Web Security Lecture 2 - Information Collection - shodan

Others 2020-02-18 18:59:33 views: null

One, shodan

1.1 Information collection methods:

  • Active Information Collection: direct interaction with the target, by the collection of information exchange process
  • Passive Information Collection: third-party engine interacting with the target, or the target will not be interactively query the database to obtain objective information

1.2 shodan search engine introduced

Although people think that Google is the most powerful search engine, but shodan is the most horrible Internet search engine. The difference is that with Google, Shodan not search the Internet web site, but directly into the channel behind the Internet . shodan it can be said to be a "dark" Google, looking for all the Internet and associated servers , cameras , printers , routers and so on.

shodan URL: https: //www.shodan.io/

1.3 shodan Search

1. Search in explorer input webcam search box
2. Specify the specific port number by keyword port.
3. Specify specific IP addresses by keyword host.
4. Specify the search for specific content by keyword city city.

1.4 shodan command line

installation

pip install shodan

Initialization Command Line

shodan init uuOJdPaS47cRzQUZWcBsV2NPzqHpaMp1

Find a specific number of service: Shodan COUNT the Apache
search: Shodan Search the Apache
Gets the specified IP address information: Shodan Host ip address
to obtain account information: Shodan info
get its own external IP address: Shodan myip

Detect whether there is protection honeypot
honeypot technology

Honey Pot is an attack on the parties on the nature of deception techniques by placing some hosts, network services or information as a bait to lure the attacker to attack them, which can capture and analyze aggressive behavior, understanding attack party tools and methods used, the presumed attack intention and motivation, the defender can make a clear understanding of the security threats they are facing, and to enhance the ability of the actual security system through technology and management tools.

shodan honeyscore 123.59.161.39  # ip为百合网

1.5 Python-shodan use

initialization:

import shodan.

SHODAN_API_KEY = 'pde7mB56vGwCWh2yKjj87z9ucYDiPwYg'

api = shodan.Shodan(SHODAN_API_KEY)

View parameters and return a result https://developer.shodan.io/api

Yauger
Published 46 original articles · won praise 4 · Views 1282
Private letter concerns

Guess you like

Origin blog.csdn.net/Yauger/article/details/104223472
Recommended
Ranking
ACCESS Group leads the trend of health, scarce raw materials and leading technology help brands ride the wind and waves in the big health industry
500 threads operate int objects at the same time [java multi-thread shared variable]
アート テンプレート レンダリングの基本構文
Vue sends asynchronous request
Ubuntu vs code next update
Description of classes and objects
780. Reaching the End: Number Theory Reasoning and Analysis Questions
OpenCV (image processing) - based on python-filter (how to use low-pass and high-pass filters)
FFmpeg learning (4) - Embed subtitles to the video
The calc( ) property in CSS3
Daily
More
2024-07-26(0)
2024-07-25(0)
2024-07-24(0)
2024-07-23(0)
2024-07-22(0)
2024-07-21(0)
2024-07-20(0)
2024-07-19(0)
2024-07-18(0)
2024-07-17(0)

Code World

© 2018 codetd.com