如何在metasploit中使用shodan

简介

shodan是一个搜索引擎，怎么用什么的具体都去百度吧

注册shodan的账号

这个我就不说了

操作

首先打开metasploit
sudo service postgresql start
msfconsole

使用下面这个模块
use auxiliary/gather/shodan_search
查看要配置的参数

msf auxiliary(shodan_search) > show options

Module options (auxiliary/gather/shodan_search):

   Name           Current Setting  Required  Description
   ----           ---------------  --------  -----------
   DATABASE       false            no        Add search results to the database
   MAXPAGE        1                yes       Max amount of pages to collect
   OUTFILE                         no        A filename to store the list of IPs
   Proxies                         no        A proxy chain of format type:host:port[,type:host:port][...]
   QUERY                           yes       Keywords you want to search for
   REGEX          .*               yes       Regex search for a specific IP/City/Country/Hostname
   SHODAN_APIKEY                   yes       The SHODAN API key
   SSL            false            no        Negotiate SSL/TLS for outgoing connections

首先要的是一个APIKEY
这个在你的账号详情里面有
set shodan_apikey +你的apikey
然后设置QUERY，比如webcamxp
set QuERY “webcamxp”
之后run就好了

Having Fun