如何在metasploit中使用shodan

简介

shodan是一个搜索引擎,怎么用什么的具体都去百度吧

注册shodan的账号

这个我就不说了

操作

首先打开metasploit sudo service postgresql start msfconsole

使用下面这个模块 use auxiliary/gather/shodan_search 查看要配置的参数

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
msf auxiliary(shodan_search) > show options

Module options (auxiliary/gather/shodan_search):

   Name           Current Setting  Required  Description
   ----           ---------------  --------  -----------
   DATABASE       false            no        Add search results to the database
   MAXPAGE        1                yes       Max amount of pages to collect
   OUTFILE                         no        A filename to store the list of IPs
   Proxies                         no        A proxy chain of format type:host:port[,type:host:port][...]
   QUERY                           yes       Keywords you want to search for
   REGEX          .*               yes       Regex search for a specific IP/City/Country/Hostname
   SHODAN_APIKEY                   yes       The SHODAN API key
   SSL            false            no        Negotiate SSL/TLS for outgoing connections

首先要的是一个APIKEY 这个在你的账号详情里面有 set shodan_apikey +你的apikey 然后设置QUERY,比如webcamxp set QuERY “webcamxp” 之后run就好了

Having Fun