We all were using Google dorks for long time for finding vulnerabilities but google and other search engines are designed for normal people.Here we have a advanced search engine for hackers SHODAN SUTRI
SHODAN stands for Sentient Hyper-Optimized Data Access Network it is a advnaced search engine which scans server,routers,webcams,ports,ip,load. Why is this dangerous? This is because Google looks at the web content only where as, Shodan can show you in plain text the network part of the host.
For example if we search for IIS4.0 with this query we get Results about 1113033 for IIS 5.0
and one of the layout of a server
HTTP/1.0 200 OK
Server: Microsoft-IIS/5.0
Content-Location: http://194.170.210.81/pagemoved.htm
Date: Fri, 21 Jan 2011 21:39:14 GMT
Content-Type: text/html
Accept-Ranges: bytes
Last-Modified: Sun, 07 Aug 2005 04:13:10 GMT
ETag: "e36295269bc51:d96"
Content-Length: 1059
certainly 1113033 results for IIS server is more than handy :)
For firefox users they already developed addon -https://addons.mozilla.org/en-US/firefox/addon/51503/.
Those who believe in learning by watching as we do here we have video presentation on shodan sutri from defcon 18
Shodan-Search Engine For Hackers from shobhit tiwari on Vimeo.
In the next post we will be posting dorks of shodan.Here is the link to SHODAN(click on shodan) website
0 comments:
Post a Comment