1
00:00:00,510 --> 00:00:05,910
Showdown is a search engine for Internet connected devices, showdown gathers information about all

2
00:00:05,910 --> 00:00:08,290
devices directly connected to the Internet.

3
00:00:08,820 --> 00:00:14,520
If a device is directly hooked up to the Internet, then Showdown queries it for various publicly available

4
00:00:14,520 --> 00:00:15,180
information.

5
00:00:15,720 --> 00:00:21,870
The types of devices that are indexed can vary tremendously, ranging from small desktops up to nuclear

6
00:00:21,870 --> 00:00:24,180
power plants and everything in between.

7
00:00:24,870 --> 00:00:26,400
How is it different from Google?

8
00:00:26,790 --> 00:00:32,970
The most fundamental difference is that Shodan crawls the Internet, whereas Google crawls the World

9
00:00:32,970 --> 00:00:33,610
Wide Web.

10
00:00:33,990 --> 00:00:40,350
However, the devices power in the World Wide Web only make up a tiny fraction of what's actually connected

11
00:00:40,350 --> 00:00:41,100
to the Internet.

12
00:00:41,550 --> 00:00:45,320
Showdowns goal is to provide a complete picture of the Internet.

13
00:00:46,050 --> 00:00:52,920
You can use the search parameters displayed in the slide country, use the country code you want to

14
00:00:52,920 --> 00:00:53,460
look for.

15
00:00:53,460 --> 00:00:58,230
For example, use GB for Great Britain, U.S., for United States, etc..

16
00:00:58,980 --> 00:01:01,200
City filters the results.

17
00:01:01,200 --> 00:01:06,450
According to the specified city, geo searches in a given location.

18
00:01:07,080 --> 00:01:14,580
Hostname filters the results according to the hoster domain name, given net searches and given IP or

19
00:01:14,580 --> 00:01:19,830
subnet range OS filters the results according to the operating system.

20
00:01:20,430 --> 00:01:26,460
Port searches for specific ports before after filters the results.

21
00:01:26,460 --> 00:01:33,240
According to the date show the results which are before or after the date given as a plus, you can

22
00:01:33,240 --> 00:01:38,670
see the current Shodan scans on Ixtapa radar showed Engardio.

23
00:01:39,780 --> 00:01:44,070
Let's try to find out the accessible Cisco device interfaces in Great Britain.

24
00:01:48,710 --> 00:01:56,900
In the search box search for Cisco and last modified words, use country, search the parameters with

25
00:01:56,900 --> 00:01:57,780
the GB code.

26
00:01:58,430 --> 00:02:01,070
Now you can use the country code in double quotes.

27
00:02:01,280 --> 00:02:07,940
Otherwise, don't let any space occur between the country colon parameter and zip code.

28
00:02:18,260 --> 00:02:24,200
When you start the search, you'll see the results in a few seconds, sir, from the results, you will

29
00:02:24,200 --> 00:02:28,070
probably face the login pages of Cisco interfaces.

30
00:02:28,520 --> 00:02:33,830
You've already found something you can perform, for example, a brute force attack on the login page.

31
00:02:45,460 --> 00:02:50,730
If you're luckier, you can find a Cisco device manager interface like the one seen on the slide.