Cheat Sheet : Shodan HQ
Shodan
is considered the world's most dangerous search engine. The site scans
the internet and finds public facing devices, I even found my router on
there before! You can sign up for free but it limits the searches. Heres
some examples:
•Shodanhq:
http://www.shodanhq.com/?q=Fuji+xerox some printers
http://www.shodanhq.com/?q=RTU scada
http://www.shodanhq.com/search?q=sonicwall sonicwall firewalls
http://www.shodanhq.com/search?q=%22cisco-ios%22+%22last-modified%22 cisco ios devices
http://www.shodanhq.com/search?q=cisco-ios+200 cisco devices with no login required
More specifically on that last one http://209.56.171.1/xhome.htm
Zhone MALC is a full-featured multi-service access platform optimized for delivering voice, data, and video services over a pure packet access network.
http://www.shodanhq.com/search?q=Zhone+SLMS the default username is admin, default password is zhone
http://www.shodanhq.com/search?q=netgear&page=3 netgear routers defaults: admin:password
http://www.shodanhq.com/search?q=SmartAX+MT882 huawei routers defaults: admin:admin
http://www.shodanhq.com/search?q=port%3A137%20calea lot of different anonymous logons to smb, ftp, etc
C7200-ADVIPSERVICESK9_LI-M is lawful intercept of cisco routers.
http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/lawf_int.html and http://www.cisco.com/en/US/tech/tk583/tk799/tsd_technology_support_protocol_home.html and the shodan search here:
http://www.shodanhq.com/search?q=C7200-ADVIPSERVICESK9_LI-M+country:hr
http://www.shodanhq.com/search?q=PUBLICLY-KNOWN+CREDENTIALS cisco configuration publicly known credentials
http://www.shodanhq.com/search?q=%22Anonymous+ftp+is+still+available%22
http://www.shodanhq.com/search?q=PHPSESSID%3D session id searches
http://www.shodanhq.com/?q=lighttpd+1.4.16 webserver, metasploit exploit here: http://www.exploit-db.com/exploits/4391/
http://www.shodanhq.com/?q=storage+nas Nas devices
http://www.shodanhq.com/?q=realvnc real vnc
•Shodanhq:
http://www.shodanhq.com/?q=Fuji+xerox some printers
http://www.shodanhq.com/?q=RTU scada
http://www.shodanhq.com/search?q=sonicwall sonicwall firewalls
http://www.shodanhq.com/search?q=%22cisco-ios%22+%22last-modified%22 cisco ios devices
http://www.shodanhq.com/search?q=cisco-ios+200 cisco devices with no login required
More specifically on that last one http://209.56.171.1/xhome.htm
Zhone MALC is a full-featured multi-service access platform optimized for delivering voice, data, and video services over a pure packet access network.
http://www.shodanhq.com/search?q=Zhone+SLMS the default username is admin, default password is zhone
http://www.shodanhq.com/search?q=netgear&page=3 netgear routers defaults: admin:password
http://www.shodanhq.com/search?q=SmartAX+MT882 huawei routers defaults: admin:admin
http://www.shodanhq.com/search?q=port%3A137%20calea lot of different anonymous logons to smb, ftp, etc
C7200-ADVIPSERVICESK9_LI-M is lawful intercept of cisco routers.
http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/lawf_int.html and http://www.cisco.com/en/US/tech/tk583/tk799/tsd_technology_support_protocol_home.html and the shodan search here:
http://www.shodanhq.com/search?q=C7200-ADVIPSERVICESK9_LI-M+country:hr
http://www.shodanhq.com/search?q=PUBLICLY-KNOWN+CREDENTIALS cisco configuration publicly known credentials
http://www.shodanhq.com/search?q=%22Anonymous+ftp+is+still+available%22
http://www.shodanhq.com/search?q=PHPSESSID%3D session id searches
http://www.shodanhq.com/?q=lighttpd+1.4.16 webserver, metasploit exploit here: http://www.exploit-db.com/exploits/4391/
http://www.shodanhq.com/?q=storage+nas Nas devices
http://www.shodanhq.com/?q=realvnc real vnc
Comments
Post a Comment