Shodan – Search Engine For Hackers – Beginner Guide

Shodan Hacker

What is Shodan?

Shodan is a type of search engine that allows users to search for Internet-connected devices and explicit website information such as the type of software running on a particular system and local anonymous FTP servers. Shodan can be used much in the same way as Google, but indexes information based on banner content, which is meta-data that servers send back to hosting clients. For the best results, Shodan searches should be executed using a series of filters in a string format.

So in conclusion we can say that, Shodan is a search engine for finding specific devices, and device types, that exist online. It is like an internet map that lets us see which device is connected to which or ports are open on a specific device or what operating system a certain system is using, etc. Rather than to locate specific content on a particular search term, SHODAN is designed to help the user find specific nodes (desktops, servers, routers, switches, etc.) with specific content in their banners.

What can Shodan do?

Shodan pulls service banners from servers and devices on the web, mostly port 80, but also ports 21 (ftp), 22 (SSH), 23 (telnet), 161 (SNMP), and 5060 (SIP). Since almost every new device now has a web interface (maybe even your refrigerator) to ease remote management, we can access innumerable web-enabled servers, network devices, home security systems, etc. Shodan can find us webcams, traffic signals, video projectors, routers, home heating systems, and SCADA systems that, for instance, control nuclear power plants and electrical grids. If it has a web interface, Shodan can find it! Although many of these systems communicate over port 80 using HTTP, many use telnet or other protocols over other ports. Keep that in mind when trying to connect to them.

How to use Shodan?

Shodan is very important to understand before you can fully utilize it. At first, you might find it complex but once you get to know it you will find it very handy in use and very resourceful too. So, now let us learn how to work with the fascinating search engine. To use shodan to your advantage you have the following search filters;

  • Basic Operations: Search

    -Search terms are entered into a text box
    (seen below) Quotation marks can narrow a search
    -Boolean operators + and – can be used to
    include and exclude query terms (+ is
    implicit default)

Webcam

When you search for webcam, it will show you all the webcam present.

Traffic Signals

Searching for traffic signals or traffic signals camera then it will show you all the traffic surveillance cameras available.

Scada

You can also search for Scada and you will get its information.

Port

Not only the devices but it can help find which port is open in which device. For example, I have searched for port: 1723.

 

Let us know what you think of shodan!

 

Share!

Leave a Reply