SHODAN DORK
webcamXP/webcam7:
("webcam 7" OR "webcamXP") http.component:"mootools" -401Some Webcams(SQ Webcams?): Server: SQ-WEBCAM
Yawcam Webcams: "Server: yawcam" "Mime-Type: text/html"
Surveillance Cams:
Server: uc-httpd 1.0.0
NETSurveillance uc-httpd
Surveillance cams with admin:admin or admin:(none) creds
Hikvision Cameras:
product:"Hikvision IP Camera"
Link for Hikvision backdoor here: https://ipvm.com/reports/hik-exploit
Generic dork for finding cameras: title:camera
Generic dork for finding cameras (with screenshots): webcam has_screenshot:true
Dahua Cameras: http.title:"WEB VIEW"
Some random webcams: http.title:"Webcam"
Vulnerable Services / Servers
EternalBlue SMB RCE: os:"Windows 10 Home 19041
ProFTPD 1.3.5 (mod_copy exec; CVE-2015-3306) : "220 ProFTPD 1.3.5"
Anonymous FTP Login #1: "230 User anonymous"
Anonymous FTP Login #2: "220" "230 Login successful." port:21
Already Logged-In as root via Telnet: "root@" port:23 -login -password -name -Session
No password for Telnet Access: port:23 console gateway
Other Services that you can find
OpenSSH: openssh port:22
Logitech Media Servers: "Server: Logitech Media Server" "200 OK"
Jenkins Unrestricted Dashboard: x-jenkins 200
MySQL: "product:MySQL"
MongoDB #1: mongodb port:27017
MongoDB #2: product:"MongoDB"
Interesting Things that you can find on Shodan
RDP/VNC's WITHOUT AUTH: "authentication disabled" "RFB 003.008" remote desktop "port:3389"
XZERES Wind Turbines: title:"xzeres wind"
title:"IP CAMERA Viewer" Content-Length: 703
MikroTik Routers: port:8291 os:"MikroTik RouterOS 6.45.9"
Minecraft Servers: "Minecraft Server" "protocol 340" port:25565
Smart TVs: "Chromecast:" port:8008
Maritime Satellites: "Cobham SATCOM" OR ("Sailor" "VSAT") Real-time location of ships via satelite
Tesla PowerPack Charging Status Page: http.title:"Tesla PowerPack System" http.component:"d3"
Samsung Electronic Billboards: "Server: Prismview Player"
Last updated