Getting Started with Shodan Eye - 5 min read
Shodan Eye collects and returns all information about every device that is directly connected to the internet and according to the keywords you entered.
What type of devices can be found with Shodan Eye
The types of devices that are indexed can vary enormously. It can be from small desktops to refrigerators or either nuclear power plants, webcams, water treatment facilities, coffee machines, yachts, medical devices, traffic lights, wind turbines, license plate readers, smart TVs and much more. Actually we can say everything you could possibly imagine that’s plugged into the internet.
Here you can find the latest post-upgrade about Shodan Eye
There are already over 10 billion connected devices active today, and that figure is expected to reach 64 billion by 2025. Shodan runs its scans 24/7, ensuring all its data is up to date. Shodan has picked up support for IPv6 addresses, but you won’t see those as often you can see IPv4.
With Shodan Eye, you can find everything using “your own” specified keywords. Shodan queries examples can be found in the file attached in the Github repository named Shodan_Dorks_The_Internet_of_Sh*t.txt
The information obtained with Shodan Eye can be applied in many areas such as:
- Network security, keep an eye on all devices in your company or at home that is connected to the internet
- All sort off vulnerabilities
WHAT IS SHODAN?
It is a search engine that lets the user find specific types of computers (webcams, routers, servers, etc …) currently connected to the internet using a variety of filters. Some have also described it as a search engine of service banners, which are metadata that the device sends back to the client.
Shodan the scariest search engine on the internet
Shodan terrifies non-technical people who don’t understand how the internet works. CNN called Shodan the “Scariest search engine on the internet” in 2013. This is definitely of no sense since attackers intent on causing harm don’t need Shodan to find targets.
Beware of the attacks on your own devices!
A quick search for the term “default password” reveals countless printers, servers and system control devices that use “admin” as their user name and “1234” as their password. In many cases, it doesn’t even have a password, and you leave it blank. Until today, many connected systems require no credentials at all!
WHAT IS THE DIFFERENCE BETWEEN GOOGLE OR ANOTHER SEARCH ENGINE?
The most fundamental difference is that Shodan Eye analyzes the Internet, while Google analyzes the World Wide Web. Moreover, the devices connected to the World Wide Web are only a small part of what is really connected to the Internet.
SHODAN API KEY
For additional data gathering, you can enter a Shodan API key when prompted. A Shodan API key can be found here. Once your account has been confirmed you will receive your own API Key.
Make sure that your Shodan API key you are entering is valid. I personally recommended to take out a paid subscription, but however a free account is sufficient to do a lot of things.
The current version of Shodan Eye use Python 2.7 but another version using Python 3 is scheduled.
Install Shodan Eye on Linux
git clone https://github.com/BullsEye0/shodan-eye.git cd shodan-eye pip install -r requirements.txt
Use Shodan Eye
After entering the above command you will be prompted to enter your Shodan API Key. That’s all, it’s now the time for you to enjoy. For more information please feel free to visit the Github repository.
Shodan Eye Video
Here is a brief summary of what Shodan Eye can do.
IMPORTANT THINGS TO REMEMBER
- This article was written for educational purposes and pentest only.
- The author can not be held responsible for damages caused by the use of these resources.
- You will not misuse the information to gain unauthorized access.
- This information shall only be used to expand knowledge and not for causing malicious or damaging attacks.
- Just remember, Performing any hacks without written permission is illegal ..!
Read also the Disclaimer
If you have any questions about this article, any feedback, suggestions if you want to share your thoughts, please feel free to do it using the below comment form.