We know that Google is not the only existing search engine. There are several alternatives to this as DuckDuckGo, so we can also find other engines that have specific purposes. Shodan aims to locate all types of devices that are connected to the Internet, that is, from routers, APs, IoT devices to security cameras. We will show you how to access this portal and get the most out of it through essential tips to get better search results.
Shodan is known as the search engine for hackers, with the aim of carrying out new vulnerability research tasks. However, this tool can be used for malicious purposes because of the amount of detailed information that is provided with each search performed. Auditors, researchers and anyone who needs information about devices in general, can receive very useful information in minutes.
How to register with Shodan
In principle, you can create an account at no cost. If you do not want to create an account by entering a particular email, you can expedite your registration on the platform by logging in with your Google account, Facebook, Windows Live and Twitter.
However, you should consider that, if you have a free basic account, you will have limits on the number of times you can search on Shodan. Consequently, you must use the API or simply wait until the next day to continue searching. In relation to the API, we will tell you later how to use it to use the search engine without limits. And most importantly, without paying for a subscription.
How to start searching in Shodan
Simply, you must enter the “Explore” tab and you will see three lists: the most popular categories, the most popular specific searches and those that have been shared recently. What you must do is click on what you want to search and you will get the results in seconds.
- Popular categories: as we see, the three categories that jump the most in searches are Industrial Control Systems, databases and video game servers. In any of these and other categories, we can specify when searching which were hacked, the number of devices by country, by operating system used and much more.
- Most popular searches: this is what is most searched on the Shodan portal every day. The curious fact that we can perceive, from good to first, is that this portal is used largely to locate security cameras. Thus, you can get access to the administrator of these cameras so that you can see in real time what happens with them and do, basically, what we want.
- Recently shared searches: those that are being carried out most frequently recently.
What information do we find with each search?
At a glance, this portal gives us everything we need to know about the specific result we have achieved. Let’s look at an example of a search for organizations that have Apache servers around the world:
The results will appear in this way. On the left side we can see a ranking of the countries that have more organizations, which have Apache servers. Other lists we can see are:
- Top of services used
- Top of organizations
- Top operating systems used
- Top of products
We can click on each of the items in each list so that the results begin to have more filters and adapt to the information we want to obtain.
Note: it is necessary to create a free account in Shodan to use search filters either in the way we show you, or when typing in the search bar in question.
By clicking on each result, we will be able to know about the city where the organization is located, its name, the date of the last update that was given in some service. On the other hand, it is possible to verify the number of open ports, the associated services and a complete list of the vulnerabilities it has. For the latter, it is possible to have an identifier and next to it a brief description that indicates, among other things, what level of risk you have.
Use of search filters
Search filters help us a lot to have greater control of what we are looking for and what we can get. It can be filtered by country, IP address, port number, hostname and more. We show you some cases:
Search by country. For example, Spain
country: is
Search by city. For example, Madrid
city: madrid
Search by operating system. For example, Windows
os: windows
Search by port number. For example, 25
port: 25
Use Shodan with command line (CLI)
In order for you to use this search engine with the command line, you must install the latest version of Python on your computer. You can access here to download and install it in a few minutes, depending on the operating system you have: Windows, MacOS, Linux or any other operating system you have.
Then, perform the following steps:
- Enter System Symbol (cmd)
- Type the word “python” to corroborate the correct installation. Pay attention if any error message appears.
- Then, type the following command to install the latest Shodan package for the command line:
easy_install -U shodan
- Then, you must type the command that corresponds to the initialization of the platform with your API Key that you can obtain as well, as highlighted below:
It is an alphanumeric code that you must insert in the following command (where it says API_KEY ):
shodan init API_KEY
Then, a green confirmation message should appear:
Ready! You can now start using Shodan from the command line and without the search restrictions. You can access here to have a more detailed guide from the platform’s own website.
As you have seen, this valuable tool can be a great help when it comes to auditing and monitoring the networks of the organization for which we work. Or, when testing in general regarding the vulnerabilities found in the services used in our organization.
