Shodan is like Google, except it crawls the Internet looking for devices instead of websites. Unlike Google, its search mechanism and results are not intuitive or particularly user-friendly. In other words, you can’t just search for “baby monitor” or “dressing room IP cam” and get a bunch of options.
To get a sense of what you can find, here are the search results that savvy security researchers — who know what to look for — have been able to find.
Shodan is a search engine that lets the user find specific types of computers (routers, servers, etc.) connected to the internet using a variety of filters. Some have also described it as a search engine of service banners, which are meta-data the server sends back to the client. This can be information about the server software, what options the service supports, a welcome message or anything else that the client can find out before interacting with the server.
Shodan collects data mostly on web servers at the moment (HTTP port 80), but there is also some data from FTP (21),SSH (22), Telnet (23), SNMP (161) and SIP (5060) services.
It was launched in 2009 by John Matherly. The name Shodan is a reference to a character from the System Shock video game series.
Shodan is extremely useful to security researchers, developers, and really anyone who has a need for the information it provides. So, let's consider a real example of how Shodan has helped a security researcher collect useful data:
In a story posted by Wired on January 24, 2012, it was revealed that security researcher Eireann Leverett created a tool that would use geolocation to map "industrial control systems" (aka SCADA systems), and then show the risk of exploitation for each machine. This research was very important with the recent concerns over the security and exposure of SCADA systems which resulted from the recent Stuxnet attack. However, before he could map the data, he had to locate the systems. As described in the article, as well as in the detailed paper written by Leverett, he was able to use Shodan to easily search for well known SCADA devices to measure the exposure of such devices. Then, he was able to use other information obtained in the banners found using Shodan to query exploit databases in order to measure the exploitability of each machine.
If you want to test the power of this (dangerous) search engine, you can try to search the term "webcam" or "webcamxp". Obviously, with this keyword you can find any internet webcam connected to the internet..... some of which are without access control....
Another interesting keyword to search is "apache".....
A fun feature of Shodan, is the map interface: maps.shodan.io
Good fun!
info@sr007.esy.es
No comments:
Post a Comment