Shodan.io is a search engine for the internet of things. There is a room about Shodan in Tryhackme and this walk-through is about that.
Due to the nature of Shodan and its scanning services, the answer is changing all the time. So keep trying.
Task 01
An autonomous system number (ASN) is a global identifier of a range of IP addresses. Basically, large companies like Google, Microsoft have their own ASN for all of the IP addresses they own.
To find out ASN, first, we can search their IP address: ping google.com
We can put the IP address into an ASN lookup tool such as ultralools/asninfo
[It is mentioned by David Paine (see on the comment) that the above link isn't working. You should check another which he suggested: DNSchecker]
Though, we can put the company name here to find the ASN, using the IP address seems the easiest one to me.
On shodan, we can search using the ASN filter. The filter is: ASN:[number]
here, the number is marked on the picture.
Task 02
- What is Google's ASN number?
Ans: You know it now. ;)
- When it was allocated?
Ans: Again, look at the details.
- Where are most of the machines on this ASN number, physically in the world?
Ans: United States.
- What is Google's top service across all their devices on this ASN?
Ans: SSH.
- What SSH product does Google use?
Ans: OpenSSH.
- What is Google's most used Google product, according to this search? Ignore the word "Google".
Ans: Cloud.
Task 03
Here is a list of filters for shodan:
- product: product Name (ex: MySQL)
- city
- country
- Geo (co-ordinates)
- Hostname
- net (based on IP/CIDR)
- os (find operating systems)
- port
- before/after (time-frames)
Task 04
- What is the top operating system for MYSQL servers in Google's ASN?
Ans: 5.6.40–84.0-log
- What is the 2nd most popular country for MYSQL servers in Google's ASN?
Ans: Netherlands.
- Under Google's ASN, which is more popular for Nginx, Hypertext Transfer Protocol, or Hypertext Transfer Protocol(s)?
Ans: HyperText Transfer Protocol.
Port 80 stands for HTTP; port 443 stands for HTTPs.
- Under Google's ASN, what is the most popular city?
Ans: Mountain View. (Answer changes tiem to time)
- Under Google's ASN in Los Angeles, what is the top operating system according to Shodan?
Ans: PAN-OS.
- Using the top Webcam search from the explore page, does Google's ASN have any webcams? Yay / nay.
Ans: Nay.
Task 05
Shodan has a limit on the free user account. It has an API, use it for more searches.
Top comments (2)
Your post is amazing. But one of your mentioned links for the ANS Lookup is not functional anymore (ultratools link). Their website is not responding. Here is another link that I should suggest from an authoritative website. You must check it out
Here is the link to that ANS Lookup tool
dnschecker.org/asn-whois-lookup.php
That would be pretty helpful for your reader
Thanks! I updated the post with your suggestion!
And, also sorry for the late response!