ShodanHQ Queries For Penetration Tester

2011
01.23

ShodanHQ Queries For Penetration Tester

Category: Research / Tag: penetration tester, query, shodanhq / Add Comment

Have you ever heard SHODAN Search Engine?

SHODAN is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan directory or a search engine of banners.

SHODAN also lets you use boolean operators (‘+’, ‘-’ and ‘|’) to include/ exclude certain terms. By default, every search term has a ‘+’ operator assigned to it.

In addition to boolean operators, there are special filters to narrow down the search results.

Black <at pentestit.com> has already collect some queries and you can find it here.
We try to collect SHODAN queries related to vulnerable servers, systems, and applications. Hopefully, it will updated daily

Jan, 21st 2011

http://www.shodanhq.com/?q=xampp

http://www.shodanhq.com/?q=1.3.22+port%3A80

http://www.shodanhq.com/?q=proftpd%201.3.2+port%3A21

http://www.shodanhq.com/?q=Fedora

http://www.shodanhq.com/?q=CentOS

http://www.shodanhq.com/?q=Debian

http://www.shodanhq.com/?q=webdav

http://www.shodanhq.com/?q=litespeed –> (Exploit: http://www.exploit-db.com/exploits/13850/)

http://www.shodanhq.com/?q=savant –> (Exploit: http://www.exploit-db.com/exploits/10434/)

http://www.shodanhq.com/?q=webSCADA

http://www.shodanhq.com/?q=admin+password

http://www.shodanhq.com/?q=tomcat-5.5

Jan, 23rd 2011

http://www.shodanhq.com/?q=airlive

http://www.shodanhq.com/?q=ubnt

http://www.shodanhq.com/?q=vxworks –> (More info: http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html)

http://www.shodanhq.com/?q=camera

http://www.shodanhq.com/?q=GoAhead

http://www.shodanhq.com/?q=lighttpd+1.4.16 –> (Exploit: http://www.exploit-db.com/exploits/4391/)

http://www.shodanhq.com/?q=storage+nas

http://www.shodanhq.com/?q=protected+area

http://www.shodanhq.com/?q=cpanel

http://www.shodanhq.com/?q=AirStation%3A+Enter+%27%27root%27%27

http://www.shodanhq.com/?q=exchange

http://www.shodanhq.com/?q=owa

http://www.shodanhq.com/?q=xerox+port%3A80

http://www.shodanhq.com/?q=DD-WRT

http://www.shodanhq.com/?q=admin%2B1234

http://www.shodanhq.com/?q=SiemensGigaset-Server%2F1.0

http://www.shodanhq.com/?q=3COM

http://www.shodanhq.com/?q=realvnc

Jan, 26th 2011

http://www.shodanhq.com/?q=NetBuilder

http://www.shodanhq.com/?q=Asterisk+PBX

http://www.shodanhq.com/?q=Avaya

http://www.shodanhq.com/?q=huawei

http://www.shodanhq.com/?q=Zhone%20SLMS

http://www.shodanhq.com/?q=WindWeb

Feb, 9th 2011

http://www.shodanhq.com/?q=SmartAX

http://www.shodanhq.com/?q=Ericsson+Television+Web+server

http://www.shodanhq.com/?q=intranet

1 comment so far

Add Your Comment

Reply

ShodanHQ – Computer Search Engine « Agus Setiawan said: 2011.10.10 10:41

[...] juga ShodanHQ Queries For Penetration Tester Share this:TwitterFacebookLike this:LikeBe the first to like this [...]