Shodan - Best Search Engine for Internet Devices
Shodan is the best search engine for Internet devices. This tool is capable of identifying almost all devices that have public internet connections. Devices may range from IP cameras to smart Refrigerators. Shodan is available in both - web and command-line interfaces. For the web interface, you just need a web browser while to access the command-line interface, you need to install python on the system.
How Shodan Works?
Shodan scans all IPs and open ports to identify IT devices such as printers, cameras, routers, etc. available on the internet. This tool indexes the devices just like a web search engine (e.g. Google, Yahoo) indexes web content. On searching for a particular device, it will show all relevant details. Basically, it will scan all devices available on the internet and parse the found banners.
Basic Usage
Just open a web browser and enter the URL https://shodan.io.
Now just type which device you want to search. Suppose, I am looking for an ipcamera. Just type ipcamera in the search box.
Now Just click on any IP, it will show details related to general information (e.g. hostname, ISP, cloud details, etc.), open ports, and responses against open ports.
The tool also shows known vulnerabilities with CVE details.
Advanced Usage
You can use advanced search operators and a combination of those search operators to filter desired information related to the target. Here is the list of search operators that may be used in combination to get desired results.
(1) country:
You can search specific results based on a particular country.
country:"US" ipcamera
(2) city:
You can search devices based on a specific city.
city:"NewYork" ipcamera
(3) hostname:
You can search specific results based on a particular hostname.
hostname:"google"
(4) net:
You can search results based on IP addresses
net:212.312.0.0/16 ipcamera
(5) port:
Search devices with specific open ports
port:8081 ipcamera
(6) before/after:
This search operator identifies results based on a mentioned date
ipcamera after:09/02/2014 before:12/12/2013
(7) os:
Find devices based on a particular operating system
scada os:"Windows XP"
(8) geo:
geo:"29.913205,23.232133"
(9) Default Passwords
This keyword searches default passwords by combining other search parameters
"default password"
Summary
Shodan is very helpful in identifying public-facing internet information of devices by grabbing banners. This tool is mostly used in searching for misconfigured IoT devices.
I have just covered the tip of the iceberg. If you are more interested in learning this tool, I will recommend searching more material on Google and keeping updated with #shodan on Twitter.
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.
