Shodan

DAY 5: Sadiya B. | Slytherin EduTech Pvt. Ltd.

??What Is Shodan?

Shodan is a search engine similar to Google. But while Google searches for websites, Shodan searches for devices that are connected to the internet. Users can perform a search using the Shodan search engine based on an IP address, device name, city, and/or a variety of other technical categories.

Shodan is a search engine for everything on the internet — web cams, water treatment facilities, yachts, medical devices, traffic lights, wind turbines, license plate readers, smart TVs, refrigerators, anything and everything you could possibly imagine that’s plugged into the internet (and often shouldn’t be). Google and other search engines, by comparison, index only the web.

How Does Shodan Work?

Shodan works by requesting connections to every imaginable internet protocol (IP) address on the internet and indexing the information that it gets back from those connection requests.

Shodan crawls the web for devices using a global network of computers and servers that are running 24/7.

The basic algorithm is short and sweet:

1.Generate a random IPv4 address.

2.Collect a real-time list of connected devices online.

3.Query a supported port.

4.Check the IPv4 address on the port.

5.Grab a service banner. It means practically that Shodan identifies the following info:

• Geographic location
• Default username and passwords
• IP address
• Software version
• Make and model

1.Repeat

These are the ports that Shodan scans for:

Port 554 – Real Time Streaming Protocol

Port 5060 – SIP

Port 25 – SMTP

Port 161 – SNMP

Port 23 – Telnet

Port 993 – IMAP

Port 22 – SSH

Port 21 – FTP

Ports 8443, 443, 8080, and 80 – HTTPS/HTTP

Now talking about my personal findings which I had found from Shodan is a vulnerable login page

IP: 15.206.114.80 (It's a login page from Frappe)

Websites:

https://www.shodan.io/

https://centralops.net/

Through this research i have learned a lot and find out some sensitive information.