SHODAN is an extremely useful tool for scanning the Internet without having to do any scanning. It provides a search engine for banners and SNMP information that have been harvested from Internet-facing systems. I wrote a couple of scripts to leverage the API but wanted to go further by creating a module for the Metasploit Framework.
The SHODAN Enumerator module (download here) requires two options, APIKEY and QUERY, to work. There is a third option (OUTFILE) to write the IPs from the search to a file along with advanced options for sending the request through a web proxy. Database support is included and the services information for each IP is populated with the port, protocol, and banner. NOTE: Some systems will require ruby json gem to be installed (gem install json).
Click here to continue reading...
MVP (Enterprise Security), ISLA-2010 (ISC)², C|EH, C|HFI, CCNA, MCP,
Certified ISO 27001:2005 Lead Auditor
[b]There are 3 roads to spoil; women, gambling & hacking. The most pleasant with women, the quickest with gambling, but the surest is hacking - c0c0n