Extract All IPs from Shodan Without Any Premium Account

By /

Listen to this Post

Shodan is a powerful search engine for discovering devices connected to the internet. While some features require a premium account, you can still extract IP addresses using Shodan’s free-tier API or CLI tools. Below are verified methods to achieve this.

You Should Know:

1. Using Shodan CLI (Official Tool)

First, install the Shodan CLI tool:

pip install shodan

Initialize your API key (get it from Shodan): 

shodan init YOUR_API_KEY

Search for devices (e.g., Apache servers):

shodan search 'apache' --fields ip_str,port --limit 100

Save results to a file:

shodan search 'apache' --fields ip_str,port --limit 100 > ips.txt

2. Using Shodan API with Python

Here’s a Python script to fetch IPs:

import shodan

API_KEY = 'YOUR_API_KEY' 
api = shodan.Shodan(API_KEY)

try: 
results = api.search('nginx') 
for result in results['matches']: 
print(result['ip_str']) 
except shodan.APIError as e: 
print(f"Error: {e}")

3. Using Shodan Dorks for Filtering

Use these search queries to refine results:

– `port:22` (SSH servers)
– `product:mysql` (MySQL databases)
– `os:windows` (Windows machines)
– `country:US` (US-based servers)

  1. Extracting IPs from Shodan without API (Web Scraping)
    If you prefer scraping (not recommended due to TOS), use `curl` and grep: 

    curl -s "https://www.shodan.io/search?query=apache" | grep -oE '([0-9]{1,3}.){3}[0-9]{1,3}' | sort -u

5. Automating with Shodan + Metasploit

For penetration testers:

msfconsole 
use auxiliary/gather/shodan_search 
set SHODAN_APIKEY YOUR_API_KEY 
set QUERY 'port:3389' 
run

What Undercode Say:

Shodan is a goldmine for cybersecurity professionals, but always use it ethically. Unauthorized scanning can be illegal. The methods above help extract IPs for research, bug bounties, or defensive security hardening.

For further learning, check these courses:

  1. Advanced Shodan Techniques
  2. Ethical Hacking with Shodan
  3. Network Security & Pentesting

Expected Output:

A structured list of IP addresses and ports based on your Shodan query, stored in `ips.txt` or displayed in the terminal.

123.45.67.89 80 
234.56.78.90 443 
...

Always verify permissions before scanning any network. Happy (ethical) hacking!

References:

Reported By: Zlatanh Extract – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Related Posts: