This page includes a search of the Internet for key terms with the banner as a result (for the Top 10) [Search IP addresses][Search Top sites]:
IoT Banner Scan |
The services Shodan searches for are:
Port Service --------------------- 9200 ElasticSearch 6666 Voldemort 62078 iPhone 5094 HART-IP 137 NetBIOS 1962 PCWorx 9160 Cassandra 2323 Telnet (2323) 25 SMTP 3128 Squid Proxy 21 FTP 22 SSH 23 Telnet 5986 WinRM 2.0 + SSL 3790 Metasploit 5985 WinRM 2.0 2404 IEC-104 5901 VNC (5901) 2152 GPRS Tunneling Protocol 995 POP3 + SSL 5060 SIP 993 IMAP + SSL 992 Telnet + SSL 8140 Puppet Master 523 IBM DB2 8333 Bitcoin 123 NTP 129 Password generator protocol 9981 HTS/ tvheadend 1023 Telnet (1023) 53 DNS 4022 Udpxy 2067 DLSW 7657 HTTP (7657) 32764 Router backdoor 9999 Telnet (Lantronix) 88 Kerberos 111 Portmap 8139 Puppet Agent 8443 HTTPS (8443) 3306 MySQL 9151 Tor control port 80 HTTP 81 HTTP (81) 119 NNTP 84 HTTP (84) 3386 GPRS Tunneling Protocol 8888 AndroMouse 5560 Oracle HTTP 3479 2-Wire RPC 3388 RDP (3388) 3389 RDP 18246 General Electric SRTP 7 Echo 18245 General Electric SRTP 50100 Telnet 1234 Udpxy 5001 Synology 5000 Synology 5007 Mitsubishi MELSEC-Q 5006 Mitsubishi MELSEC-Q 443 HTTPS 55553 Metasploit (55553) 5008 NetMobility 55554 Metasploit (55554) 445 SMB 11211 MemCache 8129 Snapstream 9000 NAS Web Interfaces 102 Siemens S7 389 LDAP 1434 MS-SQL Monitor 6000 X Windows 27017 MongoDB 8090 Insteon Hub 37 rdate 1723 PPTP 16010 Hbase 2375 Docker 2376 Docker + SSL 515 Line Printer Daemon 7547 Modem Web Interface 623 IPMI 626 serialnumbered 2455 Codesys 47808 BACnet 3000 ntop 67 DHCP 8098 Riak Web Interface 1900 UPnP 5432 PostgreSQL 4949 Munin 5900 VNC 28017 MongoDB Web Interface 789 Red Lion 502 Modbus 500 IKE 631 CUPS 8069 OpenERP 465 SMTP + SSL 2628 Dictionary 3780 Nexpose 4443 Symantec Data Center Securi 20000 DNP3 1911 Tridium Fox 10243 Microsoft-HTTPAPI/2.0 161 SNMP 11 Systat 13 Daytime 15 Netstat 17 Quote of the day 19 Character Generator 5222 XMPP 8181 GlassFish Server 9943 Pipeline Pilot + SSL 9944 Pipeline Pilot 8834 Nessus 110 POP3 2087 WHM + SSL 10000 Webmin 10001 Automated Tank Gauge 4369 Erlang Port Mapper Daemon 1200 Codesys 9100 Printer Job Language 8089 Splunk 20547 ProConOS 25565 Minecraft 83 HTTP (83) 9051 Tor control port 5357 Microsoft-HTTPAPI/2.0 5353 mDNS 6379 Redis 82 HTTP (82) 7071 Zimbra HTTP 44818 EtherNetIP 7777 Oracle 64738 Mumble server 49152 Supermicro Web Interface 9600 OMRON FINS 771 RealPort 143 IMAP 4500 IKE-NAT-T 4040 Chef 8000 Qconn 79 Finger 2123 GPRS Tunneling Protocol 8087 Riak Protobuf 8080 HTTP (8080) 2082 cPanel 2083 cPanel + SSL 2086 WHM 1604 Citrix 5632 PC Anywhere 4911 Tridium Fox + SSL 1471 Hak5 Pineapple
The protocols it scans for are:
ibm-db2-das Grab basic information about the IBM DB2 Database Server. redlion-crimson3 A fingerprint for the Red Lion HMI devices running CrimsonV3 redis Redis banner grabbing module gardasoft-vision Grabs the version for the Gardasoft controller. natpmp Checks whether NAT-PMP is exposed on the device. java-rmi Check whether the device is running Java RMI. hbase Grab the status page for HBase database software. secure-fox Grabs a banner for proprietary FOX protocol by Tridium nuclear-rat Checks whether the device is a C2 for Nuclear RAT. line-printer-daemon Get a list of jobs in the print queue to verify the device is a printer. yahoo-smarttv Checks whether the device is running the Yahoo Smart TV device communication service. plc5 Checks whether the device is running Poison Ivy. printer-job-language Get the current output from the status display on a printer mqtt Grab a list of recent messages from an MQTT broker. http-supermicro HTTP banner grabbing module for Supermicro servers xmpp Sends a hello request to the XMPP daemon bittorrent-tracker Check whether there is a BitTorrent tracker running. automated-tank-gauge Get the tank inventory for a gasoline station. ike-nat-t Checks wheter a device is running a VPN using IKE and NAT traversal. smarter-coffee Checks the device status of smart coffee machines. telnets Telnet wrapped in SSL banner grabbing module ventrilo Gets the detailed status information from a Ventrilo server. pptp Connect via PPTP ipmi Checks whether a device is running IPMI remote management software. udpxy Udpxy banner grabbing module dns-udp Try to determine the version of a DNS server by grabbing version.bind iec-61850 MMS protocol wemo-http Connect to a Wemo Link and grab the setup.xml file ssh Get the SSH banner, its host key and fingerprint portmap-udp Get a list of processes that are running and their ports. qrat Determine whether a server is running a QRAT C&C citrix-apps This module attempts to query Citrix Metaframe ICA server to obtain a published list of applications. riak Sends a ServerInfo request to Riak ldap-tcp LDAP banner grabbing module general-electric-srtp Check whether the GE SRTP service is active on the device. http-simple Grabs the HTTP banner for a server but doesnt grab robots or anything else. melsec-q-udp Get the CPU information from a Mitsubishi Electric Q Series PLC. statsd-admin Gathers statistics from the StatsD service. x11 Connect to X11 w/ no auth and grab the resulting banner. echo-udp Checks whether the device is running echo. kilerrat Determine whether a server is running a KilerRAT C&C mumble-server Grabs the version information for the Murmur service (Mumble server) mysql Grabs the version of the running MySQL server poison-ivy-rat Checks whether the device is running Poison Ivy. oracle-tns Check whether the Oracle TNS Listener is running. codesys Grab a banner for Codesys daemons portmap-tcp Get a list of processes that are running and their ports. hifly Checks whether the HiFly lighting control is running. ftp Grab the FTP banner rsync Get a list of shares from the rsync daemon. njrat Determine whether a server is running a njRAT C&C melsec-q-tcp Get the CPU information from a Mitsubishi Electric Q Series PLC. fox Grabs a banner for proprietary FOX protocol by Tridium newline-tcp Connect to a server with TCP and send a newline. imap-ssl Get the welcome message of the secure IMAP server opc-ua Grab a list of nodes from an OPC UA service gtp-v1 Checks whether the device is running a GPRS Tunnel. dhcp Send a DHCP INFORM request to learn about the lease information from the DHCP server. nntp Get the welcome message of a Network News server smb Grab a list of shares exposed through the Server Message Block service steam-dedicated-server-rcon Checks whether an IP is running as a Steam dedicated game server with remote authentication enabled. dictionary Connects to a dictionary server using the DICT protocol. ntp Get a list of IPs that NTP server recently saw and try to get version info. tor-versions Checks whether the device is running the Tor OR protocol. clamav Determine whether a server is running ClamAV netmobility Checks whether the device is a NetMobility. frdm-1234 Checks for FRDM. ike Checks wheter a device is running a VPN using IKE. teamviewer Determine whether a server is running TeamViewer hbase-old Grab the status page for old, deprecated HBase database software. netbios Grab NetBIOS information including the MAC address. postgresql Collects system information from the PostgreSQL daemon rdp RDP banner grabbing module omron-tcp Gets information about the Omron PLC. tor-control Checks whether a device is running the Tor control service. smtps Grab a banner and certificate for SMTPS servers bgp Checks whether the device is running BGP. bacnet Gets various information from a BACnet device. rdate Get the time from a remote rdate server serialnumbered Checks for other servers with the same serial number on the local network. AAAAAA is a dummy value. ibm-nje Check whether the z/OS Network Job Entry service is running. minecraft Gets the server status information from a Minecraft server realport Get the banner for the Digi Realport device wdbrpc Checks whehter the WDB agent (used for debugging) is enabled on a VxWorks device. dnp3 A dump of data from a DNP3 outstation blackshades Determine whether a server is running a Blackshades C&C mdns Perform a DNS-based service discovery over multicast DNS git Check whether git is running. ldap-udp CLDAP banner grabbing module dicom Checks whether the DICOM service is running. snmp Gets the sysDescr.0 MIB of the SNMP service. bitcoin Grabs information about a Bitcoin daemon, including any devices connected to it. ldaps LDAPS banner grabbing module toshiba-pos Grabs device information for the IBM/ Toshiba 4690. https HTTPS banner grabbing module dahua-dvr Grab the serial number from a Dahua DVR device. zookeeper Grab statistical information from a Zookeeper node quic Checks whether a service supports the QUIC HTTP protocol kerberos Checks whether a device is running the Kerberos authentication daemon. idevice Connects to an iDevice and grabs the property list. hart-ip-udp Checks whether the IP is a HART-IP gateway. memcache Get general information about the Memcache daemon telnet Telnet banner grabbing module pop3-ssl Grab the secure POP3 welcome message moxa-nport Attempts to grab information from Moxna Nport devices. kamstrup Kamstrup Smart Meters imap Get the welcome message of the IMAP server lifx Check whether there is a BitTorrnt tracker running. proconos Gets information about the PLC via the ProConOs protocol. munin Check whether a Munin node is active and list its plugins tacacs Check whether the device supports TACACS+ AAA. voldemort Pings the Voldemort database. apple-airport-admin Check whether the device is an Apple AirPort administrative interface. pcworx Gets information about the Omron PLC. iec-104 Banner grabber for the IEC-104 protocol. nodata-tcp-ssl Connect to a server using SSL and without sending any data. ms-sql-monitor Pings an MS-SQL Monitor server smtp Get basic SMTP server response flux-led Grab the current state from a Flux LED light bulb. rip Checks whether the device is running the Routing Information Protocol. steam-a2s Get a list of IPs that NTP server recently saw and try to get version info. ethernetip Grab information from a device supporting EtherNet/IP over TCP https-simple-new HTTPS banner grabber only (no robots, sitemap etc.) upnp Collects device information via UPnP. cassandra Get cluster information for the Cassandra database software. lantronix-udp Attempts to grab the setup object from a Lantronix device. sip Gets the options that the SIP device supports. amqp Grab information from an AMQP service newline-udp Connect to a server with UDP and send a newline. iscsi Determine whether a server is an iSCSI target couchdb HTTP banner grabbing module s7 Communicate using the S7 protocol and grab the device identifications. open-tcp Checks whether a port is open and nothing else. epmd Get a list of Erlang services and the ports they are listening on dns-tcp Try to determine the version of a DNS server by grabbing version.bind andromouse Checks whether the device is running the remote mouse AndroMouse service. dht Gets a list of peers from a DHT node. ethernetip-udp Grab information from a device supporting EtherNet/IP over UDP http HTTP banner grabbing module http-simple-new HTTP banner grabber only (no robots, sitemap etc.) mongodb Collects system information from the MongoDB daemon. vertx-edge Checks whether the device is running the VertX/ Edge door controller. pcanywhere-status Asks the PC Anywhere status daemon for basic information. rtsp-tcp Determine which options the RTSP server allows. ikettle Check whether the device is a coffee machine/ kettle. nodata-tcp Connect to a server without sending any data and store whatever it returns. matrikon-opc Checks whether the device is running Matrikon OPC. pop3 Grab the POP3 welcome message http-check HTTP banner grabbing module for Supermicro servers coap Check whether the server supports the CoAP protocol modbus Grab the Modbus device information via functions 17 and 43. frdm-60007 Checks for FRDM. ubiquiti-discover Grabs information about the Ubiquiti-powered device knx Grabs the description from a KNX service.