i Shodan search engine – All things in moderation

Shodan search engine

Introduction

Shodan is a search engine that lets the user find specific types of computers (web cams, routers, switches, servers, etc.) connected to the internet using a variety of filters. Some have also described it as a search engine of service banners, which are meta-data the server sends back to the client. This can be information about the server software, what options the service supports, a welcome message or anything else that the client can find out before interacting with the server.

Shodan collect data from servers and devices on the internet, mosly on the web server HTTP/HTTPS – port 80/443, but also ports FTP (port 21), SSH (port 22), TELNET (port 23), SNMP (port 161), Real Time Streaming Protocol (RTSP, port 554), …

Other shodan products: https://www.shodan.io/about/products

Using Shodan

1. Basic usage
In shodan.io home page, you entering into the search field to searh for keywork or host, like you would any other search engine.
For example, I’m searching for “hackerone.com

Look at search result, we have folowing:
1. Total Result (also are number of host used by hackerone)
2. Results map
3. Top services (Ports)
4. Top organizations (ISPs)
5. The main session to description for each host include:
– IP address
– Hostname
– Location
– Request header
– Service information

Searching for Webcam

When we search with keyword webcam, it will show you all the webcam present in the world show following:

Searching for cisco

Searching with keyword cisco will show you all the cisco routers in the world show following:

2. Shodan search query

To use this feature you must register an account to shodan

Some useful Shodan search query:

  • hostname: find values that match the hostname
  • os: search based on operating system
  • port: find particular ports that are open
  • net: search based on an IP or /x CIDR
  • city: find devices in a particular city
  • country: find devices in a particular country
  • geo: you can pass it coordinates
  • before/after: find results within a timeframe

For example, I’m searching for hosts open port 445 run on windows OS can vulberable to eternalblue was used as part of the worldwide WannaCry ransomware attack on May 12, 2017

3. Shodan add-ons

Shodan supply add-ons for firefox and chrome to retrieves data gathered by Shodan.io of the current website you’re browsing like following.

4. Shodan API
Shodan provide the API for developer including Shodan Images and Shodan Maps, Shodan Exploit, Shodan search, … Anything that can be done using those websites you can also do directly via the API.

Read more about shodan API from: https://developer.shodan.io/api/clients

Reference

https://www.shodan.io/
https://wikipedia.org/

Leave a Reply