Shodan Search
Shodan is a paid search engine for internet-connected devices. Shodan lets you search for banners, grabs metadata about the device, such as its geographic location, hostname, operating system, and more.
To use the Shodan S earch auxiliary module, you first need to create an account on the https://www.shodan.io website to get your API Key.
msf > use auxiliary/gather/shodan_search
msf auxiliary(shodan_search) > set QUERY hostname:packtpub.com
QUERY => hostname:packtpub.com
msf auxiliary(shodan_search) > set SHODAN_APIKEY 1dOobpT1S1337sq6yx0gEKblap6yC2ib
SHODAN_APIKEY => 1dOobpT1S1337sq6yx0gEKblap6yC2ib
msf auxiliary(shodan_search) > run
...
Search Results
==============
IP:Port City Country Hostname
------- ---- ------- --------
109.234.207.107:25 Wolverhampton United Kingdom imap.packtpub.com
109.234.207.107:443 Wolverhampton United Kingdom imap.packtpub.com
109.234.207.107:587 Wolverhampton United Kingdom imap.packtpub.com
109.234.207.107:80 Wolverhampton United Kingdom imap.packtpub.com
109.234.207.107:993 Wolverhampton United Kingdom imap.packtpub.com
83.166.169.228:80 Loughborough United Kingdom packtpub.com
83.166.169.248:111 Loughborough United Kingdom imap.packtpub.com
83.166.169.248:161 Loughborough United Kingdom imap.packtpub.com
83.166.169.248:443 Loughborough United Kingdom imap.packtpub.com
83.166.169.248:80 Loughborough United Kingdom imap.packtpub.com
83.166.169.248:8080 Loughborough United Kingdom imap.packtpub.com
[*] Auxiliary module execution completed
msf auxiliary(shodan_search) >
The Shodan Search auxiliary module has revealed further information about the target, such as its IP address, open ports, location, and so on. These passive techniques can reveal some interesting information about the target and can ease our way for penetration testing.