How To Find Any Routers Web Interface In Shodan

January 01, 2015
Today i am going to tell you how to Find Any Routers Web Interface In Shodan


THIS IS FOR EDUCATIONAL PURPOSE ONLY, I AM NOT RESPONSIBLE FOR ANY 
ILLEGAL ACTIVITIES DONE BY VISITORS, THIS IS FOR ETHICAL PURPOSE ONLY


In a recent post, I introduced you Shodan, the world's most dangerous search engine. Shodan crawls the globe from IP to IP address, attempting to pull the banners of each web-enabled device and server it finds.
These banners are what the web servers and devices "advertise" to the world as to who they are. By searching these web banners, we can find the log-in interface for nearly every web-enabled device on planet earth.

Shodan Doesn't Index Content, It Indexes Banners
It's important to note that unlike Google, Bing, Yahoo, and other search engines, Shodan does not index the content of a website, rather it indexes the information in the banner. These banners will tell us whether the device is a webcam, a router, a VOIP phone system, or whatever, along with something about the underlying technology.
To do a specific search in Shodan, you need to understand what is in these banners and how we can use it to search for a specific and vulnerable site.
The Search Tools Are a Lot Like Other Search Engines

The search syntax for Shodan is very similar to the searching on other search engines, but what you are searching for is very different. Shodan accepts the same standard Boolean operators as the others (+-|) and quotation marks can be used to narrow a search to only the exact content between the quotation marks.
Shodan also accepts some basic filters that allows you to narrow down your search results. These include the following.

after/before - limits our results to banners that have been indexed before or after a specific date
country - filters our results by country using the two-letter country code
hostname - filters results by domain name
net - filters results by IP address range using CIDR notation
geo - filters by longitude and latitude
os - filters results by host operating system
port - filters results by port
Now that we have the basics of Shodan searching and filtering, let's see what we can find.



Step 1: Log in to Shodan

First, let's log in to Shodan. Although you can use Shodan without logging in, some of the filters we will use here require us to login to enable them. Navigate to shodanhq.com and log in.




Step 2: Search for Cisco Routers
Once logged in, let's do a search for Cisco banners. These would be the banners on Cisco devices (the most widely used routers and switches in the world) that have a Internet-enabled administration panel. When we do, Shodan finds over 3 million devices! It breaks it down by country on the left side panel as you can see below.

Step 3: Filter by Country
So, now we have all the Cisco devices indexed by Shodan. The 3+ million devices is a pretty unwieldy amount to work with, so let's try to target our search by country. In this case, let's find all the Cisco devices in India.
To do so, we will need the two-letter country code of India, which is IN. The syntax then finding all the Cisco routers in India is below. Note the colon (:) between the keyword country and the two-letter country code.
cisco country:IN
When we do so, we narrow our search considerably. As you can see in the screenshot below, we are now down to 71,147 routers. Still an unwieldy amount, but considerably smaller.

Step 4: Filter by Port
Let's continue to narrow our search and try to become very specific for what we are seeking. Let's imagine that we are looking for Cisco routers that enable VOIP in India. We know that VOIP uses the SIP protocol and the SIP protocol uses port 5060, so let's find all the Cisco routers in India that use VOIP. We can type in the search window:
cisco country:IN port:5060
As you can see below, we have now narrowed our results down dramatically to just 2,435 routers.

Step 5: Narrow the Results by IP Address
Finally, let's narrow our search down a even further. Let's add one more condition, an IP address range. Let's look for Cisco routers in India that use port 5060 (VOIP) on the IP address range of 125.63.65.0/24.
cisco country:IN port:5060 net:125.63.65.0/24
As you can see, we have narrowed our search of Cisco routers from 3 million to a single router in India with port 5060 open!

Step 6: Open the Results
Finally, let's click on the info for that router. As you can see below, Shodan provide us a significant amount of info on this single router.
To be able to access these devices, you would be well-advised to first look up the admin username and password as many admins are too lazy or reckless to change them. If you look through this banner carefully, there is an indication that there is at least a single user named "root". With that info, it becomes a password cracking exercise.




 ==========     Hacking Don't Need Agreements     ==========
Just Remember One Thing You Don't Need To Seek Anyone's Permission To Hack Anything Or Anyone As Long As It Is Ethical, This Is The Main Principle Of Hacking Dream
            Thank You for Reading My Post, I Hope It Will Be Useful For You

I Will Be Very Happy To Help You So For Queries or Any Problem Comment Below Or You Can Mail Me At BhanuHacks@gmail.com

By:
Bhanu Namikaze

Bhanu Namikaze is an Ethical Hacker, Security Analyst, Blogger, Web Developer and a Mechanical Engineer. He Enjoys writing articles, Blogging, Debugging Errors and Capture the Flags. Enjoy Learning; There is Nothing Like Absolute Defeat - Try and try until you Succeed.

No comments:

Post a Comment