Shodan Hacks

city: - Find devices in a particular city. Example: city:“México”城市： - 查找特定城市中的设备。示例：城市：“墨西哥”country: - Find devices in a particular country. Example: country:“MX”国家/地区： - 查找特定国家/地区的设备。示例：国家/地区：“MX”geo: - Find devices by giving geographical coordinates. Example: geo:“89.256487,20.111111”geo： - 通过给出地理坐标查找设备。示例：地理：“89.256487,20.111111”hostname: - Find devices matching the hostname. Example: server: “gws” hostname:“google”主机名： - 查找与主机名匹配的设备。示例：服务器：“gws”主机名：“google”net: - Find devices based on an IP address or /x CIDR. Example: **net:**210.214.0.0/16net： - 根据 IP 地址或 /x CIDR 查找设备。示例：**网络：**210.214.0.0/16os: - Find devices based on operating system. Example: os:“Windows IIS”os： - 根据操作系统查找设备。示例：os:“Windows IIS”port: - Find devices based on open ports. Example: apache **port:**8080端口：- 根据开放端口查找设备。示例：apache **端口：**8080

ACTi: admin/123456 or Admin/123456Amcrest: admin/adminAmerican Dynamics: admin/admin or admin/9999 Arecont Vision: noneAvertX: admin/1234...............

https://www.shodan.io/search?query=Hipcam RealServer/V1.0https://www.shodan.io/search?query=”Active Management Technology”https://www.shodan.io/search?query=Server%3A+uc-httpd+1.0.0https://www.shodan.io/search?query=http.html%3A%2Fdana-nahttps://www.shodan.io/search?query=http.title%3A%22Index+of+%2F%22+http.html%3A%22.pem%22https://www.shodan.io/search?query=%22220%22+%22230+Login+successful.%22+port%3A21https://www.shodan.io/search?query=HP-ILO-4+%21%22HP-ILO-4%2F2.53%22+%21%22HP-ILO-4%2F2.54%22+%21%22HP-ILO-4%2F2.55%22+%21%22HP-ILO-4%2F2.60%22+%21%22HP-ILO-4%2F2.61%22+%21%22HP-ILO-4%2F2.62%22+%21%22HP-iLO-4%2F2.70%22+port%3A1900https://www.shodan.io/search?query=%22Docker+Containers%3A%22+port%3A2375https://www.shodan.io/search?query=%22MongoDB+Server+Information%22+port%3A27017+-authenticationhttps://www.shodan.io/search?query=Microsoft-IIS/6.0 – CVE-2017-7269 (https://github.com/edwardz246003/IIS_exploit)https://www.shodan.io/search?query=’Microsoft-IIS/7.5′ ‘It works!’ -‘Content-Type’ -‘Set-Cookie’ – Hunting Red Team Empire C2 Infrastructurehttps://www.shodan.io/search?query=Hipcam RealServer/V1.0https://www.shodan.io/search?query=”Active Management Technology”https://www.shodan.io/search?query=”Standard Manageability” – CVE-2017-5689https://www.shodan.io/search?query=GoAhead 5ccc069c403ebaf9f0171e9517f40e41 – CVE-2017-8221,CVE-2017-8222,CVE-2017-8223,CVE-2017-8224,CVE-2017-8225https://www.shodan.io/search?query=title:”RAKO Bridge Control Panel”https://www.shodan.io/search?query=PK5001Z login org:”CenturyLink” – CVE-2016-10401https://www.shodan.io/search?query=Server%3A+uc-httpd+1.0.0https://www.shodan.io/search?query=http.favicon.hash%3A1485257654 – SonarQube installationshttps://www.shodan.io/search?query=title%3ASecuritySpy – SecuritySpy web cam portalshttps://www.shodan.io/search?query=port%3A2375+product%3A%22Docker%22 – Docker installationshttps://www.shodan.io/search?query=port%3A%222379%22+product%3A%22etcd%22 – elweb.co/the-security-footgun-in-etcd/https://www.shodan.io/search?query=http.favicon.hash%381586312 – Default Jenkins installationshttps://www.shodan.io/search?query=WASRemoteRuntimeVersion – IBM WebSphere version disclosurehttps://www.shodan.io/search?query=var+isDefaultPwd+%3D+%271%27%3B – CVE-2018-7900https://www.shodan.io/search?query=http.html%3A%2Fdana-nahttps://www.shodan.io/search?query=http.title%3A%22Index+of+%2F%22+http.html%3A%22.pem%22https://www.shodan.io/search?query=%22220%22+%22230+Login+successful.%22+port%3A21https://www.shodan.io/search?query=%22Intel%28R%29+Active+Management+Technology%22+port%3A623%2C664%2C16992%2C16993%2C16994%2C16995 – Intel Active Management CVE-201(7|9|8)https://www.shodan.io/search?query=HP-ILO-4+%21%22HP-ILO-4%2F2.53%22+%21%22HP-ILO-4%2F2.54%22+%21%22HP-ILO-4%2F2.55%22+%21%22HP-ILO-4%2F2.60%22+%21%22HP-ILO-4%2F2.61%22+%21%22HP-ILO-4%2F2.62%22+%21%22HP-iLO-4%2F2.70%22+port%3A1900https://www.shodan.io/search?query=%22Docker+Containers%3A%22+port%3A2375https://www.shodan.io/search?query=%22MongoDB+Server+Information%22+port%3A27017+-authenticationhttps://www.shodan.io/search?query=http.title%3A%22Priv8+Mailer%22 – Detect PHP Mailerhttps://www.shodan.io/search?query=http.favicon.hash%3A116323821 – Detect Spring Boothttps://www.shodan.io/search?query=http.favicon.hash%3A-335242539 – Detect F5 BIG-IP deviceshttps://www.shodan.io/search?query=http.favicon.hash%3A442749392 – Detect Microsoft Exchange 2010https://www.shodan.io/search?query=http.favicon.hash%3A679065580 – Detect Loxone Smart Homeshttps://www.shodan.io/search?query=aclara+port%3A%2280%22 – Detect Aclara Smart Meterhttps://www.shodan.io/search?query=PLC+name%3A+S7_Turbine – Detect S7 PLC Turbinehttps://www.shodan.io/search?query=os%3A%22Playstation+4%22 – Detect Sony Playstation 4 systemshttps://www.shodan.io/search?query=title%3A%22octoprint%22 – Detect RaspberryPi Octoprint 3D printershttps://www.shodan.io/search?query=http.html_hash%3A-1467534799 – Detect Predator The Thief malwarehttps://images.shodan.io/?query=port%3A554+rtsp

Citrix - Find Citrix Gateway. Example: title:"citrix gateway"Citrix - 查找 Citrix Gateway。示例：title:"citrix gateway"Wifi Passwords - Helps to find the cleartext wifi passwords in Shodan. Example: html:"def_wirelesspassword"Wifi 密码 - 帮助在 Shodan 中查找明文 wifi 密码。示例：html:"def_wirelesspassword"Surveillance Cams - With username admin and password. Example: NETSurveillance uc-httpd监控摄像头 - 使用用户名 admin 和密码。示例：NETSurveillance uc-httpdFuel Pumps connected to internet - No auth required to access CLI terminal. Example: "privileged command" GET燃油泵连接到互联网 - 访问 CLI 终端无需身份验证。示例： "privileged command" GETWindows RDP Password - But may contain secondary windows auth. Example: "x03x00x00x0bx06xd0x00x00x124x00"Windows RDP 密码 - 但可能包含辅助 Windows 身份验证。示例： "x03x00x00x0bx06xd0x00x00x124x00"Mongo DB servers - It may give info about mongo db servers and dashboard. Example: "MongoDB Server Information" port:27017 -authenticationMongo DB 服务器 - 它可能提供有关 mongo db 服务器和仪表板的信息。示例： "MongoDB Server Information" port:27017 -authenticationFTP servers allowing anonymous access - Complete Anon access. Example: "220" "230 Login successful." port:21允许匿名访问的 FTP 服务器 - 完全匿名访问。示例： "220" "230 Login successful." port:21Jenkins - Jenkins Unrestricted Dashboard. Example: x-jenkins 200Jenkins - Jenkins 无限制仪表板。示例：x-jenkins 200Hacked routers - Routers which got compromised. Example: hacked-router-help-sos被黑客入侵的路由器 - 遭到入侵的路由器。示例：hacked-router-help-sosOpen ATM - May allow for ATM Access availability. Example: NCR Port:"161"开放 ATM - 可能允许 ATM 访问可用性。示例：NCR Port:"161"Telnet Access - NO password required for telnet access. Example: port:23 console gatewayTelnet 访问 - Telnet 访问不需要密码。示例：port:23 console gatewayMisconfigured Wordpress Sites - The wp-config.php if accessed can give out the database credentials. Example: http.html:"* The wp-config.php creation script uses this file"配置错误的 WordPress 站点 - 如果访问 wp-config.php，可能会泄露数据库凭据。示例：http.html:"* The wp-config.php creation script uses this file"Hiring - Find sites hiring. Example: "X-Recruiting:"招聘 - 查找招聘网站。示例： "X-Recruiting:"Android Root Bridge - Find android root bridges with port 5555. Example: "Android Debug Bridge" "Device" port:5555Android 根桥 - 查找端口 5555 的 Android 根桥。示例： "Android Debug Bridge" "Device" port:5555Etherium Miners - Shows the miners running ETH. Example: "ETH - Total speed"以太坊矿工 - 显示运行 ETH 的矿工。示例： "ETH - Total speed"Tesla Powerpack charging Status - Helps to find the charging status of tesla powerpack. Example: http.title:"Tesla PowerPack System" http.component:"d3" -ga3ca4f2Tesla Powerpack 充电状态 - 帮助查找 Tesla Powerpack 的充电状态。示例：http.title:"Tesla PowerPack System" http.component:"d3" -ga3ca4f2