• Write for Us
  • Courses
  • Blog
  • About Us
  • Contact
    Hacker Academy
    • Write for Us
    • Courses
    • Blog
    • About Us
    • Contact

      Automated Tools

      • Home
      • Automated Tools
      • Hacking With Shodan (How to use Shodan Guide)

      Hacking With Shodan (How to use Shodan Guide)

      • Posted by shubham
      • Categories Automated Tools
      • Tags hacking devices with shodan, hacking with shodan, how to use shodan, shodan

      Today we are reviewing shodan also know as the hacker’s search engine. We will see what shodan is and how to use shodan. We will also explore some advanced features of shodan. Everything related to shodan search filters and shodan search queries is also available.

      Welcome to another hacking tutorial.

      Table of contents

      • What is Shodan?
      • How does Shodan work?
        • Shodan can show researchers and pentesters:
      • How to use shodan?
        • What if you want to search for any specific information on shodan?
        • Shodan Filters
        • Advanced Use of shodan
      • List of Shodan Filters
        • General Filters
        • HTTP Filters 
        • NTP Filters
        • SSL Filters
        • Telnet Filters
        • How to secure your devices on the internet?

      What is Shodan?

      Shodan is a unique search engine that finds devices that are connected to the internet and gathers information about those related devices using banners and port scanners.

      shodan

      The most popular searches are for devices like routers, webcam, ADB devices, etc. Shodan can show all the devices which are broadcasting their information on the world wide web. This is especially useful for people pentesting IoT devices as well as critical infrastructures such as power grids and power plants.

      Sometimes due to misconfiguration and human error, criticals services are explored on the internet. With Shodan, you can see those critical services openly accessible via the internet.


      How does Shodan work?

      As I said before Shodan is a search engine that works by scanning the entire internet and parsing the information on banners that are returned by various devices connected on the internet. By using this information, Shodan can show you a lot of valuable information about the devices on the internet.

      For, e.g., it can show detailed information about which ports and services are being used by a specific device. It can also provide information about which webserver and version it is using along with other juicy details that can be used by hackers and pen-testers for information gathering.

      shodan

      Shodan is mainly used for security research, and that was the original intent of the developer. However, many hackers also use this tool to find information about vulnerable devices on the internet.

      The main focus is around the Internet of Things since there are already billions of devices coming online every year.


      Shodan can show researchers and pentesters:

      1) Devices which have specific vulnerabilities that

      2)Devices which can be identified quickly by their banner information.

      3)Devices with default credentials

      4)Devices connected to the internet without any security


      How to use shodan?

      A simple Tutorial for Basic Users:

      Step 1: You start by visiting the official site of Shodan.

      Step 2: Now in the search box type: Any of the following popular queries

      “Webcam“,” ” vnc“, ” Android debug bride“, ” router“, ” cams” default password“

      For this search, I looked for “android debug bridge.“

      shodan finding adb android devices

      From the image, you can see all the critical information revealed by Shodan

      Step 3: Click on any link, and you will get even more detailed information about ports services manufacturers information, etc.

      Hacking With Shodan (How to use Shodan Guide)

      What if you want to search for any specific information on shodan?

      Well, we have shodan filters that can help you simplify the whole deal. There are many more filters that can be used. The detailed list is added below. For now, I will show the most popular ones below:

      Shodan Filters

      Here are the most popular search filters you can use on shodan:

      § city: find devices connected in a particular city, 

      e.g., city:”San Francisco.”

      shodan

      § country: find devices in a particular country, 

      e.g., country:”IN”

      shodan

      § geo: you can pass it longitude-latitude coordinates

      geo:32.8,-117,50

      how to hack devices with shodan

      § Hostname: find devices with that matching the Hostname

      hostname:”google”

      shodan

      § net: search based on an IP address

      net:”216.219.143.0/24″

      § os: search based on the operating systems

      os:”windows”

      shodan

      § port: find particular ports which are open on specific devices (e.g., 8080, 21, etc.)

      port:8080

      § before/after: find results within a specific time frame.

      country: CH after: 22/03/2010 before:4/6/2010

      You can also use the “Explore” feature on the main website of Shodan to look at popular searches and results. You’ll find exciting things like:

      1. Webcams

      2. SCADA

      3. Traffic lights

      4. Routers

      5. Default passwords

      6. IoT devices

      7.and many more


      Advanced Use of shodan

      Here are a few other cool features of shodan you need to know about

      1. Data Export feature: You can export your shodan search results in various formats by using the top menu

      2. Browser Search: You can configure your browser by adding addons for shodan. A chrome and firefox plugin is available with shodan API

      3. Shodan is Free: You need to create a free shodan account to access all the information. Compared to before, many of the shodan features have become paid only. However, you can still use the free version as much as you want legally.

      4. Premium Accounts: A shodan premium account can be bought with a monthly subscription, as shown below. See the image for more details on shodan premium plans

      shodan

      5. Shodan Exploit search feature

      You can search exploits with the new shodan exploit search engine. See image below where I searched for android exploits. I’ll make a separate article on this feature so stay tuned.

      Android exploits:

      6. Shodan Map search

      You can find devices by using the map search feature. A great way to find vulnerable devices near you. You can control everything with the mouse making it quite easy to navigate.

      hacking devices with shodan

      7. Shodan honeypot checker

      Shodan now has a great feature to check for honeypots. By using these feature, we can confirm the IP address we are pining is an actual device or a honeypot.

      honeyspot

      If you want to know more about honeypots, click here.


      List of Shodan Filters

      General Filters

      NameDescriptionType
      afterOnly show results after the given date (dd/mm/yyyy)string
      asnAutonomous system numberstring
      beforeOnly show results before the given date (dd/mm/yyyy)string
      categoryAvailable categories: ics, malwarestring
      cityName of the citystring
      countryThe 2-letter country codestring
      geoAccepts between 2 and 4 parameters. If 2 parameters: latitude, longitude. If 3 parameters: latitude,longitude,range. If 4 parameters: top left latitude, top left longitude, bottom right latitude, bottom right longitude.string
      hashHash of the data property integerinteger
      has_ipv6True/ False booleanboolean
      has_screenshotTrue/ False booleanboolean
      hostnameThe full hostname for the devicestring
      ipAlias for net filterstring
      ispISP managing the netblockstring
      netNetwork range in CIDR notation (ex. 199.4.1.0/24)string
      orgThe organization assigned the netblockstring
      osSearch by Operating systemstring
      portPort number for the service integerstring
      postalPostal code (US-only) stringstring
      productName of the software/ product providing the banner stringstring
      regionName of the region/ state stringstring
      stateAlias for region stringstring
      versionVersion for the product stringstring
      vulnCVE ID for a vulnerability stringstring

      HTTP Filters 

      NameDescriptionType
      http.componentName of web technology used on the websitestring
      http.component_categoryCategory of web components used on the websitestring
      http.htmlHTML of web bannersstring
      http.html_hashHash of the website HTMLinteger
      http.statusResponse status codeinteger
      http.titleTitle for the web banners websitestring

      NTP Filters

      NameDescriptionType
      ntp.ipIP addresses returned by monliststring
      ntp.ip_countNumber of IPs returned by initial monlistinteger
      ntp.moreTrue/ False; whether there are more IP addresses to be gathered from monlistboolean
      ntp.portPort used by IP addresses in monlistinteger

      SSL Filters

      NameDescriptionType
      has_sslTrue / Falseboolean
      sslSearch all SSL datastring
      ssl.alpnApplication layer protocols such as HTTP/2 (“h2”)string
      ssl.chain_countNumber of certificates in the chaininteger
      ssl.versionPossible values: SSLv2, SSLv3, TLSv1,TLSv1.1, TLSv1.2string
      ssl.cert.algCertificate algorithmstring
      ssl.cert.expiredTrue / Falseboolean
      ssl.cert.extensionvNames of extensions in the certificatestring
      ssl.cert.serialSerial number as an integer or hexadecimal stringinteger / string
      ssl.cert.pubkey.bitsNumber of bits in the public keyinteger
      ssl.cert.pubkey.typePublic key typestring
      ssl.cipher.versionSSL version of the preferred cipherstring
      ssl.cipher.bitsNumber of bits in the preferred cipherinteger
      ssl.cipher.nameName of the preferred cipherstring

      Telnet Filters

      NameDescriptionType
      telnet.optionSearch all the options availablestring
      telnet.doThe server requests the client does support these optionsstring
      telnet.dontThe server requests the client not to support these optionsstring
      telnet.willThe server supports these optionsstring
      telnet.wontThe server doesn’t support these optionsstring

      Credits: JavierOlmedo


      Hopefully, with this tutorial, you were able to get all the necessary information you need about using shodan.

      As you can probably see, shodan is an excellent tool with both good and bad aspects. Its shows how easily hackers can hack our devices by using exploits and misconfigurations to bypass all our security and gain unauthorized access to our devices connected on the internet.

      How to secure your devices on the internet?

      • Make sure you change the default password configuration of devices on the internet
      • Services that do not require the internet should not be connected to the internet.
      • Devices should be updated and regularly checked
      • Use proper firewalls and antivirus for protecting devices
      • Read our article on how to secure your account from hackers

      Cocospy Phone Spy

      Tag:hacking devices with shodan, hacking with shodan, how to use shodan, shodan

      • Share:
      author avatar
      shubham

      Previous post

      20 Best Websites to Learn Ethical Hacking for Beginners
      June 3, 2021

      Next post

      How to install Kali Linux on android with termux without root
      June 3, 2021

      You may also like

      security-concept-illustration-people-holding-chain_53876-43028
      Basics of Dynamic Application Security Testing Tools
      6 December, 2021
      top 10 operating systems for hackers
      Top 10 Operating Systems for Hackers
      24 August, 2021
      top 10 skills every hackers must learn
      Top 10 Skills Every Hacker Must Learn
      8 August, 2021

      Leave A Reply Cancel reply

      Your email address will not be published. Required fields are marked *

      Cocospy Phone Spy
      Cocospy Phone Spy

      Suggested Tools

      [email protected]
      Facebook Twitter Google-plus Pinterest

      Company

      • About Us
      • Contact
      • Write a Guest Post

      Links

      • Privacy
      • Terms

      Support

      • Disclaimer
      • Advertise With Us
      • FAQs

      All rights Reserved 2021 || For any issues contact: [email protected]

      • Privacy
      • Terms