Ever taken a stroll and thought someone was watching you? Not to scare you but someone probably was.

Survillence technologies are predominant in society today, in most developed countries almost every street has a camera for monitoring public and private spaces.

What is Shodan?

Shodan is a search engine that lets user find specific devices connected to the internet using specific filters. This search engine can find devices like routers, webcam, SCADA, video projectors, etc.

Many have described Shodan as the most dangerous search engine because unlike other search engines, it looks for specific information that can be invaluable to hackers. It works by searching the entire internet and returning various devices such as lists of routers, Webcam, surveillance cameras. In the Security of the internet of things, shodan can also be used to pin point the location of devices connected to the internet

This tutorial would help you get started with Shodan. So let’s started.

Creating a Shodan Account

shodan

The first step would be to create a free account if you haven’t created one already, visit https://www.shodan.io/ to create your free account.

Basic Usage

After registration, you can navigate on the explore page and do a custom search or go to the search directory, this would show some results of recent and most common search. For example, when you click to the explore page, you would find recently shared files, featured categories, etc.

1

Default Passwords

Lets dive into the default password, when you select the default password option its going come up with lists of hosts and their default password.

2

According to the image above, we can see an amount of data; such as country, Top services (Ports), Top organisations, Top operating systems, etc. Then on the main screen we get a list including; Hostname, IP addresses, ISP, Country, database entry date.

3

For further investigation, i selected host: 119.145.249.90 (https://www.shodan.io/host/119.145.249.90), Here you see the data of the host like lists of ports in this case ports 22, 23, and 443 are being used, services and web technologies used.

Finding Unprotected Webcam

A lot of devices can be found on Shodan, one with i found was a webcam located in poland.

4

You can also find things like: SCADA, Traffic Lights, Routers, etc.

Using Filters

Just like any other search engines, using the right filter could help narrow down your search. Basic filters like “country”, “Hostname”, “ports”, “os”, “city” can be used.

For example, if we want to find Cisco devices in UK (cisco: “United Kingdom”).

You can also combine filters, this would help to narrow down the results further.

To explore more visit https://blog.shodan.io