diff --git a/readme.md b/readme.md index 1b47d1a..396d8ce 100644 --- a/readme.md +++ b/readme.md @@ -1,9 +1,6 @@ # Awesome Shodan Search Queries [![Awesome](https://awesome.re/badge.svg)](https://awesome.re) -**Based on a blog post at https://jarv.is/notes/shodan-search-queries/.** - - Over time, I've collected an assortment of interesting, funny, and depressing search queries to plug into [Shodan](https://www.shodan.io/), the ([literal](https://www.vice.com/en_uk/article/9bvxmd/shodan-exposes-the-dark-side-of-the-net)) internet search engine. Some return facepalm-inducing results, while others return serious and/or ancient vulnerabilities in the wild.

@@ -45,7 +42,7 @@ The world and its devices are quickly becoming more connected through the shiny "Server: Prismview Player" ``` -

Example: Electronic Billboards
+
Example: Electronic Billboards
### Gas Station Pump Controllers [🔎 →](https://www.shodan.io/search?query=%22in-tank+inventory%22+port%3A10001) @@ -54,7 +51,7 @@ The world and its devices are quickly becoming more connected through the shiny "in-tank inventory" port:10001 ``` -
Example: Gas Station Pump Inventories
+
Example: Gas Station Pump Inventories
### Automatic License Plate Readers [🔎 →](https://www.shodan.io/search?query=P372+%22ANPR+enabled%22) @@ -122,7 +119,7 @@ Shodan made a pretty sweet [Ship Tracker](https://shiptracker.shodan.io/) that m "Cobham SATCOM" OR ("Sailor" "VSAT") ``` -
Example: Maritime Satellites
+
Example: Maritime Satellites
### Submarine Mission Control Dashboards [🔎 →](https://www.shodan.io/search?query=title%3A%22Slocum+Fleet+Mission+Control%22) @@ -154,7 +151,7 @@ http.title:"Nordex Control" "Windows 2000 5.0 x86" "Jetty/3.1 (JSP 1.1; Servlet "[1m[35mWelcome on console" ``` -
Example: C4 Max Vehicle GPS
+
Example: C4 Max Vehicle GPS
### [DICOM](https://www.dicomstandard.org/about/) Medical X-Ray Machines [🔎 →](https://www.shodan.io/search?query=%22DICOM+Server+Response%22+port%3A104) @@ -172,7 +169,7 @@ Secured by default, thankfully, but these 1,700+ machines still [have no busines "Server: EIG Embedded Web Server" "200 Document follows" ``` -
Example: GaugeTech Electricity Meters
+
Example: GaugeTech Electricity Meters
### Siemens Industrial Automation [🔎 →](https://www.shodan.io/search?query=%22Siemens%2C+SIMATIC%22+port%3A161) @@ -248,7 +245,7 @@ Older versions were insecure by default. [Very scary.](https://krebsonsecurity.c "MongoDB Server Information" port:27017 -authentication ``` -
Example: MongoDB
+
Example: MongoDB
### [Mongo Express](https://github.com/mongo-express/mongo-express) Web GUI [🔎 →](https://www.shodan.io/search?query=%22Set-Cookie%3A+mongo-express%3D%22+%22200+OK%22) @@ -259,7 +256,7 @@ Like the [infamous phpMyAdmin](https://www.cvedetails.com/vulnerability-list/ven "Set-Cookie: mongo-express=" "200 OK" ``` -
Example: Mongo Express GUI
+
Example: Mongo Express GUI
### Jenkins CI [🔎 →](https://www.shodan.io/search?query=%22X-Jenkins%22+%22Set-Cookie%3A+JSESSIONID%22+http.title%3A%22Dashboard%22) @@ -268,7 +265,7 @@ Like the [infamous phpMyAdmin](https://www.cvedetails.com/vulnerability-list/ven "X-Jenkins" "Set-Cookie: JSESSIONID" http.title:"Dashboard" ``` -
Example: Jenkins CI
+
Example: Jenkins CI
### Docker APIs [🔎 →](https://www.shodan.io/search?query=%22Docker+Containers%3A%22+port%3A2375) @@ -294,7 +291,7 @@ Like the [infamous phpMyAdmin](https://www.cvedetails.com/vulnerability-list/ven ### Android Root Bridges [🔎 →](https://www.shodan.io/search?query=%22Android+Debug+Bridge%22+%22Device%22+port%3A5555) -A tangential result of Google's dumb fractured update approach. 🙄 [More information here.](https://medium.com/p/root-bridge-how-thousands-of-internet-connected-android-devices-now-have-no-security-and-are-b46a68cb0f20) +A tangential result of Google's sloppy fractured update approach. 🙄 [More information here.](https://medium.com/p/root-bridge-how-thousands-of-internet-connected-android-devices-now-have-no-security-and-are-b46a68cb0f20) ``` "Android Debug Bridge" "Device" port:5555 @@ -314,7 +311,7 @@ Lantronix password port:30718 -secured "Citrix Applications:" port:1604 ``` -
Example: Citrix Virtual Apps
+
Example: Citrix Virtual Apps
### Cisco Smart Install [🔎 →](https://www.shodan.io/search?query=%22smart+install+client+active%22) @@ -378,7 +375,7 @@ HP-ILO-4 !"HP-ILO-4/2.53" !"HP-ILO-4/2.54" !"HP-ILO-4/2.55" !"HP-ILO-4/2.60" !"H "x-owa-version" "IE=EmulateIE7" "Server: Microsoft-IIS/7.0" ``` -
Example: OWA for Exchange 2007
+
Example: OWA for Exchange 2007
#### Exchange 2010 [🔎 →](https://www.shodan.io/search?query=%22x-owa-version%22+%22IE%3DEmulateIE7%22+http.favicon.hash%3A442749392) @@ -386,7 +383,7 @@ HP-ILO-4 !"HP-ILO-4/2.53" !"HP-ILO-4/2.54" !"HP-ILO-4/2.55" !"HP-ILO-4/2.60" !"H "x-owa-version" "IE=EmulateIE7" http.favicon.hash:442749392 ``` -
Example: OWA for Exchange 2010
+
Example: OWA for Exchange 2010
#### Exchange 2013 / 2016 [🔎 →](https://www.shodan.io/search?query=%22X-AspNet-Version%22+http.title%3A%22Outlook%22+-%22x-owa-version%22) @@ -394,7 +391,7 @@ HP-ILO-4 !"HP-ILO-4/2.53" !"HP-ILO-4/2.54" !"HP-ILO-4/2.55" !"HP-ILO-4/2.60" !"H "X-AspNet-Version" http.title:"Outlook" -"x-owa-version" ``` -
Example: OWA for Exchange 2013/2016
+
Example: OWA for Exchange 2013/2016
### Lync / Skype for Business [🔎 →](https://www.shodan.io/search?query=%22X-MS-Server-Fqdn%22) @@ -438,7 +435,7 @@ Specifically domain controllers: [🔎 →](https://www.shodan.io/search?qu "Set-Cookie: iomega=" -"manage/login.html" -http.title:"Log In" ``` -
Example: Iomega / LenovoEMC NAS Drives
+
Example: Iomega / LenovoEMC NAS Drives
### Buffalo TeraStation NAS Drives [🔎 →](https://www.shodan.io/search?query=Redirecting+sencha+port%3A9000) @@ -447,7 +444,7 @@ Specifically domain controllers: [🔎 →](https://www.shodan.io/search?qu Redirecting sencha port:9000 ``` -
Example: Buffalo TeraStation NAS Drives
+
Example: Buffalo TeraStation NAS Drives
### Logitech Media Servers [🔎 →](https://www.shodan.io/search?query=%22Server%3A+Logitech+Media+Server%22+%22200+OK%22) @@ -456,7 +453,7 @@ Redirecting sencha port:9000 "Server: Logitech Media Server" "200 OK" ``` -
Example: Logitech Media Servers
+
Example: Logitech Media Servers
### [Plex](https://www.plex.tv/) Media Servers [🔎 →](https://www.shodan.io/search?query=%22X-Plex-Protocol%22+%22200+OK%22+port%3A32400) @@ -472,7 +469,7 @@ Redirecting sencha port:9000 "CherryPy/5.1.0" "/home" ``` -
Example: PlexPy / Tautulli Dashboards
+
Example: PlexPy / Tautulli Dashboards
--- @@ -522,7 +519,7 @@ html:"DVR_H264 ActiveX" "Serial Number:" "Built:" "Server: HP HTTP" ``` -
Example: HP Printers
+
Example: HP Printers
### Xerox Copiers/Printers [🔎 →](https://www.shodan.io/search?query=ssl%3A%22Xerox+Generic+Root%22) @@ -531,7 +528,7 @@ html:"DVR_H264 ActiveX" ssl:"Xerox Generic Root" ``` -
Example: Xerox Copiers/Printers
+
Example: Xerox Copiers/Printers
### Epson Printers [🔎 →](https://www.shodan.io/search?query=%22SERVER%3A+EPSON_Linux+UPnP%22+%22200+OK%22) @@ -544,7 +541,7 @@ ssl:"Xerox Generic Root" "Server: EPSON-HTTP" "200 OK" ``` -
Example: Epson Printers
+
Example: Epson Printers
### Canon Printers [🔎 →](https://www.shodan.io/search?query=%22Server%3A+KS_HTTP%22+%22200+OK%22) @@ -557,7 +554,7 @@ ssl:"Xerox Generic Root" "Server: CANON HTTP Server" ``` -
Example: Canon Printers
+
Example: Canon Printers
--- @@ -572,7 +569,7 @@ ssl:"Xerox Generic Root" "Server: AV_Receiver" "HTTP/1.1 406" ``` -
Example: Yamaha Stereos
+
Example: Yamaha Stereos
### Apple AirPlay Receivers [🔎 →](https://www.shodan.io/search?query=%22%5Cx08_airplay%22+port%3A5353) @@ -609,7 +606,7 @@ Apple TVs, HomePods, etc. title:"OctoPrint" -title:"Login" http.favicon.hash:1307375944 ``` -
Example: OctoPrint 3D Printers
+
Example: OctoPrint 3D Printers
### Etherium Miners [🔎 →](https://www.shodan.io/search?query=%22ETH+-+Total+speed%22) @@ -675,3 +672,5 @@ Bon voyage, fellow penetrators! 😉 [![CC0](http://mirrors.creativecommons.org/presskit/buttons/88x31/svg/cc-zero.svg)](https://creativecommons.org/publicdomain/zero/1.0/) To the extent possible under law, [Jake Jarvis](https://jarv.is/) has waived all copyright and related or neighboring rights to this work. + +Mirrored from a blog post at https://jarv.is/notes/shodan-search-queries/. diff --git a/screenshots/7-11.png b/screenshots/7-11.png index 09926fc..3d745c1 100644 Binary files a/screenshots/7-11.png and b/screenshots/7-11.png differ diff --git a/screenshots/billboard2.png b/screenshots/billboard2.png index eb2049b..4688a6b 100644 Binary files a/screenshots/billboard2.png and b/screenshots/billboard2.png differ diff --git a/screenshots/c4max.png b/screenshots/c4max.png index c0ea591..442b699 100644 Binary files a/screenshots/c4max.png and b/screenshots/c4max.png differ diff --git a/screenshots/hp.png b/screenshots/hp.png index f37ba68..d894f9f 100644 Binary files a/screenshots/hp.png and b/screenshots/hp.png differ diff --git a/screenshots/mongo.png b/screenshots/mongo.png index 4a51c1c..4dd7924 100644 Binary files a/screenshots/mongo.png and b/screenshots/mongo.png differ diff --git a/screenshots/octoprint.png b/screenshots/octoprint.png index 3ff832f..6d51b09 100644 Binary files a/screenshots/octoprint.png and b/screenshots/octoprint.png differ diff --git a/screenshots/owa2007.png b/screenshots/owa2007.png index 8ada1c7..cc55d94 100644 Binary files a/screenshots/owa2007.png and b/screenshots/owa2007.png differ diff --git a/screenshots/owa2010.png b/screenshots/owa2010.png index 32398dc..f5d0457 100644 Binary files a/screenshots/owa2010.png and b/screenshots/owa2010.png differ diff --git a/screenshots/owa2013.png b/screenshots/owa2013.png index b5843de..c490300 100644 Binary files a/screenshots/owa2013.png and b/screenshots/owa2013.png differ diff --git a/screenshots/plexpy.png b/screenshots/plexpy.png index 3996813..cbff49e 100644 Binary files a/screenshots/plexpy.png and b/screenshots/plexpy.png differ diff --git a/screenshots/tesla.png b/screenshots/tesla.png index b25cc9f..6dee700 100644 Binary files a/screenshots/tesla.png and b/screenshots/tesla.png differ