当前位置：网站首页>[kali-information collection] (1.9) Metasploit + search engine tool Shodan

1.1、概述：
ShodanIt is one of the most powerful search and citation tools on the Internet.This tool is not searching the web for URLs, Instead, search the server directly.Shodan可以说是一款＂黑暗＂谷歌,Constantly looking for all servers connected to the Internet、摄像头、Printers and routers, etc.Every month at approx5Collecting information day and night on hundreds of millions of servers
www.shodanhq.com

二、使用

2.1、过滤语法
City、Country命令
使用City和Countrycommand to narrow the search by geographic location
1、country:chinaIndicates search from China
2、city:beijingIndicates search from Beijing city.
City和CountlyCommands can also be combined
3、country:china city:beijing
HOSTNAME命令
HOSTNAMEThe command scans the entire domain name by specifying the hostname
hostname:google表示搜索google主机
NET命令
使用NETThe command scans a singleIP or a network range
net:192.168.190.131：扫描主机192.168.190.131
net:192.168. 190.0/24:：扫描192.168.190.0/24网络内所有主机
Title命令
使用Titlecommand to search for items
title: "Server Room"：Indicates to search for server room information
关键字搜索
ShodanSearching with one keyword is the most popular way.If you know the server type or embedded server name used by the target system, 来搜索一个WebPages are easy
apache/2.2.8 200 ok：means to search allApache服务正在运行的2.2.8版本, And only search open sites
apache/2.2.8 -401 -302：Indicates to skip the display401illegal pages or302删除页
组合搜索
IIS/7.0 hostname:YourCompany.com city:BostonIndicates that the search is running in all BostonIIS/7.0的Microsoft服务器
llS/5.0 hostname:YourCompany.com country:FRIndicates that the search runs all in FrancellS/5.0的系统
Title:camera hostname: YourCompany.comIndicates that the title is on a hostcamera的信息
geo:33.5,36.3 os:LinuxIndicates the use of coordinate axes（经度33.S, 纬度36.3)的形式搜索Linux操作系统
Additional search terms
Port：Search by port number
OS：Search by operating system
After或Before：Use the time search service

2.2、Metasploit实现Shodan搜索
(1)注册
在Shodanhq.comSign up for a free account on the site

(2)获取API
从http://www.shodanhq.com/api_doc网站获取API key

(3)启动PostgreSQL服务
service postgresql start
或者
sudo service postgresql start
(4)启动Metasploit服务
service metasploit start
或者
sudo service metasploit start
（注：This step may not be needed,metasploithas been replaced by obsolete）

(5)启动MSF终端
msfconsole
(6)选择模块
选择auxiliary/gather/shodan_ search模块, And check the option parameters that can be configured and controlled under this module
输出信息中,There are four option parameters that must be configured,Two of them are already configured, QUERY和SHODAN_APIKEY还没有配置
use auxiliary/gather/shodan_search
show options
(7)配置参数
配置QUERY和SHODAN_APIKEY选项参数
1、set SHODAN_APIKEY （+API值）
2、set QUERY （+要搜索的关键字）

(8) Start the search engine
run