WEBVTT 0 00:00.990 --> 00:08.870 A particular useful feature of Shodan is that we don't need to open a web browser to use it. 1 00:08.870 --> 00:16.100 There is also a command line interface client that can be used to make requests using the Shodan 2 00:16.190 --> 00:24.750 API. To install the Shodan client, we'll need to have a working Python installation which is available 3 00:24.810 --> 00:27.660 on any modern Linux distribution. 4 00:27.670 --> 00:36.810 Then, we’ll install the client using pip. If Pip is not installed on your Linux you install it by executing 5 00:36.840 --> 00:40.280 apt install python3-pip 6 00:44.540 --> 00:48.770 As root I’ll run: pip3 install shodan 7 00:51.990 --> 01:00.010 And It’s installing the shodan CLI client. In my example it's already installed. 8 01:00.020 --> 01:06.230 Note that you install the CLI client the same way on Windows or Mac. 9 01:06.350 --> 01:11.660 Now we can see all available options by typing Shodan-hash 10 01:17.130 --> 01:18.960 In order to use the client 11 01:19.020 --> 01:28.680 we have to firstinitialize it using an API key. Each account has its own unique API key and you can 12 01:28.680 --> 01:33.480 find it on the shodan website under my account. 13 01:33.660 --> 01:39.420 Of course you need to be logged in with a free or paid account. 14 01:39.420 --> 01:41.680 This is my API key. 15 01:41.890 --> 01:47.800 I'm copying the key and then in the command line I'm executing 16 01:47.850 --> 01:52.170 shodan init and I'm pasting the key 17 01:54.970 --> 01:58.230 and it has successfully initialized. 18 01:58.240 --> 02:00.850 Now we can properly use the client. 19 02:00.980 --> 02:02.730 Let's see some examples! 20 02:03.830 --> 02:13.520 shodan counts a search term like this: shodan count "Chromecast:" 21 02:13.680 --> 02:22.370 Let's see how many Chromecast devices are on Shodan; so there are 76364 22 02:22.550 --> 02:32.230 Chromecast devices on Shodan. By the way Chromcast is a streaming media adapter from Google 23 02:32.500 --> 02:38.670 that allows users to play online content such as videos and the music on a TV. 24 02:38.710 --> 02:48.610 Many smart TV devices have Chromcast built in. Let's search for Chromcast devices shodan search 25 02:48.610 --> 02:49.270 "Chromecast:" 26 03:01.090 --> 03:11.770 and these are all Chromcast devices found on Shodan; if we want to see just a few fields we use 27 03:11.830 --> 03:14.870 this command shodansearch 28 03:14.920 --> 03:18.520 --fields and the fields 29 03:18.520 --> 03:25.800 I want to see IP_str, port, org and host names. 30 03:27.490 --> 03:30.580 It will display only these 4 fields. 31 03:33.690 --> 03:38.730 the IP, the por,t the organization and the hostname. 32 03:39.570 --> 03:48.350 Unfortunately in order to use complex filters in the Shodan CLI a premium account is required. Let's 33 03:48.350 --> 03:59.810 find more information about such a device, about this one. So shodan host and the IP address 34 04:03.510 --> 04:08.400 and it displayed information about that Chromcast device. 35 04:09.860 --> 04:19.570 You can also run shodan stats and search query. 36 04:19.810 --> 04:21.480 It will display statistics. 37 04:24.030 --> 04:29.040 You can see that the most Chromcast devices are in South Korea. 38 04:30.380 --> 04:36.380 And shodan my IP prints out your own external IP address. 39 04:36.710 --> 04:42.920 Then you can search for that IP address on Shodan to see if there is any vulnerable device that 40 04:42.920 --> 04:45.830 is accessible at your IP address. 41 04:45.860 --> 04:51.980 It also includes devices inside the LAN with port forwarding enabled.