Table: shodan_exploit - Query Shodan Exploits using SQL
Shodan Exploits is a feature within that allows users to search for known vulnerabilities and exploits in software or hardware. It provides a comprehensive database of exploits from various sources including CVE, Metasploit, Exploit DB, and Packet Storm. Shodan Exploits helps users stay informed about potential vulnerabilities and take appropriate actions when identified.
Table Usage Guide
The shodan_exploit
table provides insights into known exploits within Shodan service. As a security analyst, explore exploit-specific details through this table, including descriptions, sources, and associated metadata. Utilize it to uncover information about potential vulnerabilities, such as those related to specific software or hardware, and the details of the exploits available.
Important Notes
- You must specify the
query
in thewhere
clause to query this table.
Examples
Find vulnerabilities related to lodash
Uncover the details of potential vulnerabilities linked to the lodash library. This query is particularly useful for identifying potential security risks associated with the use of lodash in your applications.
select *from shodan_exploitwhere query = 'lodash';
select *from shodan_exploitwhere query = 'lodash';
Find exploits with Bugtraq ID
Discover the segments that are vulnerable to specific exploits by identifying instances where the Bugtraq ID is a match. This can help increase your system's security by pinpointing potential weaknesses.
select *from shodan_exploitwhere query = 'bid:91451';
select *from shodan_exploitwhere query = 'bid:91451';
Find exploits for a given port
Discover the vulnerabilities associated with a specific network port to enhance your cybersecurity measures and protect against potential threats.
select *from shodan_exploitwhere query = 'port:5432';
select *from shodan_exploitwhere query = 'port:5432';
Schema for shodan_exploit
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
alias | jsonb | Alias for the exploit. | |
arch | jsonb | Architecture for the exploit. | |
author | text | The author of the exploit/vulnerability. | |
bid | jsonb | The Bugtraq ID for the exploit. | |
code | text | The actual code of the exploit. | |
cve | jsonb | The Common Vulnerability and Exposures ID for the exploit. | |
date | text | Date when the exploit was released. | |
description | text | The description of the exploit, how it works and where it applies. | |
id | text | Unique ID for the exploit/vulnerability. | |
msb | jsonb | The Microsoft Security Bulletin ID for the exploit. | |
osvdb | jsonb | The Open Source Vulnerability Database ID for the exploit. | |
platform | jsonb | The operating system that the exploit targets. | |
port | bigint | The port number for the affected service if the exploit is remote. | |
privileged | boolean | True if the exploit is privileged. | |
query | text | = | Query string for the exploit search. |
rank | text | Rank for the exploit. | |
source | text | The name of the data source. Possible values are: CVE, ExploitDB, Metasploit. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
title | text | The title or short description for the exploit if available. | |
type | text | The type of exploit. | |
version | text | Version of the exploit. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- shodan
You can pass the configuration to the command with the --config
argument:
steampipe_export_shodan --config '<your_config>' shodan_exploit