1
00:00:00,540 --> 00:00:05,940
‫Showdown is a search engine for Internet connected devices, showdown gathers information about all

2
00:00:05,940 --> 00:00:08,320
‫devices directly connected to the Internet.

3
00:00:08,850 --> 00:00:14,550
‫If a device is directly hooked up to the Internet, then Showdown queries it for various publicly available

4
00:00:14,550 --> 00:00:15,210
‫information.

5
00:00:15,750 --> 00:00:21,870
‫The types of devices that are indexed can vary tremendously, ranging from small desktops up to nuclear

6
00:00:21,870 --> 00:00:24,210
‫power plants and everything in between.

7
00:00:24,870 --> 00:00:26,430
‫How is it different from Google?

8
00:00:26,820 --> 00:00:33,000
‫The most fundamental difference is that Shodan crawls the Internet, whereas Google crawls the World

9
00:00:33,000 --> 00:00:33,640
‫Wide Web.

10
00:00:34,020 --> 00:00:40,380
‫However, the devices power in the World Wide Web only make up a tiny fraction of what's actually connected

11
00:00:40,380 --> 00:00:41,100
‫to the Internet.

12
00:00:41,580 --> 00:00:45,350
‫Showdowns goal is to provide a complete picture of the Internet.

13
00:00:46,080 --> 00:00:52,950
‫You can use the search parameters displayed in the slide country, use the country code you want to

14
00:00:52,950 --> 00:00:53,490
‫look for.

15
00:00:53,490 --> 00:00:58,260
‫For example, use GB for Great Britain, U.S., for United States, etc..

16
00:00:59,010 --> 00:01:01,230
‫City filters the results.

17
00:01:01,230 --> 00:01:06,480
‫According to the specified city, geo searches in a given location.

18
00:01:07,140 --> 00:01:14,610
‫Hostname filters the results according to the hoster domain name, given net searches and given IP or

19
00:01:14,610 --> 00:01:19,860
‫subnet range OS filters the results according to the operating system.

20
00:01:20,460 --> 00:01:26,490
‫Port searches for specific ports before after filters the results.

21
00:01:26,490 --> 00:01:33,270
‫According to the date show the results which are before or after the date given as a plus, you can

22
00:01:33,270 --> 00:01:38,670
‫see the current Shodan scans on Ixtapa radar showed Engardio.

23
00:01:39,810 --> 00:01:44,100
‫Let's try to find out the accessible Cisco device interfaces in Great Britain.

24
00:01:47,650 --> 00:01:55,870
‫In the search box search for Cisco and last modified words, use country, search the parameters with

25
00:01:55,870 --> 00:01:56,750
‫the GB code.

26
00:01:57,400 --> 00:02:00,030
‫Now you can use the country code in double quotes.

27
00:02:00,220 --> 00:02:06,880
‫Otherwise, don't let any space occur between the country colon parameter and zip code.

28
00:02:17,250 --> 00:02:23,160
‫When you start the search, you'll see the results in a few seconds, so from the results, you will

29
00:02:23,160 --> 00:02:27,030
‫probably face the login pages of Cisco interfaces.

30
00:02:27,480 --> 00:02:32,790
‫You've already found something you can perform, for example, a brute force attack on the login page.

31
00:02:44,390 --> 00:02:49,700
‫If you're luckier, you can find a Cisco device manager interface like the one seen on the slide.