The Hacker's Search Engine -

SHODAN - The Hackers Search Engine.

What is SHODAN, how does it work? Commonly referred to as the world’s most scary search engine – SHODAN is here to stay and is getting better and better at what it is designed to do.

How does SHODAN work?

SHODAN does what Google does but spits out specific and greater amounts of data. Whereas Google is interested in pretty images and excellent blog content (like what you are reading now on the world famous Concise Courses Security blog!) SHODAN will tell the hacker (be they white or black hat) things like banner information, HTTP, SSH, FTP, and SNMP services. The most basic SHODAN search will render results by country, network, operating system(s), and port(s).
If you wanted to execute a more specific search you’d use a string like this:
port:121 country:US hyper-v. code-box
> Port:121 – this narrows the search down to specific ports.
> Country – obvious.
> Hyper V – this identifies all web servers using Hyper V in the US (for example) by their SNMP banner.

SHODAN being used to detect vulnerabilities in SCADA and ICS systems is particularly useful, or perhaps better said, is very efficient at finding vulnerabilities. A CNN article by David Goldman recently highlighted two examples of how hackers used SHODAN. The first example was how an individual was able to crack into a hockey rinks’ system (possibly SCADA/ HDI) to defrost the rink! Another was able to own a the controls for a hydroelectric plant in France! These are not exaggerations. Just this week we had a demo with SCADA security experts showing how ‘easily’ a hacker can plant malware on a SCADA system using metasploit and a USB stick.
Searching for ‘default password’ on SHODAN will result in literally millions of results – mostly from servers but also on printers. Printers are especially vulnerable that allows for security breaches to occur.
Why are many systems that are Internet facing have default or poor security?
We have established that SHODAN exposes weaknesses effectively, but why are these systems vulnerable in the first place! The reason is simple. Many of these systems, such as those controlling utilities etc., that use SCADA for example, have almost zero security, because they were only designed to be connected to a company’s own systems and not a web server – making them open to anyone with a computer, SHODAN, metasploit and, of course, bad intentions.

Post a Comment