handles the execution of the cpe_lookup tool: validates input arguments using the schema, calls the queryCPEDB helper to fetch CPE data from CVEDB API, formats the response as structured JSON (count or list with pagination info), and returns it or handles errors.case "cpe_lookup": { const parsedCpeArgs = CpeLookupArgsSchema.safeParse(args); if (!parsedCpeArgs.success) { throw new Error("Invalid cpe_lookup arguments"); } try { const result = await queryCPEDB({ product: parsedCpeArgs.data.product, count: parsedCpeArgs.data.count, skip: parsedCpeArgs.data.skip, limit: parsedCpeArgs.data.limit }); // Format the response based on whether it's a count request or full CPE list const formattedResult = parsedCpeArgs.data.count ? { total_cpes: result.total } : { cpes: result.cpes, skip: parsedCpeArgs.data.skip, limit: parsedCpeArgs.data.limit, total_returned: result.cpes.length }; return { content: [ { type: "text", text: JSON.stringify(formattedResult, null, 2), }, ], }; } catch (error: any) { return { content: [ { type: "text", text: error.message, }, ], isError: true, }; } }
- src/index.ts:173-178 (schema)Zod schema defining the input parameters for the cpe_lookup tool: product (required string), count (optional boolean), skip and limit (optional numbers for pagination).const CpeLookupArgsSchema = z.object({ product: z.string().describe("The name of the product to search for CPEs."), count: z.boolean().optional().default(false).describe("If true, returns only the count of matching CPEs."), skip: z.number().optional().default(0).describe("Number of CPEs to skip (for pagination)."), limit: z.number().optional().default(1000).describe("Maximum number of CPEs to return (max 1000)."), });
- src/index.ts:336-340 (registration)Registers the cpe_lookup tool in the MCP server with its name, detailed description, and input schema converted to JSON schema.{ name: "cpe_lookup", description: "Search for Common Platform Enumeration (CPE) entries by product name in Shodan's CVEDB. Supports pagination and can return either full CPE details or just the total count. Useful for identifying specific versions and configurations of software and hardware.", inputSchema: zodToJsonSchema(CpeLookupArgsSchema), },
- src/index.ts:231-247 (helper)Helper function that performs the HTTP request to Shodan's CVEDB API endpoint for CPE lookup by product, handles specific error cases like invalid parameters, and logs the query.async function queryCPEDB(params: { product: string; count?: boolean; skip?: number; limit?: number; }) { try { logToFile(`Querying CVEDB for CPEs with params: ${JSON.stringify(params)}`); const response = await axios.get(`${CVEDB_API_URL}/cpes`, { params }); return response.data; } catch (error: any) { if (error.response?.status === 422) { throw new Error(`Invalid parameters: ${error.response.data?.detail || error.message}`); } throw new Error(`CVEDB API error: ${error.message}`); } }