Showing posts with label Shodan. Show all posts
Showing posts with label Shodan. Show all posts

Shodan Dorks or Queries

We wrote in brief about SHODAN here

searching on shodan is just like google

posting as per the dates



http://shodan.surtri.com/?q=cisco-IOS

http://shodan.surtri.com/?q=IIS+4.0

http://shodan.surtri.com/?q=Xerver (REF: http://www.exploit-db.com/exploits/9718)
 
- November 29th 2009

http://shodan.surtri.com/?q=Fuji+xerox
http://shodan.surtri.com/?q=JetDirect

November 30th 2009
http://shodan.surtri.com/?q=port:23+%22list+of+built-in+commands%22

http://shodan.surtri.com/?q=port%3A80+iisstart.html

- December 1st 2009
 
http://shodan.surtri.com/?q=Server:%20SQ-WEBCAM

http://shodan.surtri.com/?q=Netgear

http://shodan.surtri.com/?q=%22Anonymous+access+allowed%22

http://shodan.surtri.com/?q=Golden+FTP+Server 
(REF: http://www.exploit-db.com/exploits/10258)

- December 3rd 2009
 
http://shodan.surtri.com/?q=IIS+5.0 (REF: http://milw0rm.com/exploits/9541)

http://shodan.surtri.com/?q=IIS+6.0

- December 5th 2009
 
http://shodan.surtri.com/?q=%22Server%3A+iWeb%22+HTTP 
(REF: http://packetstormsecurity.org/0912-exploits/iweb-traversal.txt)

- December 8th 2009
 
http://shodan.surtri.com/?q=Wordpress

http://shodan.surtri.com/?q=Joomla

http://shodan.surtri.com/?q=Drupal

http://shodan.surtri.com/?q=iPhone+Web+Server

http://shodan.surtri.com/?q=FreeBSD

http://shodan.surtri.com/?q=IPCop

- December 23rd 2009
 
http://shodan.surtri.com/?q=IBM-HTTP-Server

http://shodan.surtri.com/?q=barra_counter_session

http://shodan.surtri.com/?q=BIGipServer

http://shodan.surtri.com/?q=F5-TrafficShield

http://shodan.surtri.com/?q=st8id

http://shodan.surtri.com/?q=profense

http://shodan.surtri.com/?q=X-dotDefender-denied

http://shodan.surtri.com/?q=X-Cnection

http://shodan.surtri.com/?q=nnCoection

http://shodan.surtri.com/?q=Cneonction

(- Thanks wafw00f!)

- December 24th 2009

http://shodan.surtri.com/?q=PowerDNS(REF: http://www.securityfocus.com/bid/37650)

- January 11th 2009
 http://shodan.surtri.com/?q=ADSL+port%3A80

- January 12th 2010
http://shodan.surtri.com/?q=Default+Password

- February 8th 2010
 
http://www.shodanhq.com/?q=%22X-Powered-By%3A+PHP%22
http://www.shodanhq.com/?q=%22Sagem%22 
(REF: http://www.exploit-db.com/exploits/11633)

- March 6th 2010
 
http://www.shodanhq.com/?q=vFTPd+1.31(REF: http://www.exploit-db.com/exploits/11293)

- March 21st 2010
 
http://www.shodanhq.com/?q=KM-MFP-http (Thanks to: http://www.twitter.com/Motoma)
http://www.shodanhq.com/?q=mod_antiloris 
(This does not work with PyLoris per Motoma.

- April 10th 2010
 
http://www.shodanhq.com/?q=X-Powered-By:W3%20Total%20Cache

- July 12th 2010
 
http://www.shodanhq.com/?q=port%3A161+simatic

http://www.shodanhq.com/?q=PLC

http://www.shodanhq.com/?q=scada

http://www.shodanhq.com/?q=bacnet

http://www.shodanhq.com/?q=telemetry+gateway
(aka – SHODAN SCADA)




More, coming soon!

 
Continue Reading

Shodan -Search Engine For Hackers

We all were using Google dorks for long time for finding vulnerabilities but google and other search engines are designed for normal people.Here we have a advanced search engine for hackers SHODAN SUTRI

SHODAN stands for Sentient Hyper-Optimized Data Access Network it is a advnaced search engine which scans server,routers,webcams,ports,ip,load. Why is this dangerous? This is because Google looks at the web content only where as, Shodan can show you in plain text the network part of the host.


For example if we search for IIS4.0 with this query we get Results  about 1113033 for IIS 5.0
and one of the layout of a server
HTTP/1.0 200 OK
Server: Microsoft-IIS/5.0
Content-Location: http://194.170.210.81/pagemoved.htm
Date: Fri, 21 Jan 2011 21:39:14 GMT
Content-Type: text/html
Accept-Ranges: bytes
Last-Modified: Sun, 07 Aug 2005 04:13:10 GMT
ETag: "e36295269bc51:d96"
Content-Length: 1059

certainly 1113033 results for IIS server is more than handy :)


For firefox users they already developed addon -https://addons.mozilla.org/en-US/firefox/addon/51503/.


Those who believe in learning by watching as we do here we have video presentation on shodan sutri from defcon 18


Shodan-Search Engine For Hackers from shobhit tiwari on Vimeo.


In the next post we will be posting dorks of shodan.Here is the link to SHODAN(click on shodan) website
Continue Reading
Share to Facebook Share to Twitter Stumble It More...
Related Posts Plugin for WordPress, Blogger...
 

Like Us !!

Story Box