Exploiting theinternet with shodan part – 3

Exploiting the internet with shodan | part – 5.3

Exploiting the internet with shodan part -3 Example

# Hacked Ubiquiti Networks Device

hacked-router-help-sos
How to find hacked routers

Or, CLI mode

shodan search 'hacked-router-help-sos'

# Home routers’ storage/attached USB storage

IPC$ all storage devices
# PBX phone gateways without authentication

Or, CLI mode

shodan search 'IPC$ all storage devices'

# PBX phone gateways without authentication

hacked-router-help-sos
# PBX phone gateways without authentication

Or, CLI mode

shodan search 'port:23 console gateway -password'

# Lantronix ethernet adapter’s admin interface without password

Press Enter for Setup Mode port:9999
Lantronix ethernet adapter’s admin interface without password

Or, CLI mode

shodan search 'Press Enter for Setup Mode port:9999'

# Polycom video-conference system no-auth shell

 "polycom command shell"
Polycom video-conference system no-auth shell

Or, CLI mode

shodan search '"polycom command shell"'

# VNC servers without authentication

"authentication disabled" port:5900,5901

Or, CLI mode

shodan search '"authentication disabled" port:5900,5901'

# NPort serial-to-eth / MoCA devices without password

nport -keyin port:23
nport -keyin port:23

Or, CLI mode

shodan search 'nport -keyin port:23'

# Windows RDP

"\x03\x00\x00\x0b\x06\xd0\x00\x00\x124\x00"

Some pentest Queries

# Default Jenkins installations

http.favicon.hash:81586312
Default Jenkins installations

Or, CLI mode

shodan search 'hacked-router-help-sos'shodan search 'http.favicon.hash:81586312'

# IBM WebSphere version disclosure

http.favicon.hash:1485257654
IBM WebSphere version disclosure

Or, CLI mode

shodan search 'http.favicon.hash:1485257654'

# SonarQube installations

WASRemoteRuntimeVersion
SonarQube installations

Or, CLI mode

shodan search 'WASRemoteRuntimeVersion'

# Apache Directory Listings

http.title:"Index of /" http.html:".pem"

# Misconfigured WordPress

http.html:"* The wp-config.php creation script uses this file"
Misconfigured WordPress
Spread the love

Leave a Comment

Your email address will not be published.