Shodan and Google Hacking Lab Part 1

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

2 hours 37 minutes
Video Transcription
Hi, everyone. Welcome back to the course. So in the last video, we wrapped up our discussion on who is
in this video. We're gonna start off with Showdown, which is commonly known as a hacker search engine were. Then we're gonna talk about the Google hacking database and finally will wrap up by doing a simple search.
So let's go ahead and get started.
So Step number one, just launch a Web browser. Now, I'm doing this lab inside of a Cali virtual machine and using Firefox. But all you actually need for this entire lab is just any Web browser.
So once you launch your web browser, we're just gonna type show Dan in the search box. So s h o d a n.
And then just go ahead and search for that. And commonly it should be somewhere near the top of the search results that show up.
Once you find the website, just go ahead and click on it.
While we're waiting for that to pull up, we'll go back to our lab document.
All right, so we just did step three here and then step for
now. If this is your first time ever coming to showed in. You'll want to create an accounts just so you can actually perform the search is that we're gonna do
now. They have a free version in a paid version, so I actually have the paid version. So you'll notice that mine shows you a lot more results and allows you to do a lot more stuff. Whereas the free account will limit you to searching for just a couple of pages in the search results, so you'll notice that difference there. If you're using the free version of it,
you won't get us much information back is I get with mine.
But in any event, you could still perform the lab. The whole concept here is a show. You showed an and show you kind of what you can get back from the search.
All right, So once you've created your account, you'll have to verify they send you an email to verify your actual real person on. And then once you do that, you'll get locked into your account. I'm already loving to mine here on some will. Go ahead and keep going on with the search. Now, if you don't have an account, go ahead. and pause a video right now and then just come back to the video once you've created, verified
and then actually loved into your camp.
All right, so once you're back
here is step five. We're gonna go to the search box of the top of left of our screen here, and we're just gonna type in the word Cisco.
So what is going to do is just search for anything with Cisco in the description or in the in the naming convention of.
So let's go ahead. Do that now. So what is type in Cisco and then just press enter on your keyboard or anything to stick the little search the little magnifying glass right here, If you want to,
might take a moment or so it's going to search through the entire showed and database.
We'll give it a second to do so. And as I mentioned, I've got the page version, so it might take a little time to pull all that information back.
And there we are.
So you're going to see that first things first, you pull up. What? You have different. I p addresses for us.
So question number one I want you to look and see.
What is the total number of results that you received in the search?
All right, so we see on my end, I received roughly about 2.4 million results back.
All right, That's a lot of results. And that would take us forever to look through. So a faster way of doing things is actually narrowing dollars down our shirts. Right.
So let's go ahead, do that now. So we're gonna narrow down our search, and I'm just gonna click on the United States. You can actually pick any country you want you, whichever one you want to choose. But I'm gonna choose the United States there,
so just go ahead and click on that.
You'll see. It'll narrow it down again.
All right, So now what's the total number of search results that you get once we've cooked on the United States or whichever country you chose?
What's the total number of searchers? Also, you get back.
So you see, I gotten back roughly about 1/2 1,000,000.
Great. So our next step here is we're gonna click on a city on the left side. So again, it doesn't matter what city you pick whichever one you want to choose. And again that may very based on the country you've chosen. I think I'm just gonna pick on Chicago just since it's got a whole lot there.
So go ahead and click on that as well.
All right? Now, did you notice that there was a big difference in the search results by city? So question number three here, based off the city you had chosen, was there a big variance in the number of search results? So, for example, in Chicago, I've gotten, you know, around 6000. I had looked at Previa as some other cities on that list before that had about 4000. So
for me,
it did seem like it kind of worried a little bit from the top number to some of the mid range search results. However, you know you'll have to look on your end of what city you've chosen and see if there's a big difference in the search results.
All right, so now what we're gonna do is we're just gonna take a look at some of the machines that we found in our search here. Now, we're not gonna go in depth on these and I don't want to pull it too much information on these because these are actual
targets out. There are potential targets. So hopefully no, no bad criminal hackers were watching this, but in any event, they would obviously know how to find this stuff anyway, So
we'll see several different things here. You know, you'll see. We have I p addresses. It'll show us what it thinks the operating system is.
You know, she wants where it found the Cisco act, right? So it could just be in the naming convention. Somehow, your they're using Cisco what we would really want to try to find, which, um,
when I searched doing this before, I didn't find it. And that's kind of why I used this as the example for the slap. But what we would also want to try to find is this. If there's a default user name and password and use, you know, because a lot of times on Cisco Devices people will leave the default username and password. So searching for Cisco would actually pull up that information for us.
You'll also see, you know, it'll it'll mentioned, you know, also in these search results if I click on them, Uh, don't mention some additional information about our targets.
Now you'll see some on authorized connections. It looks like Comcast. You'll see we got a T T universe. So basically just different service providers. These are gonna be home routers and stuff or possibly business runners. But in most cases, it'll be a home router.
So we'll just click on this random one here.
All right, So, you know, we could get some basic information here again. You know, we can get the operating system, or at least what it thinks the operating system and uses. We could find out some information about the encryption and use. You know, not a whole lot information on this particular one. Sometimes you'll see port numbers here for this one. We don't We don't see that those are exposed or anything. Um,
but, you know, it does give us a basic information that we could potentially use
as part of our targeting.
Now, we can also search for, you know, Marcus are after something like that, you know, again our target, Or, you know, for the mark majority of these lapses Microsoft dot com. But in this case, We don't need to worry about that. It would really just be searching for Microsoft Devices. Now, if we knew the i p address of some device for Microsoft,
then we could potentially put that in here and see if there's any good information back on potential vulnerabilities.
in our lab document, here are kind of answered question for for us already. But go ahead and think to yourself What kind of information do you see? So on your end of things, when you're searching here and showed in what kind of information are you getting back?
All right. So again, I mentioned that some of the things that I had seen so you know, of course, I p address. And then, you know, one of the more important things is what operating system it's projecting that might be in use by that particular device.
All right, so in this video, we just covered showdown at a very high level. We just performed a quick search, and if you didn't have a showdown account, you either got signed up for the free or the paid version of it and got lodged in on. And then we were able to perform our search. Now again, as I mentioned with a free account, you are limited on your searching ability on but the paid account.
I guess I'm not Showdown Spokesperson, but with the paid account, you get a lot more search results
as well as some other bonuses and stuff like that. So many event. None of that's pertinent to our lap. And we just want to get you signed up so you could actually perform the lab.
In this video we covered Showdown in the next video, we're gonna actually talk about the Google hacking database.
Up Next