Zoomeye It’s one of the search engines that allows you to search for devices, sites and services. it’s a hacker search engine There was a lot of high-profile news related to Zoomeye on the web. The search engine has convenient functionality, flexible search settings and its own API. In this article we will talk about which keys the search engine supports, what you can find interesting, and also compare the results of Zoomeye and Shodan.
What is Zoomeye?
Zoomeye is a search engine developed by Chinese security company Knownsec Inc. The first release was released in 2013. Version 3 of the project is currently in use. ZoomEye uses Xmap and Wmap at its core to collect data from open devices / web services and for fingerprint analysis.
How do I search with Zoomeye?
On the Zoomeye website, you can enter several requests at once and see the issue, but more detailed information is available after registration. To get an account, you need to specify your mail and phone number After registration, a wider functionality opens and there is no restriction on viewing detailed information on hosts (in the guest mode, only 20 results are displayed). You can also see general statistics .
A very handy feature is the component catalog. The user can select any letter from the alphabet and select the name of the device, and the search engine will display the search results for this device. The Device list contains various models of cameras, printers, and other devices. A separate list for WEB has been implemented, which contains all technologies and CMS.
It is impossible not to tell about the built-in vulnerability database that is displayed during the search. They fit very conveniently into the functionality and you can immediately see the details without going to an additional site. Searching for a specific device displays a potential list of vulnerabilities. It is also worth noting the opportunity to view the issue on the map, as well as generate a report or share the results. Indeed, it is convenient, simple and fast.
The system has its own keys that improve the search. They are quite similar to Shodan and Censys. Let’s take a look at basic examples and then move on to more sophisticated queries. These keys can save you time, especially if you are looking for a specific version or, for example, a phrase in the meta description tag.
zoomeye search keys
Search by app and version
app: application name
ver: version
Example: app:OpenSSH +ver:4.3
Search by geolocation
country: country abbreviation (RU, US, PL, UK, UA, FR, etc.)
city: city
Example: country:Canada +city:Delta
Search by port and operating system
port: number
os: operating system
Example: os:linux +port:22 +country:PL
Search by services and host
service: service name (The list of all available services can be found on the link )
hostname: hostname
Example: service:ftp +hostname:www.microsoft.com
Search by IP
ip: IP address
cidr: network address
Example: cidr:109.71.46.0/24
Keyword search
site: site
keywords: keywords in
desc: information in the description in
headers: the name of the HTTP header
Example: site:google.com +headers:Server
Search by title
title: title of the page
Example: title:hacked
Interesting finds
Request: “ClearSCADA”
Systems that are designed for real-time management and development. Systems without authorization are available upon request, databases are open, a list of events, etc.
Example:"ClearSCADA"
Request: “beescms”
This is a CMS for online stores. Previously, a vulnerability was published that allows you to get a shell.
"beescms"
How to search for webcams on zoomeye
Request: speaker + app: “Mobotix Camera http config”
Mobotix webcams are available without authorization. Sometimes you come across door control systems from garages, light switches / switches, etc.
speaker +app: "Mobotix Camera http config"
Request:” mongodb”
Open databases mongodb. On the banner you can see what bases are and what size.
"mongodb"
Request: NessusWWW +”HTTP / 1.1 200 OK”
Nessus Vulnerability Scanner Authorization Forms
NessusWWW +"HTTP / 1.1 200 OK"
Compare Zoomeye and Shodan
For the experiment, let’s compare the results and which search engine has better results. In the experiment we will use a comparison plate to make it clear and accessible. As a result, 10 searches were made. The table below shows the number of results for each query and the total.
For 10 queries, 890,868,935 results were received from two search engines. Of these, only 13% from Shodan and 87% from Zoomeye . A simple and visual comparison of why it is worth looking towards a Chinese search engine. An overwhelming statistical advantage. In all 10 requests, Zoomeye has a clear advantage.
Conclusion
Zoomeye is a cool search engine for hackers. Convenient functionality, a sufficient number of keys for flexible search, API and an incredible number of search results. For basic use, just register. The system does not cut the number of requests and allows searching for almost any task (the limit is 10,000 requests per month). This means that this is another storehouse of information in the public domain.