add search emoji 🔎 to shodan.io links to make them more obvious
This commit is contained in:
Jake Jarvis
parent
1e39c03c59
commit
d194ce3815
128
readme.md
128
readme.md
|
|
@ -39,7 +39,7 @@ The world and its devices are quickly becoming more connected through the shiny
|
|||
## Industrial Control Systems
|
||||
|
||||
|
||||
### Samsung Electronic Billboards [→](https://www.shodan.io/search?query=%22Server%3A+Prismview+Player%22)
|
||||
### Samsung Electronic Billboards [🔎 →](https://www.shodan.io/search?query=%22Server%3A+Prismview+Player%22)
|
||||
|
||||
```
|
||||
"Server: Prismview Player"
|
||||
|
|
@ -48,7 +48,7 @@ The world and its devices are quickly becoming more connected through the shiny
|
|||
<div align="center"><img src="screenshots/billboard2.png" alt="Example: Electronic Billboards" /></div>
|
||||
|
||||
|
||||
### Gas Station Pump Controllers [→](https://www.shodan.io/search?query=%22in-tank+inventory%22+port%3A10001)
|
||||
### Gas Station Pump Controllers [🔎 →](https://www.shodan.io/search?query=%22in-tank+inventory%22+port%3A10001)
|
||||
|
||||
```
|
||||
"in-tank inventory" port:10001
|
||||
|
|
@ -57,7 +57,7 @@ The world and its devices are quickly becoming more connected through the shiny
|
|||
<div align="center"><img src="screenshots/7-11.png" alt="Example: Gas Station Pump Inventories" /></div>
|
||||
|
||||
|
||||
### Automatic License Plate Readers [→](https://www.shodan.io/search?query=P372+%22ANPR+enabled%22)
|
||||
### Automatic License Plate Readers [🔎 →](https://www.shodan.io/search?query=P372+%22ANPR+enabled%22)
|
||||
|
||||
```
|
||||
P372 "ANPR enabled"
|
||||
|
|
@ -66,28 +66,28 @@ P372 "ANPR enabled"
|
|||
<div align="center"><img src="screenshots/plate-reader.png" alt="Example: Automatic License Plate Reader" /></div>
|
||||
|
||||
|
||||
### Traffic Light Controllers / Red Light Cameras [→](https://www.shodan.io/search?query=mikrotik+streetlight)
|
||||
### Traffic Light Controllers / Red Light Cameras [🔎 →](https://www.shodan.io/search?query=mikrotik+streetlight)
|
||||
|
||||
```
|
||||
mikrotik streetlight
|
||||
```
|
||||
|
||||
|
||||
### Voting Machines in the United States [→](https://www.shodan.io/search?query=%22voter+system+serial%22+country%3AUS)
|
||||
### Voting Machines in the United States [🔎 →](https://www.shodan.io/search?query=%22voter+system+serial%22+country%3AUS)
|
||||
|
||||
```
|
||||
"voter system serial" country:US
|
||||
```
|
||||
|
||||
|
||||
### Prison Pay Phones [→](https://www.shodan.io/search?query=%22%5B2J%5BH+Encartele+Confidential%22)
|
||||
### Prison Pay Phones [🔎 →](https://www.shodan.io/search?query=%22%5B2J%5BH+Encartele+Confidential%22)
|
||||
|
||||
```
|
||||
"[2J[H Encartele Confidential"
|
||||
```
|
||||
|
||||
|
||||
### [Tesla PowerPack](https://www.tesla.com/powerpack) Charging Status [→](https://www.shodan.io/search?query=http.title%3A%22Tesla+PowerPack+System%22+http.component%3A%22d3%22+-ga3ca4f2)
|
||||
### [Tesla PowerPack](https://www.tesla.com/powerpack) Charging Status [🔎 →](https://www.shodan.io/search?query=http.title%3A%22Tesla+PowerPack+System%22+http.component%3A%22d3%22+-ga3ca4f2)
|
||||
|
||||
```
|
||||
http.title:"Tesla PowerPack System" http.component:"d3" -ga3ca4f2
|
||||
|
|
@ -96,21 +96,21 @@ http.title:"Tesla PowerPack System" http.component:"d3" -ga3ca4f2
|
|||
<div align="center"><img src="screenshots/tesla.png" alt="Example: Tesla PowerPack Charging Status" /></div>
|
||||
|
||||
|
||||
### Electric Vehicle Chargers [→](https://www.shodan.io/search?query=%22Server%3A+gSOAP%2F2.8%22+%22Content-Length%3A+583%22)
|
||||
### Electric Vehicle Chargers [🔎 →](https://www.shodan.io/search?query=%22Server%3A+gSOAP%2F2.8%22+%22Content-Length%3A+583%22)
|
||||
|
||||
```
|
||||
"Server: gSOAP/2.8" "Content-Length: 583"
|
||||
```
|
||||
|
||||
|
||||
### [Nordex Wind Turbine](http://www.nordex-online.com/en/products-services/wind-turbines.html) Farms [→](https://www.shodan.io/search?query=http.title%3A%22Nordex+Control%22+%22Windows+2000+5.0+x86%22+%22Jetty%2F3.1+%28JSP+1.1%3B+Servlet+2.2%3B+java+1.6.0_14%29%22)
|
||||
### [Nordex Wind Turbine](http://www.nordex-online.com/en/products-services/wind-turbines.html) Farms [🔎 →](https://www.shodan.io/search?query=http.title%3A%22Nordex+Control%22+%22Windows+2000+5.0+x86%22+%22Jetty%2F3.1+%28JSP+1.1%3B+Servlet+2.2%3B+java+1.6.0_14%29%22)
|
||||
|
||||
```
|
||||
http.title:"Nordex Control" "Windows 2000 5.0 x86" "Jetty/3.1 (JSP 1.1; Servlet 2.2; java 1.6.0_14)"
|
||||
```
|
||||
|
||||
|
||||
### [C4 Max](https://www.mobile-devices.com/our-products/c4-max/) Commercial Vehicle GPS Trackers [→](https://www.shodan.io/search?query=%22%5B1m%5B35mWelcome+on+console%22)
|
||||
### [C4 Max](https://www.mobile-devices.com/our-products/c4-max/) Commercial Vehicle GPS Trackers [🔎 →](https://www.shodan.io/search?query=%22%5B1m%5B35mWelcome+on+console%22)
|
||||
|
||||
```
|
||||
"[1m[35mWelcome on console"
|
||||
|
|
@ -119,7 +119,7 @@ http.title:"Nordex Control" "Windows 2000 5.0 x86" "Jetty/3.1 (JSP 1.1; Servlet
|
|||
<div align="center"><img src="screenshots/c4max.png" alt="Example: C4 Max Vehicle GPS" /></div>
|
||||
|
||||
|
||||
### [DICOM](https://www.dicomstandard.org/about/) Medical X-Ray Machines [→](https://www.shodan.io/search?query=%22DICOM+Server+Response%22+port%3A104)
|
||||
### [DICOM](https://www.dicomstandard.org/about/) Medical X-Ray Machines [🔎 →](https://www.shodan.io/search?query=%22DICOM+Server+Response%22+port%3A104)
|
||||
|
||||
Secured by default, thankfully, but these 1,700+ machines still [have no business](https://documents.trendmicro.com/assets/rpt/rpt-securing-connected-hospitals.pdf) being on the internet.
|
||||
|
||||
|
|
@ -128,7 +128,7 @@ Secured by default, thankfully, but these 1,700+ machines still [have no busines
|
|||
```
|
||||
|
||||
|
||||
### [GaugeTech](https://electroind.com/all-products/) Electricity Meters [→](https://www.shodan.io/search?query=%22Server%3A+EIG+Embedded+Web+Server%22+%22200+Document+follows%22)
|
||||
### [GaugeTech](https://electroind.com/all-products/) Electricity Meters [🔎 →](https://www.shodan.io/search?query=%22Server%3A+EIG+Embedded+Web+Server%22+%22200+Document+follows%22)
|
||||
|
||||
```
|
||||
"Server: EIG Embedded Web Server" "200 Document follows"
|
||||
|
|
@ -137,28 +137,28 @@ Secured by default, thankfully, but these 1,700+ machines still [have no busines
|
|||
<div align="center"><img src="screenshots/power-gaugetech.png" alt="Example: GaugeTech Electricity Meters" /></div>
|
||||
|
||||
|
||||
### Siemens Industrial Automation [→](https://www.shodan.io/search?query=%22Siemens%2C+SIMATIC%22+port%3A161)
|
||||
### Siemens Industrial Automation [🔎 →](https://www.shodan.io/search?query=%22Siemens%2C+SIMATIC%22+port%3A161)
|
||||
|
||||
```
|
||||
"Siemens, SIMATIC" port:161
|
||||
```
|
||||
|
||||
|
||||
### Siemens HVAC Controllers [→](https://www.shodan.io/search?query=%22Server%3A+Microsoft-WinCE%22+%22Content-Length%3A+12581%22)
|
||||
### Siemens HVAC Controllers [🔎 →](https://www.shodan.io/search?query=%22Server%3A+Microsoft-WinCE%22+%22Content-Length%3A+12581%22)
|
||||
|
||||
```
|
||||
"Server: Microsoft-WinCE" "Content-Length: 12581"
|
||||
```
|
||||
|
||||
|
||||
### Door / Lock Access Controllers [→](https://www.shodan.io/search?query=%22HID+VertX%22+port%3A4070)
|
||||
### Door / Lock Access Controllers [🔎 →](https://www.shodan.io/search?query=%22HID+VertX%22+port%3A4070)
|
||||
|
||||
```
|
||||
"HID VertX" port:4070
|
||||
```
|
||||
|
||||
|
||||
### Railroad Management [→](https://www.shodan.io/search?query=%22log+off%22+%22select+the+appropriate%22)
|
||||
### Railroad Management [🔎 →](https://www.shodan.io/search?query=%22log+off%22+%22select+the+appropriate%22)
|
||||
|
||||
```
|
||||
"log off" "select the appropriate"
|
||||
|
|
@ -173,13 +173,13 @@ Secured by default, thankfully, but these 1,700+ machines still [have no busines
|
|||
## Remote Desktop
|
||||
|
||||
|
||||
### Unprotected VNC [→](https://www.shodan.io/search?query=%22authentication+disabled%22+%22RFB+003.008%22)
|
||||
### Unprotected VNC [🔎 →](https://www.shodan.io/search?query=%22authentication+disabled%22+%22RFB+003.008%22)
|
||||
|
||||
```
|
||||
"authentication disabled" "RFB 003.008"
|
||||
```
|
||||
|
||||
[Shodan Images](https://images.shodan.io/) is a great supplementary tool to browse screenshots, by the way! [→](https://images.shodan.io/?query=%22authentication+disabled%22+%21screenshot.label%3Ablank)
|
||||
[Shodan Images](https://images.shodan.io/) is a great supplementary tool to browse screenshots, by the way! [🔎 →](https://images.shodan.io/?query=%22authentication+disabled%22+%21screenshot.label%3Ablank)
|
||||
|
||||
<p align="center">
|
||||
<img src="screenshots/vnc.png" alt="Example: Unprotected VNC" /><br />
|
||||
|
|
@ -187,7 +187,7 @@ Secured by default, thankfully, but these 1,700+ machines still [have no busines
|
|||
</p>
|
||||
|
||||
|
||||
### Windows RDP [→](https://www.shodan.io/search?query=%22%5Cx03%5Cx00%5Cx00%5Cx0b%5Cx06%5Cxd0%5Cx00%5Cx00%5Cx124%5Cx00%22)
|
||||
### Windows RDP [🔎 →](https://www.shodan.io/search?query=%22%5Cx03%5Cx00%5Cx00%5Cx0b%5Cx06%5Cxd0%5Cx00%5Cx00%5Cx124%5Cx00%22)
|
||||
|
||||
99.99% are secured by a secondary Windows login screen.
|
||||
|
||||
|
|
@ -202,7 +202,7 @@ Secured by default, thankfully, but these 1,700+ machines still [have no busines
|
|||
## Network Infrastructure
|
||||
|
||||
|
||||
### MongoDB [→](https://www.shodan.io/search?query=product%3AMongoDB+-authentication)
|
||||
### MongoDB [🔎 →](https://www.shodan.io/search?query=product%3AMongoDB+-authentication)
|
||||
|
||||
Older versions were insecure by default. [Very scary.](https://krebsonsecurity.com/tag/mongodb/)
|
||||
|
||||
|
|
@ -213,7 +213,7 @@ Older versions were insecure by default. [Very scary.](https://krebsonsecurity.c
|
|||
<div align="center"><img src="screenshots/mongo.png" alt="Example: MongoDB" /></div>
|
||||
|
||||
|
||||
### Jenkins CI [→](https://www.shodan.io/search?query=%22X-Jenkins%22+%22Set-Cookie%3A+JSESSIONID%22+http.title%3A%22Dashboard%22)
|
||||
### Jenkins CI [🔎 →](https://www.shodan.io/search?query=%22X-Jenkins%22+%22Set-Cookie%3A+JSESSIONID%22+http.title%3A%22Dashboard%22)
|
||||
|
||||
```
|
||||
"X-Jenkins" "Set-Cookie: JSESSIONID" http.title:"Dashboard"
|
||||
|
|
@ -222,28 +222,28 @@ Older versions were insecure by default. [Very scary.](https://krebsonsecurity.c
|
|||
<div align="center"><img src="screenshots/jenkins.png" alt="Example: Jenkins CI" /></div>
|
||||
|
||||
|
||||
### Docker APIs [→](https://www.shodan.io/search?query=%22Docker+Containers%3A%22+port%3A2375)
|
||||
### Docker APIs [🔎 →](https://www.shodan.io/search?query=%22Docker+Containers%3A%22+port%3A2375)
|
||||
|
||||
```
|
||||
"Docker Containers:" port:2375
|
||||
```
|
||||
|
||||
|
||||
### [Pi-hole](https://pi-hole.net/) Open DNS Servers [→](https://www.shodan.io/search?query=%22dnsmasq-pi-hole%22+%22Recursion%3A+enabled%22)
|
||||
### [Pi-hole](https://pi-hole.net/) Open DNS Servers [🔎 →](https://www.shodan.io/search?query=%22dnsmasq-pi-hole%22+%22Recursion%3A+enabled%22)
|
||||
|
||||
```
|
||||
"dnsmasq-pi-hole" "Recursion: enabled"
|
||||
```
|
||||
|
||||
|
||||
### Already Logged-In as `root` via Telnet [→](https://www.shodan.io/search?query=%22root%40%22+port%3A23+-login+-password+-name+-Session)
|
||||
### Already Logged-In as `root` via Telnet [🔎 →](https://www.shodan.io/search?query=%22root%40%22+port%3A23+-login+-password+-name+-Session)
|
||||
|
||||
```
|
||||
"root@" port:23 -login -password -name -Session
|
||||
```
|
||||
|
||||
|
||||
### Android Root Bridges [→](https://www.shodan.io/search?query=%22Android+Debug+Bridge%22+%22Device%22+port%3A5555)
|
||||
### Android Root Bridges [🔎 →](https://www.shodan.io/search?query=%22Android+Debug+Bridge%22+%22Device%22+port%3A5555)
|
||||
|
||||
A tangential result of Google's dumb fractured update approach. 🙄 [More information here.](https://medium.com/p/root-bridge-how-thousands-of-internet-connected-android-devices-now-have-no-security-and-are-b46a68cb0f20)
|
||||
|
||||
|
|
@ -252,14 +252,14 @@ A tangential result of Google's dumb fractured update approach. 🙄 [More infor
|
|||
```
|
||||
|
||||
|
||||
### Lantronix Serial-to-Ethernet Adapter [Leaking Telnet Passwords](https://www.bleepingcomputer.com/news/security/thousands-of-serial-to-ethernet-devices-leak-telnet-passwords/) [→](https://www.shodan.io/search?query=Lantronix+password+port%3A30718+-secured)
|
||||
### Lantronix Serial-to-Ethernet Adapter [Leaking Telnet Passwords](https://www.bleepingcomputer.com/news/security/thousands-of-serial-to-ethernet-devices-leak-telnet-passwords/) [🔎 →](https://www.shodan.io/search?query=Lantronix+password+port%3A30718+-secured)
|
||||
|
||||
```
|
||||
Lantronix password port:30718 -secured
|
||||
```
|
||||
|
||||
|
||||
### Citrix Virtual Apps [→](https://www.shodan.io/search?query=%22Citrix+Applications%3A%22+port%3A1604)
|
||||
### Citrix Virtual Apps [🔎 →](https://www.shodan.io/search?query=%22Citrix+Applications%3A%22+port%3A1604)
|
||||
|
||||
```
|
||||
"Citrix Applications:" port:1604
|
||||
|
|
@ -268,7 +268,7 @@ Lantronix password port:30718 -secured
|
|||
<div align="center"><img src="screenshots/citrix.png" alt="Example: Citrix Virtual Apps" /></div>
|
||||
|
||||
|
||||
### Cisco Smart Install [→](https://www.shodan.io/search?query=%22smart+install+client+active%22)
|
||||
### Cisco Smart Install [🔎 →](https://www.shodan.io/search?query=%22smart+install+client+active%22)
|
||||
|
||||
[Vulnerable](https://2016.zeronights.ru/wp-content/uploads/2016/12/CiscoSmartInstall.v3.pdf) (kind of "by design," but especially when exposed).
|
||||
|
||||
|
|
@ -277,7 +277,7 @@ Lantronix password port:30718 -secured
|
|||
```
|
||||
|
||||
|
||||
### PBX IP Phone Gateways [→](https://www.shodan.io/search?query=PBX+%22gateway+console%22+-password+port%3A23)
|
||||
### PBX IP Phone Gateways [🔎 →](https://www.shodan.io/search?query=PBX+%22gateway+console%22+-password+port%3A23)
|
||||
|
||||
|
||||
```
|
||||
|
|
@ -285,13 +285,13 @@ PBX "gateway console" -password port:23
|
|||
```
|
||||
|
||||
|
||||
### [Polycom](https://www.polycom.com/hd-video-conferencing.html) Video Conferencing [→](https://www.shodan.io/search?query=http.title%3A%22-+Polycom%22+%22Server%3A+lighttpd%22)
|
||||
### [Polycom](https://www.polycom.com/hd-video-conferencing.html) Video Conferencing [🔎 →](https://www.shodan.io/search?query=http.title%3A%22-+Polycom%22+%22Server%3A+lighttpd%22)
|
||||
|
||||
```
|
||||
http.title:"- Polycom" "Server: lighttpd"
|
||||
```
|
||||
|
||||
Telnet Configuration: [→](https://www.shodan.io/search?query=%22Polycom+Command+Shell%22+-failed+port%3A23)
|
||||
Telnet Configuration: [🔎 →](https://www.shodan.io/search?query=%22Polycom+Command+Shell%22+-failed+port%3A23)
|
||||
|
||||
```
|
||||
"Polycom Command Shell" -failed port:23
|
||||
|
|
@ -300,21 +300,21 @@ Telnet Configuration: [→](https://www.shodan.io/search?query=%22Polycom+C
|
|||
<div align="center"><img src="screenshots/polycom.png" alt="Example: Polycom Video Conferencing" /></div>
|
||||
|
||||
|
||||
### [Bomgar Help Desk](https://www.beyondtrust.com/remote-support/integrations) Portal [→](https://www.shodan.io/search?query=%22Server%3A+Bomgar%22+%22200+OK%22)
|
||||
### [Bomgar Help Desk](https://www.beyondtrust.com/remote-support/integrations) Portal [🔎 →](https://www.shodan.io/search?query=%22Server%3A+Bomgar%22+%22200+OK%22)
|
||||
|
||||
```
|
||||
"Server: Bomgar" "200 OK"
|
||||
```
|
||||
|
||||
|
||||
### Intel Active Management [CVE-2017-5689](https://www.exploit-db.com/exploits/43385) [→](https://www.shodan.io/search?query=%22Intel%28R%29+Active+Management+Technology%22+port%3A623%2C664%2C16992%2C16993%2C16994%2C16995)
|
||||
### Intel Active Management [CVE-2017-5689](https://www.exploit-db.com/exploits/43385) [🔎 →](https://www.shodan.io/search?query=%22Intel%28R%29+Active+Management+Technology%22+port%3A623%2C664%2C16992%2C16993%2C16994%2C16995)
|
||||
|
||||
```
|
||||
"Intel(R) Active Management Technology" port:623,664,16992,16993,16994,16995
|
||||
```
|
||||
|
||||
|
||||
### HP iLO 4 [CVE-2017-12542](https://nvd.nist.gov/vuln/detail/CVE-2017-12542) [→](https://www.shodan.io/search?query=HP-ILO-4+%21%22HP-ILO-4%2F2.53%22+%21%22HP-ILO-4%2F2.54%22+%21%22HP-ILO-4%2F2.55%22+%21%22HP-ILO-4%2F2.60%22+%21%22HP-ILO-4%2F2.61%22+%21%22HP-ILO-4%2F2.62%22+port%3A1900)
|
||||
### HP iLO 4 [CVE-2017-12542](https://nvd.nist.gov/vuln/detail/CVE-2017-12542) [🔎 →](https://www.shodan.io/search?query=HP-ILO-4+%21%22HP-ILO-4%2F2.53%22+%21%22HP-ILO-4%2F2.54%22+%21%22HP-ILO-4%2F2.55%22+%21%22HP-ILO-4%2F2.60%22+%21%22HP-ILO-4%2F2.61%22+%21%22HP-ILO-4%2F2.62%22+port%3A1900)
|
||||
|
||||
```
|
||||
HP-ILO-4 !"HP-ILO-4/2.53" !"HP-ILO-4/2.54" !"HP-ILO-4/2.55" !"HP-ILO-4/2.60" !"HP-ILO-4/2.61" !"HP-ILO-4/2.62" port:1900
|
||||
|
|
@ -323,7 +323,7 @@ HP-ILO-4 !"HP-ILO-4/2.53" !"HP-ILO-4/2.54" !"HP-ILO-4/2.55" !"HP-ILO-4/2.60" !"H
|
|||
|
||||
### Outlook Web Access:
|
||||
|
||||
#### Exchange 2007 [→](https://www.shodan.io/search?query=%22x-owa-version%22+%22IE%3DEmulateIE7%22+%22Server%3A+Microsoft-IIS%2F7.0%22)
|
||||
#### Exchange 2007 [🔎 →](https://www.shodan.io/search?query=%22x-owa-version%22+%22IE%3DEmulateIE7%22+%22Server%3A+Microsoft-IIS%2F7.0%22)
|
||||
|
||||
```
|
||||
"x-owa-version" "IE=EmulateIE7" "Server: Microsoft-IIS/7.0"
|
||||
|
|
@ -331,7 +331,7 @@ HP-ILO-4 !"HP-ILO-4/2.53" !"HP-ILO-4/2.54" !"HP-ILO-4/2.55" !"HP-ILO-4/2.60" !"H
|
|||
|
||||
<div align="center"><img src="screenshots/owa2007.png" alt="Example: OWA for Exchange 2007" /></div>
|
||||
|
||||
#### Exchange 2010 [→](https://www.shodan.io/search?query=%22x-owa-version%22+%22IE%3DEmulateIE7%22+http.favicon.hash%3A442749392)
|
||||
#### Exchange 2010 [🔎 →](https://www.shodan.io/search?query=%22x-owa-version%22+%22IE%3DEmulateIE7%22+http.favicon.hash%3A442749392)
|
||||
|
||||
```
|
||||
"x-owa-version" "IE=EmulateIE7" http.favicon.hash:442749392
|
||||
|
|
@ -339,7 +339,7 @@ HP-ILO-4 !"HP-ILO-4/2.53" !"HP-ILO-4/2.54" !"HP-ILO-4/2.55" !"HP-ILO-4/2.60" !"H
|
|||
|
||||
<div align="center"><img src="screenshots/owa2010.png" alt="Example: OWA for Exchange 2010" /></div>
|
||||
|
||||
#### Exchange 2013 / 2016 [→](https://www.shodan.io/search?query=%22X-AspNet-Version%22+http.title%3A%22Outlook%22+-%22x-owa-version%22)
|
||||
#### Exchange 2013 / 2016 [🔎 →](https://www.shodan.io/search?query=%22X-AspNet-Version%22+http.title%3A%22Outlook%22+-%22x-owa-version%22)
|
||||
|
||||
```
|
||||
"X-AspNet-Version" http.title:"Outlook" -"x-owa-version"
|
||||
|
|
@ -348,7 +348,7 @@ HP-ILO-4 !"HP-ILO-4/2.53" !"HP-ILO-4/2.54" !"HP-ILO-4/2.55" !"HP-ILO-4/2.60" !"H
|
|||
<div align="center"><img src="screenshots/owa2013.png" alt="Example: OWA for Exchange 2013/2016" /></div>
|
||||
|
||||
|
||||
### Lync / Skype for Business [→](https://www.shodan.io/search?query=%22X-MS-Server-Fqdn%22)
|
||||
### Lync / Skype for Business [🔎 →](https://www.shodan.io/search?query=%22X-MS-Server-Fqdn%22)
|
||||
|
||||
```
|
||||
"X-MS-Server-Fqdn"
|
||||
|
|
@ -361,7 +361,7 @@ HP-ILO-4 !"HP-ILO-4/2.53" !"HP-ILO-4/2.54" !"HP-ILO-4/2.55" !"HP-ILO-4/2.60" !"H
|
|||
## Network Attached Storage (NAS)
|
||||
|
||||
|
||||
### SMB (Samba) File Shares [→](https://www.shodan.io/search?query=%22Authentication%3A+disabled%22+port%3A445)
|
||||
### SMB (Samba) File Shares [🔎 →](https://www.shodan.io/search?query=%22Authentication%3A+disabled%22+port%3A445)
|
||||
|
||||
Produces ~500,000 results...narrow down by adding "Documents" or "Videos", etc.
|
||||
|
||||
|
|
@ -369,14 +369,14 @@ Produces ~500,000 results...narrow down by adding "Documents" or "Videos", etc.
|
|||
"Authentication: disabled" port:445
|
||||
```
|
||||
|
||||
Specifically domain controllers: [→](https://www.shodan.io/search?query=%22Authentication%3A+disabled%22+NETLOGON+SYSVOL+-unix+port%3A445)
|
||||
Specifically domain controllers: [🔎 →](https://www.shodan.io/search?query=%22Authentication%3A+disabled%22+NETLOGON+SYSVOL+-unix+port%3A445)
|
||||
|
||||
```
|
||||
"Authentication: disabled" NETLOGON SYSVOL -unix port:445
|
||||
```
|
||||
|
||||
|
||||
### Iomega / LenovoEMC NAS Drives [→](https://www.shodan.io/search?query=%22Set-Cookie%3A+iomega%3D%22+-%22manage%2Flogin.html%22+-http.title%3A%22Log+In%22)
|
||||
### Iomega / LenovoEMC NAS Drives [🔎 →](https://www.shodan.io/search?query=%22Set-Cookie%3A+iomega%3D%22+-%22manage%2Flogin.html%22+-http.title%3A%22Log+In%22)
|
||||
|
||||
```
|
||||
"Set-Cookie: iomega=" -"manage/login.html" -http.title:"Log In"
|
||||
|
|
@ -385,7 +385,7 @@ Specifically domain controllers: [→](https://www.shodan.io/search?query=%
|
|||
<div align="center"><img src="screenshots/iomega.png" alt="Example: Iomega / LenovoEMC NAS Drives" /></div>
|
||||
|
||||
|
||||
### Buffalo TeraStation NAS Drives [→](https://www.shodan.io/search?query=Redirecting+sencha+port%3A9000)
|
||||
### Buffalo TeraStation NAS Drives [🔎 →](https://www.shodan.io/search?query=Redirecting+sencha+port%3A9000)
|
||||
|
||||
```
|
||||
Redirecting sencha port:9000
|
||||
|
|
@ -394,7 +394,7 @@ Redirecting sencha port:9000
|
|||
<div align="center"><img src="screenshots/buffalo.png" alt="Example: Buffalo TeraStation NAS Drives" /></div>
|
||||
|
||||
|
||||
### Logitech Media Servers [→](https://www.shodan.io/search?query=%22Server%3A+Logitech+Media+Server%22+%22200+OK%22)
|
||||
### Logitech Media Servers [🔎 →](https://www.shodan.io/search?query=%22Server%3A+Logitech+Media+Server%22+%22200+OK%22)
|
||||
|
||||
```
|
||||
"Server: Logitech Media Server" "200 OK"
|
||||
|
|
@ -403,14 +403,14 @@ Redirecting sencha port:9000
|
|||
<div align="center"><img src="screenshots/logitech.png" alt="Example: Logitech Media Servers" /></div>
|
||||
|
||||
|
||||
### [Plex](https://www.plex.tv/) Media Servers [→](https://www.shodan.io/search?query=%22X-Plex-Protocol%22+%22200+OK%22+port%3A32400)
|
||||
### [Plex](https://www.plex.tv/) Media Servers [🔎 →](https://www.shodan.io/search?query=%22X-Plex-Protocol%22+%22200+OK%22+port%3A32400)
|
||||
|
||||
```
|
||||
"X-Plex-Protocol" "200 OK" port:32400
|
||||
```
|
||||
|
||||
|
||||
### [Tautulli / PlexPy](https://github.com/Tautulli/Tautulli) Dashboards [→](https://www.shodan.io/search?query=%22CherryPy%2F5.1.0%22+%22%2Fhome%22)
|
||||
### [Tautulli / PlexPy](https://github.com/Tautulli/Tautulli) Dashboards [🔎 →](https://www.shodan.io/search?query=%22CherryPy%2F5.1.0%22+%22%2Fhome%22)
|
||||
|
||||
```
|
||||
"CherryPy/5.1.0" "/home"
|
||||
|
|
@ -426,28 +426,28 @@ Redirecting sencha port:9000
|
|||
|
||||
Example images not necessary. 🤦
|
||||
|
||||
### Yawcams [→](https://www.shodan.io/search?query=%22Server%3A+yawcam%22+%22Mime-Type%3A+text%2Fhtml%22)
|
||||
### Yawcams [🔎 →](https://www.shodan.io/search?query=%22Server%3A+yawcam%22+%22Mime-Type%3A+text%2Fhtml%22)
|
||||
|
||||
```
|
||||
"Server: yawcam" "Mime-Type: text/html"
|
||||
```
|
||||
|
||||
|
||||
### webcamXP/webcam7 [→](https://www.shodan.io/search?query=%28%22webcam+7%22+OR+%22webcamXP%22%29+http.component%3A%22mootools%22+-401)
|
||||
### webcamXP/webcam7 [🔎 →](https://www.shodan.io/search?query=%28%22webcam+7%22+OR+%22webcamXP%22%29+http.component%3A%22mootools%22+-401)
|
||||
|
||||
```
|
||||
("webcam 7" OR "webcamXP") http.component:"mootools" -401
|
||||
```
|
||||
|
||||
|
||||
### Android IP Webcam Server [→](https://www.shodan.io/search?query=%22Server%3A+IP+Webcam+Server%22+%22200+OK%22)
|
||||
### Android IP Webcam Server [🔎 →](https://www.shodan.io/search?query=%22Server%3A+IP+Webcam+Server%22+%22200+OK%22)
|
||||
|
||||
```
|
||||
"Server: IP Webcam Server" "200 OK"
|
||||
```
|
||||
|
||||
|
||||
### Security DVRs [→](https://www.shodan.io/search?query=html%3A%22DVR_H264+ActiveX%22)
|
||||
### Security DVRs [🔎 →](https://www.shodan.io/search?query=html%3A%22DVR_H264+ActiveX%22)
|
||||
|
||||
```
|
||||
html:"DVR_H264 ActiveX"
|
||||
|
|
@ -460,7 +460,7 @@ html:"DVR_H264 ActiveX"
|
|||
## Printers & Copiers:
|
||||
|
||||
|
||||
### HP Printers [→](https://www.shodan.io/search?query=%22Serial+Number%3A%22+%22Built%3A%22+%22Server%3A+HP+HTTP%22)
|
||||
### HP Printers [🔎 →](https://www.shodan.io/search?query=%22Serial+Number%3A%22+%22Built%3A%22+%22Server%3A+HP+HTTP%22)
|
||||
|
||||
```
|
||||
"Serial Number:" "Built:" "Server: HP HTTP"
|
||||
|
|
@ -469,7 +469,7 @@ html:"DVR_H264 ActiveX"
|
|||
<div align="center"><img src="screenshots/hp.png" alt="Example: HP Printers" /></div>
|
||||
|
||||
|
||||
### Xerox Copiers/Printers [→](https://www.shodan.io/search?query=ssl%3A%22Xerox+Generic+Root%22)
|
||||
### Xerox Copiers/Printers [🔎 →](https://www.shodan.io/search?query=ssl%3A%22Xerox+Generic+Root%22)
|
||||
|
||||
```
|
||||
ssl:"Xerox Generic Root"
|
||||
|
|
@ -478,7 +478,7 @@ ssl:"Xerox Generic Root"
|
|||
<div align="center"><img src="screenshots/xerox.png" alt="Example: Xerox Copiers/Printers" /></div>
|
||||
|
||||
|
||||
### Epson Printers [→](https://www.shodan.io/search?query=%22SERVER%3A+EPSON_Linux+UPnP%22+%22200+OK%22)
|
||||
### Epson Printers [🔎 →](https://www.shodan.io/search?query=%22SERVER%3A+EPSON_Linux+UPnP%22+%22200+OK%22)
|
||||
|
||||
```
|
||||
"SERVER: EPSON_Linux UPnP" "200 OK"
|
||||
|
|
@ -491,7 +491,7 @@ ssl:"Xerox Generic Root"
|
|||
<div align="center"><img src="screenshots/epson.png" alt="Example: Epson Printers" /></div>
|
||||
|
||||
|
||||
### Canon Printers [→](https://www.shodan.io/search?query=%22Server%3A+KS_HTTP%22+%22200+OK%22)
|
||||
### Canon Printers [🔎 →](https://www.shodan.io/search?query=%22Server%3A+KS_HTTP%22+%22200+OK%22)
|
||||
|
||||
```
|
||||
"Server: KS_HTTP" "200 OK"
|
||||
|
|
@ -510,7 +510,7 @@ ssl:"Xerox Generic Root"
|
|||
## Home Devices
|
||||
|
||||
|
||||
### Yamaha Stereos [→](https://www.shodan.io/search?query=%22Server%3A+AV_Receiver%22+%22HTTP%2F1.1+406%22)
|
||||
### Yamaha Stereos [🔎 →](https://www.shodan.io/search?query=%22Server%3A+AV_Receiver%22+%22HTTP%2F1.1+406%22)
|
||||
|
||||
```
|
||||
"Server: AV_Receiver" "HTTP/1.1 406"
|
||||
|
|
@ -519,7 +519,7 @@ ssl:"Xerox Generic Root"
|
|||
<div align="center"><img src="screenshots/yamaha.png" alt="Example: Yamaha Stereos" /></div>
|
||||
|
||||
|
||||
### Apple AirPlay Receivers [→](https://www.shodan.io/search?query=%22%5Cx08_airplay%22+port%3A5353)
|
||||
### Apple AirPlay Receivers [🔎 →](https://www.shodan.io/search?query=%22%5Cx08_airplay%22+port%3A5353)
|
||||
|
||||
Apple TVs, HomePods, etc.
|
||||
|
||||
|
|
@ -528,14 +528,14 @@ Apple TVs, HomePods, etc.
|
|||
```
|
||||
|
||||
|
||||
### Chromecasts / Smart TVs [→](https://www.shodan.io/search?query=%22Chromecast%3A%22+port%3A8008)
|
||||
### Chromecasts / Smart TVs [🔎 →](https://www.shodan.io/search?query=%22Chromecast%3A%22+port%3A8008)
|
||||
|
||||
```
|
||||
"Chromecast:" port:8008
|
||||
```
|
||||
|
||||
|
||||
### [Crestron Smart Home](https://www.crestron.com/Products/Market-Solutions/Residential-Solutions) Controllers [→](https://www.shodan.io/search?query=%22Model%3A+PYNG-HUB%22)
|
||||
### [Crestron Smart Home](https://www.crestron.com/Products/Market-Solutions/Residential-Solutions) Controllers [🔎 →](https://www.shodan.io/search?query=%22Model%3A+PYNG-HUB%22)
|
||||
|
||||
```
|
||||
"Model: PYNG-HUB"
|
||||
|
|
@ -547,7 +547,7 @@ Apple TVs, HomePods, etc.
|
|||
## Random Stuff
|
||||
|
||||
|
||||
### OctoPrint 3D Printer Controllers [→](https://www.shodan.io/search?query=title%3A%22OctoPrint%22+-title%3A%22Login%22+http.favicon.hash%3A1307375944)
|
||||
### OctoPrint 3D Printer Controllers [🔎 →](https://www.shodan.io/search?query=title%3A%22OctoPrint%22+-title%3A%22Login%22+http.favicon.hash%3A1307375944)
|
||||
|
||||
```
|
||||
title:"OctoPrint" -title:"Login" http.favicon.hash:1307375944
|
||||
|
|
@ -556,7 +556,7 @@ title:"OctoPrint" -title:"Login" http.favicon.hash:1307375944
|
|||
<div align="center"><img src="screenshots/octoprint.png" alt="Example: OctoPrint 3D Printers" /></div>
|
||||
|
||||
|
||||
### Etherium Miners [→](https://www.shodan.io/search?query=%22ETH+-+Total+speed%22)
|
||||
### Etherium Miners [🔎 →](https://www.shodan.io/search?query=%22ETH+-+Total+speed%22)
|
||||
|
||||
```
|
||||
"ETH - Total speed"
|
||||
|
|
@ -565,7 +565,7 @@ title:"OctoPrint" -title:"Login" http.favicon.hash:1307375944
|
|||
<div align="center"><img src="screenshots/eth.png" alt="Example: Etherium Miners" /></div>
|
||||
|
||||
|
||||
### Apache Directory Listings [→](https://www.shodan.io/search?query=http.title%3A%22Index+of+%2F%22+http.html%3A%22.pem%22)
|
||||
### Apache Directory Listings [🔎 →](https://www.shodan.io/search?query=http.title%3A%22Index+of+%2F%22+http.html%3A%22.pem%22)
|
||||
|
||||
Substitute `.pem` with any extension or a filename like `phpinfo.php`.
|
||||
|
||||
|
|
@ -574,21 +574,21 @@ http.title:"Index of /" http.html:".pem"
|
|||
```
|
||||
|
||||
|
||||
### Too Many Minecraft Servers [→](https://www.shodan.io/search?query=%22Minecraft+Server%22+%22protocol+340%22+port%3A25565)
|
||||
### Too Many Minecraft Servers [🔎 →](https://www.shodan.io/search?query=%22Minecraft+Server%22+%22protocol+340%22+port%3A25565)
|
||||
|
||||
```
|
||||
"Minecraft Server" "protocol 340" port:25565
|
||||
```
|
||||
|
||||
|
||||
### Literally [Everything](https://www.vox.com/2014/12/22/7435625/north-korea-internet) in North Korea 🇰🇵 [→](https://www.shodan.io/search?query=net%3A175.45.176.0%2F22%2C210.52.109.0%2F24)
|
||||
### Literally [Everything](https://www.vox.com/2014/12/22/7435625/north-korea-internet) in North Korea 🇰🇵 [🔎 →](https://www.shodan.io/search?query=net%3A175.45.176.0%2F22%2C210.52.109.0%2F24)
|
||||
|
||||
```
|
||||
net:175.45.176.0/22,210.52.109.0/24,77.94.35.0/24
|
||||
```
|
||||
|
||||
|
||||
### TCP Quote of the Day [→](https://www.shodan.io/search?query=port%3A17+product%3A%22Windows+qotd%22)
|
||||
### TCP Quote of the Day [🔎 →](https://www.shodan.io/search?query=port%3A17+product%3A%22Windows+qotd%22)
|
||||
|
||||
Port 17 ([RFC 865](https://tools.ietf.org/html/rfc865)) has a [bizarre history](https://en.wikipedia.org/wiki/QOTD)...
|
||||
|
||||
|
|
@ -597,7 +597,7 @@ port:17 product:"Windows qotd"
|
|||
```
|
||||
|
||||
|
||||
### Find a Job Doing This! 👩💼 [→](https://www.shodan.io/search?query=%22X-Recruiting%3A%22)
|
||||
### Find a Job Doing This! 👩💼 [🔎 →](https://www.shodan.io/search?query=%22X-Recruiting%3A%22)
|
||||
|
||||
```
|
||||
"X-Recruiting:"
|
||||
|
|
|
|||
Loading…
Reference in New Issue