How to Find Vulnerable Targets Using Shodan—The World’s Most Dangerous Search Engine

sometimes, we don’t have a specific target in mind, but rather we are simply looking for vulnerable and easy-to-hack targets anywhere on the planet. Wouldn’t be great if we had a search engine like Google that could help us find these targets? Well, we do, and it’s called Shodan!

What Is Shodan?

Some have described Shodan as a search engine for hackers, and have even called it “the world’s most dangerous search engine“. It was developed byJohn Matherly in 2009, and unlike other search engines, it looks for specific information that can be invaluable to hackers.
Shodan pulls service banners (see my tutorial on fingerprinting web serversfor more on banners) from servers and devices on the web, mostly port 80, but also ports 21 (ftp), 22 (SSH), 23 (telnet), 161 (SNMP), and 5060 (SIP).

What Can Shodan Show Us?

Since almost every new device now has a web interface (maybe even your refrigerator) to ease remote management, we can access innumerable web-enabled servers, network devices, home security systems, etc.
Shodan can find us webcams, traffic signals, video projectors, routers, home heating systems, and SCADA systems that, for instance, control nuclear power plants and electrical grids. If it has a web interface, Shodan can find it!
Although many of these systems communicate over port 80 using HTTP, many use telnet or other protocols over other ports. Keep that in mind when trying to connect to them.
Now let’s take a look at this fascinating and nefarious search engine!

Step 1: Create a Shodan Account

First, let’s start by navigating to shodanhq.com. When we do, we’ll be greeted by an opening screen like that below.
Shodan requires that you register to use all of its features, but the service is free unless you need to use some of its advanced features.

Step 2: Search on Shodan

Once we have registered, we can either do custom searches or we can go to the “Search Directory” and see some of the most common and recent searches. If you are new to Shodan, I recommend that you browse “Popular Searches” first.

Step 3: Find Unprotected Webcams

Among the devices we can find on Shodan are innumerable, unprotected webcams. Here is one of many that I found on Shodan. This one is inside an airplane hangar in Norway. Notice that it has java controls to tilt and pan that yo

Popular Posts