Google is a search engine for human readable content. Shodan does the same for machine readable content.

You can:

  • search for specific IP addresses, and it will show you the active ports, and running services.
  • search for a specific response header in the set of countries
  • browse through the screenshots of open VNC & RDP
  • open webcams
  • and more…

The free accounts can use any feature, but the list of results is limited. But if you really want to look under the deck of the internet, the subscription is worth it.

https://account.shodan.io/billing/member

  • weedazz@lemmy.world
    link
    fedilink
    English
    arrow-up
    33
    arrow-down
    3
    ·
    1 year ago

    Is this an ad? Good news everyone we’re becoming more like Reddit every day!

    • deafboy@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      I’m not affiliated with the company in any way, there’s not even a reflink. I just find the service useful and fun.

      At first I wasn’t sure whether to post it here or not, but since it’s certainly more tech related than the business model of twitter and reddit, which is being discussed here pretty often, I decided to go for it.

      • deafboy@lemmy.worldOP
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Well, if you buy a cheap insecure camera, and point it to a giant satellite dish in some kind of space observatory, you can’t be surprised that people will want to have a look. At that point, you’re basically asking for it.

        Yeah… that was a good find. I sent the link to a friend immediately, and we were yelling like children “it’s turning, it’s turning!” every time it was repositioned.

        • Leyla :)@lemmy.fmhy.ml
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          That’s cool AF. Shodan shows lots of cool things that I don’t think anybody minds being seen, but it also gives search results that could be used nefariously. It’s probably the coolest and creepiest tech product I’ve ever seen.

    • deafboy@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      15
      arrow-down
      2
      ·
      1 year ago

      Well, if you ever asked yourself “How can I nmap the whole internet without wasting months of my life?” Shodan is for you. Otherwise, it’s probably not.

      If you’re still curious anyway, I’m not the best person to pitch it to you… but I know just the right guy - Viss, and his DefCon presentation. Shodan is a tool that can help you find stuff that he talks about.

      TOTES MCGOATS©

    • feedum_sneedson@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      I believe it was the fictional artificial intelligence that became self-aware and tried to take over the world in the game System Shock, and later System Shock 2.

  • elvith@feddit.de
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    I rarely use shodan, so I’d probably never pay for a subscription. Especially since I’ve never really hit any limit in the free plan. But I got the lifetime membership two years ago for $0.99. Even for the current $5 that’s a no brainer.

  • MeowdyPardner@kbin.social
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    One random use I found years ago was that I could instantly search for Comcast business boxes and then export the IPs as a csv, run a headless browser script to try default login creds, then scrape the wireless Mac, ssid, and password which I could plot on a map using wigle wifi wardriving data. It’s pretty cool. Maybe the monitoring service will come in handy if it ever notifies me of anything I should be concerned about on any of my IPs, hard to turn down a $5 lifetime pass.

    • tarjeezy@lemmy.ca
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      Well crap. I was waiting until the end of the day to buy it. That’s too bad…

      Edit: I guess that information was in the image, but would have been nice if it was in the post text too…

  • HousePanther@lemmy.goblackcat.com
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    3
    ·
    1 year ago

    Well, for one they don’t make it easy to be able to block them. For another, they basically advertise intrusion vectors to would-be nefarious actors.

  • Mythnubb@lemm.ee
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Well I guess I got it during that last sale because I’m already a member. Cool

    I don’t think I’ve actually ever used it though

    • deafboy@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      1
      ·
      1 year ago

      Same thing happened to me few years back. I forgot I got the membership last time there was a promotion :D

      I’ve used it in the past to pirate foreign broadcast TV, but lately I just occasionally check my own stuff, or our customers stuff when there’s a problem. It’s nicer than nmap, and good enough for the initial part of the analysis.

      • Speff@melly.0x-ia.moe
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        pirate foreign broadcast TV

        I wish to subscribe to your newsletter. I’m guessing a search for open RTMP ports, geolocation, and a few other criteria?

        • deafboy@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          I was running tvheadend with dvb-t usb stick at the time, and one day wondered, who else might be running it. There were quite a few all over the world.