Exploiting the internet with shodan part -2 Industrial Control Systems Here, we are going to exploit industrial control systems like wind turbines, automated licence plate readers, Hacked Ubiquiti Networks Device, Surveillance cameras, user: admin, no password and many more. # XZERES Wind Turbine shodan search ‘title:”xzeres wind”‘ Note: You can search on the web interface …
Exploiting the internet with shodan | part – 5.2 Read More »
Exploiting Internet With Shodan Analysing public network range The most common use-case for Shodan is using it to get a better picture of what’s running on your public network range. The shodan command-line tool can help you get a quick idea of what you’re dealing with. For the purpose of this example we will take …
Exploiting the internet with shodan | part – 5.1 Read More »
Search Query Fundamentals The Banner Devices run services and those services are what Shodan collects information about. For example, websites are hosted on devices that run a web service and Shodan would gather information by speaking with that web service. The information for each service is stored in an object called the banner. It is …
Banner Specification of shodan search engine | part – 4 Read More »
Shodan Command-Line Interface The shodan command-line interface is packaged with the official Python library for Shodan, which means if you’re running the latest version of the library you already have access to the CLI. Installation In a virtual python environment like pyenv: easy_install shodan If you have python installed then you can use this command: …
Shodan Web Interfaces In the previous blog we have learnt about basics about shodan, now we are going to learn about shodan interfaces. The easiest way to access the data that Shodan gathers is through the web interfaces. Almost all of them let you enter a search query, so lets discuss that first: Search Query …
Introduction about Shodan Shodan is a search engine for Internet-connected devices it was created by John C. Matherly (@achillean) in 2009.. Web search engines, such as Google and Bing, are great for finding websites. Shodan helps you to find information about desktops, servers, IoT devices, and more. This information includes metadata such as the software …
Shodan pentesting guide – introduction | part -1 Read More »
Google Hacking Basics A fairly large portion of this blog is dedicated to the techniques the “bad guys” will use to locate sensitive information. We present this information to help you become better informed about their motives so that you can protect yourself and perhaps your customers. We’ve already looked at some of the benign …
Finding various vulnerabilities using google dorking | part – 9.1 Read More »
Digging the internet with google dorks 1.Google queries for locating various Web servers Query Server “Apache/1.3.28 Server at” intitle:index.of Apache 1.3.28 “Apache/2.0 Server at” intitle:index.of Apache 2.0 “Apache/* Server at” intitle:index.of Any version of Apache “Microsoft-IIS/4.0 Server at” intitle:index.of Microsoft Internet Information Services 4.0 “Microsoft-IIS/5.0 Server at” intitle:index.of Microsoft Internet Information Services 5.0 “Microsoft-IIS/6.0 Server …
Finding various vulnerabilities with google dorking | part – 9 .1 Read More »
Stringed Dorks Stringing Queries has been a target for a very long time as it allows a large diversity of a search. This has recently been discovered in the mixture of using Search Functions and the GRS in combination. Rules to be acknowledged prior to trialing this method:1. You can only use it on Search …
Learn how to string/extend google dorks | part -9 Read More »
Most Known SQLi Error Vulnerability This is by far the most universally exploited vulnerability on the face of the planet when it comes to SQLi. Simply put; The database has an error that has been rendered and displayed prior to the indexing to the Google Index of Websites. What we call the internet for the …
Findin Sqli error vulnerabilities using google dorking | part – 8 Read More »
