You know search engine like Google, Yahoo or Bing right?
Shodan is like that. It is also a search engine. The difference between shodan and usual search-engine is the thing that searched. While google,yahoo or bing is good to search for websites, shodan is also a great search engine to find a specific computer (routers, servers, etc.) using various filters to put your searching into more specific.
Shodan lets you find servers or routers easily by using the search bar on its homepage. It can find what web are running what (example, web with ip 114.166.242.76 is running apache version 2.3.3)
Great search engine isn't it?
How can Shodan do it then, how can it know the software used on the website? What does shodan index? here's the answer. The bulk of the data is taken from the banners of the site which are usually got by reading or analizing the meta-data the server sends back to the client that request to connect. This banners usually contain the information about the server software, what options the service supports, a welcome message or anything else that the client would like to know before interacting with the server. Below is an example of an HTTP banner :
HTTP/1.0 200 OK
Date: Tue, 16 Feb 2010 10:03:04 GMT
Server: Apache/1.3.26 (Unix) AuthMySQL/2.20 PHP/4.1.2 mod_gzip/1.3.19.1a mod_ssl/2.8.9 OpenSSL/0.9.6g
Last-Modified: Wed, 01 Jul 1998 08:51:04 GMT
ETag: "135074-61-3599f878"
Accept-Ranges: bytes
Content-Length: 97
Content-Type: text/html
For people who interested in Information Security certainly will be interested with this site because it can be used as the Advanced Information Gathering Tool beside Maltego.
There's a firefox shodan plugin here.
but I haven't tested it yet. :P
Here's Shodan official site.
Thats it, I hope you understand.. :)
"the quieter you are, the more you are able to hear.."
"the quieter you are, the more you are able to hear.."
0 comments:
Post a Comment