wikiHow is a “wiki,” similar to Wikipedia, which means that many of our articles are co-written by multiple authors. To create this article, volunteer authors worked to edit and improve it over time.
This article has been viewed 80,642 times.
Learn more...
Shodan is a type of search engine that allows users to search for Internet-connected devices and explicit website information such as the type of software running on a particular system and local anonymous FTP servers. Shodan can be used much in the same way as Google, but indexes information based on banner content, which is meta-data that servers send back to hosting clients. For the best results, Shodan searches should be executed using a series of filters in a string format.[1]
Steps
-
1Navigate to the Shodan website at http://www.shodanhq.com/.
-
2Click on “Register” at the top right corner of Shodan’s home page.Advertisement
-
3Enter a username, email address, and password, then click on “Submit.” Shodan will send you a verification email.
-
4Open the verification email and click on the URL provided to activate your Shodan account. The Shodan login screen will open in a new window of your browser.
-
5Log into Shodan using your username and password.
-
6Enter search terms into the search field at the top of your Shodan session using a string format. For example, if you want to locate all Internet-connected devices in the United States that are currently using default passwords, enter “default password country: US.”
-
7Click on “Search” to execute your search. The Web page will refresh and display a list of all devices, or banners that match your search terms.
-
8Narrow your search using a series of filters in your string command. Common search filters include the following:
- City: Users can limit search results to devices located by city. For example, “city:sacramento.”
- Country: Users can restrict search results to devices by country using the two-digit country code. For example, “country:US.”
- Hostname: Users can limit search results to devices by the value in their hostname. For example, “hostname:facebook.com.”
- Operating system: Users can search for devices based on operating system. For example, “microsoft os:windows.”
-
9Click on any listing to learn more about that particular system. Most listings will display explicit information about systems that include their IP address, latitude and longitude, SSH and HTTP settings, and server name.
