Archive for the ‘Tools’ Category

Shodan Now Exporting More Than 1K Results

Monday, May 17th, 2010

If you’re not familiar with Shodan, you should definitely check it out. It’s billed as a Computer Search Engine, and that’s exactly what it does. Want to find every FTP server out there? No sweat. How about webservers that provide a default password as part of the authentication realm?

If you sign up and log in, you’ll be able to run other interesting queries like every webserver in Nigeria (find your favorite spammer!).

I’ve personally been using Shodan heavily to calibrate a webapp fingerprinter, and the biggest pain has been inability to export more than 1000 results. I emailed John and begged for the feature and after some back and forth, as of Sunday night, it’s ready! If you click the Export button, you’ll now be prompted with the number of hosts you want to export (in increments of 1000). He says it will accommodate up to a million hosts, but might take a while to make the xml available.

Shodan Export

Incremental export (essentially pagination) isn’t yet supported, but if there’s demand he might add it.

I still think that $50/20 credits (20k hosts) is highway robbery (more begging is probably in order), but it’s a unique tool and may save you a lot of time with nmap and a scripting language.