SHODAN, The Computer Search Engine
(Source: shodan.surtri.com)
Search engines are well-known on-line tools. But not only websites can be indexed. They are plenty of search engines to find multimedia content, news and more. A new one is born: SHODAN. From the quick guide: “SHODAN lets you find servers/ routers/ etc. by using the simple search bar up above. Most of the data in the index covers web servers at the moment, but there is some data on FTP, Telnet and SSH services as well.”
Using SHODAN, you can search for computers (or potentially any device connected via an IP address) and software versions. It could be seen as a big index of port scanners results. As port scanning is prohibited in lot of countries, it’s a perfect tool for hackers who are looking for targets. Like Google, it’s possible to restrict your queries. The examples below will help you to estimate the real value of this search engine:
- To search for devices in a specific country, use: “country:2-letter country code“
- To search for hostnames, use: “hostname:full or partial host name“
- To search into specific IP ranges, use: “net:a.b.c.d/n“
- To search for specific ports, use: “port:21, 22, 23 or 80“
Otherwise you use the search engine just like Google: by typing keywords. You are looking for Apache servers? (Test) or printers? (Test).
Other nice examples:
- List of telnet ports detected on devices located in Belgium: http://shodan.surtri.com/?q=country%3Abe+port%3A23
- List of Microsoft IIS servers with a default page: http://shodan.surtri.com/?q=port%3A80+iisstart.html
SHODAN is available only for a few days and will for sure grow with new features. Or course, it can be used for malicious activity: The “net:” filtering has been disabled today to mitigate enumeration attempts. Other project already started to use SHODAN like a Firefox search add-on.
Congrats to HD Moore and Thierry Zoller for this tool!
Thanks admin for sharing the information and backlink.