概述
- 工业控制系统
- 远程桌面
- 网络基础设施
- 网络存储设备(NAS)
- 网络摄像头
- 打印机和复印机
- 家庭智能设备
- 其他
工业控制系统
三星电子牌
"Server: Prismview Player"
12
加油站泵控制器
"in-tank inventory" port:10001
12
自动车牌记录器
P372 "ANPR enabled"
12
交通信号控制灯
mikrotik streetlight
12
美国投票机
"voter system serial" country:US
12
和思科拦截监听设备有关的电信公司
"Cisco IOS" "ADVIPSERVICESK9_LI-M"
12
监狱公用电话
"[2J[H Encartele Confidential"
12
特斯拉PowerPack充电系统
http.title:"Tesla PowerPack System" http.component:"d3" -ga3ca4f2
12
电动汽车充电器
"Server: gSOAP/2.8" "Content-Length: 583"
12
海上卫星
"Cobham SATCOM" OR ("Sailor" "VSAT")
12
Shodan有一个实时绘制船舶位置的功能!
潜艇任务控制面板
title:"Slocum Fleet Mission Control"
12
CAREL PlantVisor制冷机组
"Server: CarelDataServer" "200 Document follows"
12
使用Nordex风力涡轮机的农场
http.title:"Nordex Control" "Windows 2000 5.0 x86" "Jetty/3.1 (JSP 1.1; Servlet 2.2; java 1.6.0_14)"
12
C4 Max汽车GPS跟踪器
"[1m[35mWelcome on console"
12
DICOM医用X射线机器
"DICOM Server Response" port:104
12
GaugeTech电表Meters
"Server: EIG Embedded Web Server" "200 Document follows"
12
西门子工业控制器
"Siemens, SIMATIC" port:161
12
西门子HVAC控制器
"Server: Microsoft-WinCE" "Content-Length: 12581"
12
门禁控制器
"HID VertX" port:4070
12
铁路管理系统
"log off" "select the appropriate"
12
远程桌面
未被保护的VNC
"authentication disabled" "RFB 003.008"
12
Shodan的Images可以帮你截图!
Windows的远程桌面
"\x03\x00\x00\x0b\x06\xd0\x00\x00\x124\x00"
12
基础网络架构
MongoDB
老版本的MongoDB往往一堆安全问题。
"MongoDB Server Information" port:27017 -authentication
12
Mongo Express网页界面
"Set-Cookie: mongo-express=" "200 OK"
12
Jenkins
"X-Jenkins" "Set-Cookie: JSESSIONID" http.title:"Dashboard"
12
Docker的API
"Docker Containers:" port:2375
12
Pi-hole开放DNS服务器
"dnsmasq-pi-hole" "Recursion: enabled"
12
以root登录的Telent
"root@" port:23 -login -password -name -Session
12
Android Root Bridges
"Android Debug Bridge" "Device" port:5555
12
Lantronix串行以太网适配器(存在密码泄露缺陷)
Lantronix password port:30718 -secured
12
Citrix Virtual Apps
"Citrix Applications:" port:1604
12
Cisco Smart Install (曝出过RCE漏洞)
"smart install client active"
12
PBX网络电话网关
PBX "gateway console" -password port:23
12
Polycom视频会议软件
http.title:"- Polycom" "Server: lighttpd"
Telent端口
"Polycom Command Shell" -failed port:23
12345
Bomgar Help Desk门户
"Server: Bomgar" "200 OK"
12
Intel主动管理功能(CVE-2017–5689)
"Intel(R) Active Management Technology" port:623,664,16992,16993,16994,16995
12
HP iLO 4(CVE-2017–12542)
HP-ILO-4 !"HP-ILO-4/2.53" !"HP-ILO-4/2.54" !"HP-ILO-4/2.55" !"HP-ILO-4/2.60" !"HP-ILO-4/2.61" !"HP-ILO-4/2.62" !"HP-iLO-4/2.70" port:1900
12
Outlook网页界面
Exchange 2007:
"x-owa-version" "IE=EmulateIE7" "Server: Microsoft-IIS/7.0"
Exchange 2010:
"x-owa-version" "IE=EmulateIE7" http.favicon.hash:442749392
Exchange 2013/2016:
"X-AspNet-Version" http.title:"Outlook" -"x-owa-version"
123456789
商用Skype/Lync
"X-MS-Server-Fqdn"
12
NAS
SMB文件分享
"Authentication: disabled" port:445
域控制器:
"Authentication: disabled" NETLOGON SYSVOL -unix port:445
12345
可匿名登录的FTP
"220" "230 Login successful." port:21
12
Iomega/LenovoEMC的NAS驱动
"Set-Cookie: iomega=" -"manage/login.html" -http.title:"Log In"
12
Buffalo TeraStation的NAS驱动
Redirecting sencha port:9000
12
罗技多媒体服务器
"Server: Logitech Media Server" "200 OK"
12
Plex多媒体服务器
"X-Plex-Protocol" "200 OK" port:32400
12
Tautulli/PlexPy主面板
"CherryPy/5.1.0" "/home"
12
网络摄像头
Yawcams
"Server: yawcam" "Mime-Type: text/html"
12
webcamXP/webcam7
("webcam 7" OR "webcamXP") http.component:"mootools" -401
12
Android网络摄像头服务器
"Server: IP Webcam Server" "200 OK"
12
安全硬盘录像机
html:"DVR_H264 ActiveX"
12
打印机和复印机
HP打印机
"Serial Number:" "Built:" "Server: HP HTTP"
12
Xerox打/复印机
ssl:"Xerox Generic Root"
12
Epson打印机
"SERVER: EPSON_Linux UPnP" "200 OK"
"Server: EPSON-HTTP" "200 OK"
123
佳能打印机
"Server: KS_HTTP" "200 OK"
"Server: CANON HTTP Server"
123
家庭智能设备
雅马哈音响
"Server: AV_Receiver" "HTTP/1.1 406"
12
苹果AirPlay接受器(Apple TVs, HomePods等)
"\x08_airplay" port:5353
12
Chromecasts/Smart TV
"Chromecast:" port:8008
12
Crestron智能家居控制器
"Model: PYNG-HUB"
12
其他
OctoPrint的3D打印机
title:"OctoPrint" -title:"Login" http.favicon.hash:1307375944
12
挖矿软件
"ETH - Total speed"
12
Apache目录遍历(以pem文件为目标)
http.title:"Index of /" http.html:".pem"
12
Minecraft服务器
"Minecraft Server" "protocol 340" port:25565
12
朝鲜的一些设备
net:175.45.176.0/22,210.52.109.0/24,77.94.35.0/24
1
TCP的每日Quote
port:17 product:"Windows qotd"