How to Use Shodan

PDF download Download Article
Learn how to search for internet connected devices in the Shodan search engine
PDF download Download Article

Shodan is a type of search engine that allows users to search for Internet-connected devices and explicit website information such as the type of software running on a particular system and local anonymous FTP servers. Shodan can be used much in the same way as Google, but indexes information based on banner content, which is meta-data that servers send back to hosting clients. For the best results, Shodan searches should be executed using a series of filters in a string format. [1]

Steps

PDF download Download Article
  1. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/4\/47\/Use-Shodan-Step-1-Version-2.jpg\/v4-460px-Use-Shodan-Step-1-Version-2.jpg","bigUrl":"\/images\/thumb\/4\/47\/Use-Shodan-Step-1-Version-2.jpg\/aid4878363-v4-728px-Use-Shodan-Step-1-Version-2.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/creativecommons.org\/licenses\/by-nc-sa\/3.0\/\">Creative Commons<\/a><br>\n<\/p><p><br \/>\n<\/p><\/div>"}
    Navigate to the Shodan website at http://www.shodanhq.com/ .
  2. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/7\/78\/Use-Shodan-Step-2-Version-2.jpg\/v4-460px-Use-Shodan-Step-2-Version-2.jpg","bigUrl":"\/images\/thumb\/7\/78\/Use-Shodan-Step-2-Version-2.jpg\/aid4878363-v4-728px-Use-Shodan-Step-2-Version-2.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/creativecommons.org\/licenses\/by-nc-sa\/3.0\/\">Creative Commons<\/a><br>\n<\/p><p><br \/>\n<\/p><\/div>"}
    Advertisement
  3. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/e\/eb\/Use-Shodan-Step-3-Version-2.jpg\/v4-460px-Use-Shodan-Step-3-Version-2.jpg","bigUrl":"\/images\/thumb\/e\/eb\/Use-Shodan-Step-3-Version-2.jpg\/aid4878363-v4-728px-Use-Shodan-Step-3-Version-2.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/creativecommons.org\/licenses\/by-nc-sa\/3.0\/\">Creative Commons<\/a><br>\n<\/p><p><br \/>\n<\/p><\/div>"}
    Shodan will send you a verification email.
  4. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/d\/d0\/Use-Shodan-Step-4-Version-2.jpg\/v4-460px-Use-Shodan-Step-4-Version-2.jpg","bigUrl":"\/images\/thumb\/d\/d0\/Use-Shodan-Step-4-Version-2.jpg\/aid4878363-v4-728px-Use-Shodan-Step-4-Version-2.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/creativecommons.org\/licenses\/by-nc-sa\/3.0\/\">Creative Commons<\/a><br>\n<\/p><p><br \/>\n<\/p><\/div>"}
    The Shodan login screen will open in a new window of your browser.
  5. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/4\/4c\/Use-Shodan-Step-5-Version-2.jpg\/v4-460px-Use-Shodan-Step-5-Version-2.jpg","bigUrl":"\/images\/thumb\/4\/4c\/Use-Shodan-Step-5-Version-2.jpg\/aid4878363-v4-728px-Use-Shodan-Step-5-Version-2.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/creativecommons.org\/licenses\/by-nc-sa\/3.0\/\">Creative Commons<\/a><br>\n<\/p><p><br \/>\n<\/p><\/div>"}
  6. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/5\/55\/Use-Shodan-Step-6-Version-2.jpg\/v4-460px-Use-Shodan-Step-6-Version-2.jpg","bigUrl":"\/images\/thumb\/5\/55\/Use-Shodan-Step-6-Version-2.jpg\/aid4878363-v4-728px-Use-Shodan-Step-6-Version-2.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/creativecommons.org\/licenses\/by-nc-sa\/3.0\/\">Creative Commons<\/a><br>\n<\/p><p><br \/>\n<\/p><\/div>"}
    For example, if you want to locate all Internet-connected devices in the United States that are currently using default passwords, enter “default password country: US.”
  7. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/7\/7c\/Use-Shodan-Step-7-Version-2.jpg\/v4-460px-Use-Shodan-Step-7-Version-2.jpg","bigUrl":"\/images\/thumb\/7\/7c\/Use-Shodan-Step-7-Version-2.jpg\/aid4878363-v4-728px-Use-Shodan-Step-7-Version-2.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/creativecommons.org\/licenses\/by-nc-sa\/3.0\/\">Creative Commons<\/a><br>\n<\/p><p><br \/>\n<\/p><\/div>"}
    The Web page will refresh and display a list of all devices, or banners that match your search terms.
  8. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/1\/1d\/Use-Shodan-Step-8-Version-2.jpg\/v4-460px-Use-Shodan-Step-8-Version-2.jpg","bigUrl":"\/images\/thumb\/1\/1d\/Use-Shodan-Step-8-Version-2.jpg\/aid4878363-v4-728px-Use-Shodan-Step-8-Version-2.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/creativecommons.org\/licenses\/by-nc-sa\/3.0\/\">Creative Commons<\/a><br>\n<\/p><p><br \/>\n<\/p><\/div>"}
    Common search filters include the following:
    • City: Users can limit search results to devices located by city. For example, “city:sacramento.”
    • Country: Users can restrict search results to devices by country using the two-digit country code. For example, “country:US.”
    • Hostname: Users can limit search results to devices by the value in their hostname. For example, “hostname:facebook.com.”
    • Operating system: Users can search for devices based on operating system. For example, “microsoft os:windows.”
  9. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/e\/e8\/Use-Shodan-Step-9-Version-2.jpg\/v4-460px-Use-Shodan-Step-9-Version-2.jpg","bigUrl":"\/images\/thumb\/e\/e8\/Use-Shodan-Step-9-Version-2.jpg\/aid4878363-v4-728px-Use-Shodan-Step-9-Version-2.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/creativecommons.org\/licenses\/by-nc-sa\/3.0\/\">Creative Commons<\/a><br>\n<\/p><p><br \/>\n<\/p><\/div>"}
    Most listings will display explicit information about systems that include their IP address, latitude and longitude, SSH and HTTP settings, and server name.
    10. Advertisement

Expert Q&A

Ask a Question
200 characters left
Include your email address to get a message when this question is answered.
Submit
      Advertisement

      Tips

      • Narrow down your search using additional filters by purchasing add-ons from Shodan. Click on “Buy” at the top right corner of your current Shodan session to purchase and gain access to additional filters for search.
        Thanks
      • If you are in charge of system administration for your business or company, use Shodan to ensure that your system is set up in a manner that can’t be easily hacked by malicious third parties. For example, search for your system using string terms that include “default password” to verify that your system is not using default passwords, which could compromise your system’s security.
        Thanks
      Submit a Tip
      All tip submissions are carefully reviewed before being published
      Submit
      Thanks for submitting a tip for review!
      Advertisement

      You Might Also Like

      How to Disable Google Safe Search
      How to Find the Most Searched Keywords: 5 Free Tools for SEO
      How to
      Find Pictures of Someone
      Reverse Image Search in Google Lens: Android, iPhone, & Desktop
      How to
      Search Google
      How to
      Use Bing Search Engine
      Switch Your Default Search Engine to Bing: Easy Steps
      How to View Your Google Search Activity & Browsing History
      2 Fast Ways to Remove Bing from Chrome: PC, Mac, & Mobile
      How to Use Google Scholar for Academic Research
      How to
      Search the Internet
      7 Easy Ways to Get Bing Off Your Computer
      How to
      Use Google to Search Within a Specific Website
      How to
      Lock Google Safe Search
      Advertisement

      References

      1. http://www.concise-courses.com/security/shodan-explained/

      About This Article

      In other languages
      Thanks to all authors for creating a page that has been read 94,352 times.

      Is this article up to date?

      Advertisement