Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mr-exo/shodan-dorks
Here are the most interesting Shodan dorks (according to me)
https://github.com/mr-exo/shodan-dorks
devices dorks iot shodan shodan-dorks shodandorks
Last synced: about 1 month ago
JSON representation
Here are the most interesting Shodan dorks (according to me)
- Host: GitHub
- URL: https://github.com/mr-exo/shodan-dorks
- Owner: mr-exo
- Created: 2021-09-16T15:53:53.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2023-12-10T13:07:42.000Z (about 1 year ago)
- Last Synced: 2023-12-10T14:24:40.416Z (about 1 year ago)
- Topics: devices, dorks, iot, shodan, shodan-dorks, shodandorks
- Homepage:
- Size: 14.6 KB
- Stars: 37
- Watchers: 1
- Forks: 9
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-ip-search-engines - Shodan Dorks from @mr-exo
- awesome-ip-search-engines - Shodan Dorks from @mr-exo
README
# Top 100 Interesting Shodan Dorks
_This is the list of most interesting shodan dorks that you can use on Shodan.io_
# Cameras and Webcams
webcamXP/webcam7: \
`("webcam 7" OR "webcamXP") http.component:"mootools" -401`Some Webcams(SQ Webcams?): \
`Server: SQ-WEBCAM`Yawcam Webcams: \
`"Server: yawcam" "Mime-Type: text/html"`Surveillance Cams: \
`Server: uc-httpd 1.0.0`\
`NETSurveillance uc-httpd`\
***Surveillance cams with admin:admin or admin:(none) creds***Hikvision Cameras: \
`product:"Hikvision IP Camera"` \
***Link for Hikvision backdoor here:*** https://ipvm.com/reports/hik-exploitGeneric dork for finding cameras: \
`title:camera`Generic dork for finding cameras (with screenshots): \
`webcam has_screenshot:true`Dahua Cameras: \
`http.title:"WEB VIEW"`Some random webcams: \
`http.title:"Webcam"`# Vulnerable Services / Servers
EternalBlue SMB RCE: \
`os:"Windows 10 Home 19041`ProFTPD 1.3.5 (mod_copy exec; CVE-2015-3306) : \
`"220 ProFTPD 1.3.5"`Anonymous FTP Login #1: \
`"230 User anonymous"`Anonymous FTP Login #2: \
`"220" "230 Login successful." port:21`Already Logged-In as root via Telnet: \
`"root@" port:23 -login -password -name -Session`No password for Telnet Access: \
`port:23 console gateway`# Other Services that you can find
OpenSSH: \
`openssh port:22`Logitech Media Servers: \
`"Server: Logitech Media Server" "200 OK"`Jenkins Unrestricted Dashboard: \
`x-jenkins 200`MySQL: \
`"product:MySQL"`MongoDB #1: \
`mongodb port:27017`MongoDB #2: \
`product:"MongoDB"`# Interesting Things that you can find on Shodan
RDP/VNC's WITHOUT AUTH: \
`"authentication disabled" "RFB 003.008"`\
`remote desktop "port:3389"`XZERES Wind Turbines: \
`title:"xzeres wind"`MikroTik Routers: \
`port:8291 os:"MikroTik RouterOS 6.45.9"`Minecraft Servers: \
`"Minecraft Server" "protocol 340" port:25565`Smart TVs: \
`"Chromecast:" port:8008`Maritime Satellites: \
`"Cobham SATCOM" OR ("Sailor" "VSAT")` \
***Real-time location of ships via satelite***Tesla PowerPack Charging Status Page: \
`http.title:"Tesla PowerPack System" http.component:"d3"`Samsung Electronic Billboards: \
`"Server: Prismview Player"`