Shodan in Terminal

Check out an updated version of this script.  

Likely if you are reading this, you are at least slightly familiar with the incredibly powerful tool of Shodan.io.

If you are not, in a nutshell Shodan essentially is to online connected devices what Google is to all indexed websites.  While Google crawls websites and indexes them accordingly, Shodan crawls internet devices (banners) and indexes them.   

You can search for connected devices through their GUI (Web Interface), which works perfectly fine.  However you can go a step further and run it straight from your terminal.

Follow the images to learn how to connect your API key to your own custom python script.

FYI This article assumes you are following these steps in a Linux environment.  (Python can be run on any OS as long as it's environment is installed)

First:

-You are going to need a shodan login.  As well you do need to pay for the service.  Once you pay you are going to have access to your API key.  If Cyber Security is of interest to you, just do it (pay the $) you will not regret it.

-The GUI is fun, but when you can automate your searches it takes your searches to the next level.


Second:

-Make sure you have pip[3] installed.

-Run this--> #sudo apt-get install pip

-Next install shodan module

-Run This-->#sudo pip install shodan

(Take note this article is not meant to troubleshoot how to install modules or pip)


Third:

-Obtain your API Key

-Once you have logged in, at the top of your browser you will see a "Show API Key" click it and your KEY will be revealed.  Alternatively you can click on "My Account" and be directed to a  separate page that contains your KEY.


Fourth:

-Write your code!!

-Wherever you like to run code from in Kali, here is an example of a python script.

-Where the red bar is paste your API KEY

-The below script will insert Shodan "Filters" and use Shodan just as if you were 

-When asked by the script to input a query, just type into the terminal the exact same thing you would in the Web GUI.




Basic Search Filters[4]

port: Search by specific port
net: Search based on an IP/CIDR
hostname: Locate devices by hostname
os: Search by Operating System
city: Locate devices by city
country: Locate devices by country
geo: Locate devices by coordinates
org: Search by organization
before/after: Timeframe delimiter
hash: Search based on banner hash
has_screenshot:true Filter search based on a screenshot being present
title: Search based on text within the title

Examples
Webcamxp instances in the US
webcamxp country:"US"

Cisco devices in New York
cisco city:"New York"

Unsecured Linksys Webcams with screenshots in the search query
title:"+tm01+" has_Screenshot:true

I hope this helps you in your security research and automation!

Andrew Campbell

Reference:

[1]https://shodan.readthedocs.io/en/latest/tutorial.html

[2]https://null-byte.wonderhowto.com/how-to/hacks-mr-robot-use-shodan-api-with-python-automate-scans-for-vulnerable-devices-0180975/

[3]https://pypi.org/project/pip/

[4]https://thor-sec.com/cheatsheet/shodan/shodan_cheat_sheet/

Comments

Popular Posts