■ ■ ■ ■ ■ ■
overview/google-hacking-using-dorks/shodan-dorks.md
| 1 | + | --- |
| 2 | + | description: https://github.com/0xPugazh/Awesome-Dorks Reference |
| 3 | + | --- |
| 4 | + | |
1 | 5 | | # Shodan Dorks |
2 | 6 | | |
3 | 7 | | ``` |
| skipped 40 lines |
44 | 48 | | ssl.cert.expired:true |
45 | 49 | | "Authentication: disabled" port:445 |
46 | 50 | | "220" "230 Login successful." port:21 |
| 51 | + | |
| 52 | + | city: |
| 53 | + | Find devices in a particular city. |
| 54 | + | city:"Bangalore" |
| 55 | + | country: |
| 56 | + | |
| 57 | + | Find devices in a particular country. |
| 58 | + | country:"IN" |
| 59 | + | geo: |
| 60 | + | |
| 61 | + | Find devices by giving geographical coordinates. |
| 62 | + | geo:"56.913055,118.250862" |
| 63 | + | hostname: |
| 64 | + | |
| 65 | + | Find devices matching the hostname. |
| 66 | + | server: "gws" hostname:"google" |
| 67 | + | net: |
| 68 | + | |
| 69 | + | Find devices based on an IP address or /x CIDR. |
| 70 | + | net:210.214.0.0/16 |
| 71 | + | os: |
| 72 | + | |
| 73 | + | Find devices based on operating system. |
| 74 | + | os:"windows 7" |
| 75 | + | port: |
| 76 | + | |
| 77 | + | Find devices based on open ports. |
| 78 | + | proftpd port:21 |
| 79 | + | before/after: |
| 80 | + | |
| 81 | + | Find devices before or after between a given time. |
| 82 | + | apache after:22/02/2009 before:14/3/2010 |
| 83 | + | Citrix: |
| 84 | + | |
| 85 | + | Find Citrix Gateway. |
| 86 | + | title:"citrix gateway" |
| 87 | + | Wifi Passwords: |
| 88 | + | |
| 89 | + | Helps to find the cleartext wifi passwords in Shodan. |
| 90 | + | html:"def_wirelesspassword" |
| 91 | + | Surveillance Cams: |
| 92 | + | |
| 93 | + | With username:admin and password: :P |
| 94 | + | NETSurveillance uc-httpd |
| 95 | + | Fuel Pumps connected to internet: |
| 96 | + | |
| 97 | + | No auth required to access CLI terminal. |
| 98 | + | "privileged command" GET |
| 99 | + | Windows RDP Password: |
| 100 | + | |
| 101 | + | But may contain secondary windows auth |
| 102 | + | "\x03\x00\x00\x0b\x06\xd0\x00\x00\x124\x00" |
| 103 | + | Mongo DB servers: |
| 104 | + | |
| 105 | + | It may give info about mongo db servers and dashboard |
| 106 | + | "MongoDB Server Information" port:27017 -authentication |
| 107 | + | FTP servers allowing anonymous access: |
| 108 | + | |
| 109 | + | Complete Anon access |
| 110 | + | "220" "230 Login successful." port:21 |
| 111 | + | Jenkins: |
| 112 | + | |
| 113 | + | Jenkins Unrestricted Dashboard |
| 114 | + | x-jenkins 200 |
| 115 | + | Hacked routers: |
| 116 | + | |
| 117 | + | Routers which got compromised |
| 118 | + | hacked-router-help-sos |
| 119 | + | Open ATM: |
| 120 | + | |
| 121 | + | May allow for ATM Access availability |
| 122 | + | NCR Port:"161" |
| 123 | + | Telnet Access: |
| 124 | + | |
| 125 | + | NO password required for telnet access. |
| 126 | + | port:23 console gateway |
| 127 | + | Misconfigured Wordpress Sites: |
| 128 | + | |
| 129 | + | The wp-config.php if accessed can give out the database credentials. |
| 130 | + | http.html:"* The wp-config.php creation script uses this file" |
| 131 | + | Hiring: |
| 132 | + | |
| 133 | + | Find sites hiring. |
| 134 | + | "X-Recruiting:" |
| 135 | + | Android Root Bridge: |
| 136 | + | |
| 137 | + | Find android root bridges with port 5555. |
| 138 | + | "Android Debug Bridge" "Device" port:5555 |
| 139 | + | Etherium Miners: |
| 140 | + | |
| 141 | + | Shows the miners running ETH. |
| 142 | + | "ETH - Total speed" |
| 143 | + | Tesla Powerpack charging Status: |
| 144 | + | |
| 145 | + | Helps to find the charging status of tesla powerpack. |
| 146 | + | http.title:"Tesla PowerPack System" http.component:"d3" -ga3ca4f2 |
47 | 147 | | ``` |
48 | 148 | | |
| 149 | + | {% @github-files/github-code-block %} |
| 150 | + | |