What is Shodan?
Shodan is a very very powerful search engine. It is a search engine that exposes vulnerabilities. The problem is not many people know how it works and how to utilize it to its maximum potential. It is extremely powerful.
How it works?
Shodan is a search engine that will allow users to search the internet of things. So it searches the network that is created by devices connected to the internet and then will gather information like operating system being used or the service that is running on a port.
So in essence, it is performing banner grabbing that will grab all information that it can about any devices that is connected to the internet.
- It performs full service banner grabbing from servers or any other devices connected to the internet.
- It will scan for different ports.
- Now one of the most popular ports that will scan for is the port 80.
- Other ports that it can scan for are the SSH port which is port 22.
- You have your FTP port.
- Port 21 your telnet which is port 23.
- I don’t know if anyone has a telnet running on their server if they do. They should probably be sent to jail for that, is just unbelievable and unsecured.
- It is used for forming banner grabbing and it searches every device connected to the internet.
- Scans for ports and these services and the operating system that is running on each of these devices.
- Can be used to access web servers network devices and web cams, routers etc like scatter system. A lot of systems that are going to be online obviously you can take advantage of them.
How to use Shodan-Let’s get started
- Open up the website link: www.shoden.io
- Create an account.(You can even login with your google account directly)
- The website again tells you the search engine or the webcams or web. So shodan is the world’s first search engine for internet connected devices or the internet of things.
- We can search for anything in the search bar.
- Some of the easiest and the most common searches that most people will do will be something like webcams.
- If I search for webcams, webcams list will show up.
Here we have webcam in korea, France. Live camera’s will be updating every three to five frames.
What information that it will give you right now. So we have made a search for webcams.
- Total results
- Top countries
United states 889
- Top Services
HTTP (8080) 1,826
- Top Organizations
Korea Telecom 222
Deutsche Telecom AG 221
Comcast cable 152
RCS & RDS Residential 116
- Top operating systems
Windows 7 or 8 4
Windows 6.1 4
- Top Products
Webcam 7 httpd 376
Yawcam webcam viewer httpd 341
Apache httpd 206
dvr1614n webcam httpd 60
7. Some other options like “Traffic signals”- One can imagine the damage that this can do to an engine that gives information that you are looking for.
8. Some search filters you can use are like you can search for port. The syntax is Port:22 (String format) and immediately it is going to display about 18 million results.
- Most of them are in united states.
- 4 million in china.
9. Now there are plenty of these servers that you can look to exploit and as you can see most of them are running open SSH.
10. Some are running open SSH on debian but mostly are running on linux which is awesome.
Different ports which can be used are
- Port 1723
- Port 3389: Client operating system = It returns some remote desktop controls you setup by computers. This port is used by operating system for remote accessing.(one allows to connect to someone’s computer)
Some other search filters that you can use are
- routers:(Netgear) = This will probably give us access to admin panels or the control panels for the different routers.
- Cisco devices: Other one you can use something like city.
But the real beauty of shodan is combining these search filters that we know.
- Let us say we wanted to search for different services like there are lot of search filters like OS, windows XP
Syntax= OS:windows XP
How to install shodan on your terminal?
- Go on developers.
- Get started.
- It will give you the following options that you can use to get started with the API these are specific to languages.
- Now go back these are specific for languages. So if you want to include the API in the mobile application the API is available.
- To install it on your command line just go to the command line friendly and install the CLI it is really very easy to install it.
- Open terminal: type -> easy_install shodan.
- Now we have to get the API key “Get the API key”.
- Copy and paste it on the terminal.
- We can actually use the help options here: shodan–help.
- We need to set the initialization.
shodan init [Paste the API Key]
Shodan is a search engine that lets the user find specific types of computers(webcams, routers, servers etc) connected to the internet using a variety of filters.
- Some have also described it as a search engine of service banners, which have meta-data the servers sends back to the client.
- This can be information about the server software, what options the server supports, a welcome message or anything else that the client can find out before interacting with the server.
- Shodan collect data mostly on web servers(HTTP/HTTPS- port 80, 8080, 443,8443) as well as FTP (port 21), SSH(port 22), Telnet(Port 23), SNMP(Port 161), SIP(Port 5060) and real time streaming protocol(RTSP, port 554). The latter can be used to access webcams and their video stream.