Author Topic: Shodan.io  (Read 906 times)

adroth

  • Administrator
  • Boffin
  • *****
  • Posts: 10402
    • View Profile
    • The ADROTH Project
Shodan.io
« on: December 19, 2018, 01:11:17 AM »
https://shodan.io

===

For folks who are behind a firewall that doesn't allow access to this controversial tool. Here is a summary from an article.

https://www.csoonline.com/article/3276660/what-is-shodan-the-search-engine-for-everything-on-the-internet.html

Quote
Shodan is the search engine for everything on the internet. While Google and other search engines index only the web, Shodan indexes pretty much everything else ó web cams, water treatment facilities, yachts, medical devices, traffic lights, wind turbines, license plate readers, smart TVs, refrigerators, anything and everything you could possibly imagine that's plugged into the internet (and often shouldn't be).
« Last Edit: October 17, 2019, 01:03:16 AM by adroth »

adroth

  • Administrator
  • Boffin
  • *****
  • Posts: 10402
    • View Profile
    • The ADROTH Project
Re: Shodan.io
« Reply #1 on: October 17, 2019, 01:04:02 AM »

girder

  • Full Member
  • ***
  • Posts: 199
    • View Profile
Re: Shodan.io
« Reply #2 on: October 19, 2019, 12:04:26 AM »
A test that shows the capabilities of Shodan (as well as highlighting the security vulnerabilities that the Internet of Things concept entails).

PenTest Edition: Using Shodan to Locate Internet-Connected Devices (Webcams, Servers, Routers, and More)
12 Jul 2018

Quote
Shodan users have endless search options. For example, users can search for all different types of online Web servers, such as Apache, IIS, and Nginx servers. Users can also search for millions of connected routers, including the very popular Cisco routers or Netgear routers. What happens to be really popular are webcam searches. There are many Webcam manufacturers, such as Axis, Samsung, Sony, Toshiba, Vivtek, and WebcamXP.

...

With access to the Web console, a Shodan user has the ability to login to the webcam, which Iím not going to do. Shodan users can test various default login credentials in order to gain unauthorized access. Once logged in, they gain administrative privileges to move the camera, zoom-in, zoom-out, take snapshots, change the video quality, and much more.