September 14, 2022 at 4:23 PM
city:
Find devices in a particular city.
country:
Find devices in a particular country.
geo:
Find devices by giving geographical coordinates.
hostname:
Find devices matching the hostname.
net:
Find devices based on an IP address or /x CIDR.
os:
Find devices based on operating system.
port:
Find devices based on open ports.
before/after:
Find devices before or after between a given time.
Citrix:
Find Citrix Gateway.
Wifi Passwords:
Helps to find the cleartext wifi passwords in Shodan.
Surveillance Cams:
With username:admin and password: :P
Fuel Pumps connected to internet:
No auth required to access CLI terminal.
Windows RDP Password:
But may contain secondary windows auth
Mongo DB servers:
It may give info about mongo db servers and dashboard
FTP servers allowing anonymous access:
Complete Anon access
Jenkins:
Jenkins Unrestricted Dashboard
Hacked routers:
Routers which got compromised
Open ATM:
May allow for ATM Access availability
Telnet Access:
NO password required for telnet access.
Misconfigured Wordpress Sites:
The wp-config.php if accessed can give out the database credentials.
Hiring:
Find sites hiring.
Android Root Bridge:
Find android root bridges with port 5555.
Etherium Miners:
Shows the miners running ETH.
Tesla Powerpack charging Status:
Helps to find the charging status of tesla powerpack.
Find devices in a particular city.
city:"Bangalore"country:
Find devices in a particular country.
country:"IN"geo:
Find devices by giving geographical coordinates.
geo:"56.913055,118.250862"hostname:
Find devices matching the hostname.
server: "gws" hostname:"google"net:
Find devices based on an IP address or /x CIDR.
net:210.214.0.0/16os:
Find devices based on operating system.
os:"windows 7"port:
Find devices based on open ports.
proftpd port:21before/after:
Find devices before or after between a given time.
apache after:22/02/2009 before:14/3/2010Citrix:
Find Citrix Gateway.
title:"citrix gateway"Wifi Passwords:
Helps to find the cleartext wifi passwords in Shodan.
html:"def_wirelesspassword"Surveillance Cams:
With username:admin and password: :P
NETSurveillance uc-httpdFuel Pumps connected to internet:
No auth required to access CLI terminal.
"privileged command" GETWindows RDP Password:
But may contain secondary windows auth
"\x03\x00\x00\x0b\x06\xd0\x00\x00\x124\x00"Mongo DB servers:
It may give info about mongo db servers and dashboard
"MongoDB Server Information" port:27017 -authenticationFTP servers allowing anonymous access:
Complete Anon access
"220" "230 Login successful." port:21Jenkins:
Jenkins Unrestricted Dashboard
x-jenkins 200Hacked routers:
Routers which got compromised
hacked-router-help-sosOpen ATM:
May allow for ATM Access availability
NCR Port:"161"Telnet Access:
NO password required for telnet access.
port:23 console gatewayMisconfigured Wordpress Sites:
The wp-config.php if accessed can give out the database credentials.
http.html:"* The wp-config.php creation script uses this file"Hiring:
Find sites hiring.
"X-Recruiting:"Android Root Bridge:
Find android root bridges with port 5555.
"Android Debug Bridge" "Device" port:5555Etherium Miners:
Shows the miners running ETH.
"ETH - Total speed"Tesla Powerpack charging Status:
Helps to find the charging status of tesla powerpack.
http.title:"Tesla PowerPack System" http.component:"d3" -ga3ca4f2