دورک های محبوب پیدا کردن دوربین در Shodan 

"IP Camera" "HTTP/1.1 200 OK"
Basic realm="IP Camera"
admin/admin web camera
Steven
Cameras

General camera search
camera - 3,384,969 results

Hikvision IP Cameras
product:"Hikvision IP Camera" - 2,447,005 results
Backdoor exploit at https://ipvm.com/reports/hik-exploit

Webcams running on IPCam Client
title:"IPCam Client" - 53,753 results

Older webcams running on GeoVision
server: GeoHttpServer - 34,111 results

Vivotek IP cameras
server: VVTK-HTTP-Server - 19,984 results

Avigilion-brand camera/monitoring devices
title:"Avigilon" - 17,181 results

DVR CCTV cameras accessible via HTTP
200 ok dvr port:"81" - 6,287 results

Netwave-make IP cameras
Netwave IP Camera Content-Length: 2574 - 2,508 results

A UK-based IP camera provider
WWW-Authenticate: "Merit LILIN Ent. Co., Ltd" - 1,398 results

Various IP camera/video management system products
ACTi - 1,364 results

UI3 - the HTML5 web interface for Blue Iris
title:"ui3 -" - 875 results

Yet another WebCAM software
product:"Yawcam webcam viewer httpd" - 406 results

Unsecured Linksys webcams
title:"+tm01+" - 293 results
Unsecured Linksys webcams Screenshot

ContaCam Cameras
title:"ContaCam" - 180 results

Webcams running on webcamXP
server: webcamxp - 141 results
Webcams running on webcamXP Screenshot

Webcams with screenshots
webcam has_screenshot:true - 109 results

Webcams running on webcam 7
server: "webcam 7" - 85 results
Webcams running on webcam 7 Screenshot

IP Webcams with screenshots
has_screenshot:true IP Webcam - 43 results
IP Webcams with screenshots Screenshot

Canon-manufactured megapixel security cameras
title:"Network Camera VB-M600" - 39 results

i-Catcher IP-based CCTV systems
server: "i-Catcher Console" - 27 results

Linksys WVC80N cameras
WVC80N - 19 results

Webcams running on Blue Iris
title:"blue iris remote view" - 16 results

Industrial Control Systems

EtherNet/IP
port:44818 - 871,702 results

S7
port:102 - 852,119 results

BACnet
port:47808 - 830,900 results

Modbus
port:502 - 791,691 results

Niagara Fox
port:1911,4911 product:Niagara - 7,943 results

VNC Servers
"authentication disabled" "RFB 003.008" - 5,607 results
While not always 100% guaranteed to be a system, lots of embedded systems can show up here, along with personal systems.

Gas Station Pump Controllers
"in-tank inventory" port:10001 - 5,025 results
Find gas station pump controllers with accessible inventory data.
Gas Station Pump Controllers Screenshot

Siemens Industrial Automation
"Siemens, SIMATIC" port:161 - 2,760 results

IEC 60870-5-104
port:2404 asdu address - 2,627 results

DICOM Medical X-Ray Machines
"DICOM Server Response" port:104 - 2,193 results

More VNC Servers
"authentication disabled" port:5900,5901 - 2,159 results
Another search term for VNC servers - most are on port 5900 or 5901 as these are VNC display ports.

Omron FINS
port:9600 response code - 1,607 results

DNP3
port:20000 source address - 1,364 results

ProConOS
port:20547 PLC - 706 results

PCWorx
port:1962 PLC - 703 results

XZERES Wind Turbine
title:"xzeres wind" - 263 results

MELSEC-Q
port:5006,5007 product:mitsubishi - 201 results

Door / Lock Access Controllers
"HID VertX" port:4070 - 139 results

C4 Max Commercial Vehicle GPS Trackers
[1m[35mWelcome on console - 32 results
C4 Max Commercial Vehicle GPS Trackers Screenshot

GaugeTech Electricity Meters
"Server: EIG Embedded Web Server" "200 Document follows" - 29 results
GaugeTech Electricity Meters Screenshot

Open ATM
NCR Port:"161" - 22 results

Nordex Wind Turbine Farms
http.title:"Nordex Control" "Windows 2000 5.0 x86" "Jetty/3.1 (JSP 1.1; Servlet 2.2; java 1.6.0_14)" - 19 results

Voting Machines in the United States
"voter system serial" country:US - 17 results

Electric Vehicle Chargers
"Server: gSOAP/2.8" "Content-Length: 583" - 16 results

Traffic Light Controllers / Red Light Cameras
mikrotik streetlight - 15 results

Siemens HVAC Controllers
"Server: Microsoft-WinCE" "Content-Length: 12581" - 6 results

HART-IP
port:5094 hart-ip - 6 results

Fuel Pumps connected to internet
"privileged command" GET - 5 results

CAREL PlantVisor Refrigeration Units
"Server: CarelDataServer" "200 Document follows" - 5 results
CAREL PlantVisor Refrigeration Units Screenshot

Samsung Electronic Billboards
Server: Prismview Player - 3 results
Search for electronic billboards managed by Prismview servers.
Samsung Electronic Billboards Screenshot

Railroad Management
"log off" "select the appropriate" - 2 results

Automatic License Plate Readers
P372 "ANPR enabled" - 1 result

Submarine Mission Control Dashboards
title:"Slocum Fleet Mission Control" - 1 result

Network Infastructure

General MySQL Database Search
product:MySQL - 2,903,663 results

Remote PostgreSQL Connections
port:5432 PostgreSQL - 600,520 results

Default MongoDB Instances
mongodb port:27017 - 68,492 results

MongoDB Server Information on Default Port
"MongoDB Server Information" port:27017 - 64,947 results

Open Elasticsearch Databases
port:"9200" all:elastic - 20,913 results

Cisco Smart Install
smart install client active - 6,294 results

Listed Apache CouchDB
product:"CouchDB" - 4,651 results

Pi-hole Open DNS Servers
"dnsmasq-pi-hole" "Recursion: enabled" - 2,854 results

Android Root Bridges
"Android Debug Bridge" "Device" port:5555 - 2,434 results

Polycom Video Conferencing
http.title:"- Polycom" "Server: lighttpd" - 2,174 results

Jenkins CI
"X-Jenkins" "Set-Cookie: JSESSIONID" http.title:"Dashboard" - 1,464 results

Lantronix Serial-to-Ethernet Adapter Leaking Telnet Passwords
Lantronix password port:30718 -secured - 494 results

Already Logged-In as root via Telnet
"root@" port:23 -login -password -name -Session - 359 results

Accessible Kibana Dashboards
kibana content-length:217 - 274 results

Exposed MongoDB Express Web Interfaces
"Set-Cookie: mongo-express=" "200 OK" - 261 results

Docker Private Registries
"Docker-Distribution-Api-Version: registry" "200 OK" -gitlab - 215 results

Citrix Virtual Apps
"Citrix Applications:" port:1604 - 152 results

PBX IP Phone Gateways
PBX "gateway console" -password port:23 - 135 results

Telnet Configuration
"Polycom Command Shell" -failed port:23 - 23 results

Weave Scope Dashboards
title:"Weave Scope" http.favicon.hash:567176827 - 10 results

Vulnerable CouchDB Instances
port:"5984"+Server: "CouchDB/2.1.0" - 2 results

Printers

General Printer Search
printer - 92,694 results

HP Printers Remote Restart
port:161 hp - 8,692 results

Canon Printer HTTP Servers
Server: CANON HTTP Server - 6,380 results

HTTP Accessible Epson Printers
http 200 server epson -upnp - 1,301 results
HTTP Accessible Epson Printers Screenshot

Samsung Printers with SyncThru Web Service
title:"syncthru web service" - 1,112 results

Unsecured Telnet Access to Printers
port:23 "Password is not set" - 319 results

Remote Access to Xerox Printers
ssl:"Xerox Generic Root" - 211 results
Remote Access to Xerox Printers Screenshot

Lexmark Printer Control Panels
Printer Type: Lexmark - 141 results

Epson Printers via HTTP Server
"Server: EPSON-HTTP" "200 OK" - 120 results

HP LaserJet Printers via HTTP
"HP-ChaiSOE" port:"80" - 61 results

Brother Printers Admin Interface
"Location: /main/main.html" debut - 49 results

Printers with FTP Access
Laser Printer FTP Server - 20 results

Exposed OctoPrint 3D Printer Controllers
title:"OctoPrint" -title:"Login" http.favicon.hash:1307375944 - 17 results

Files and Directories

Open Lists of Files and Directories
http.title:"Index of /" - 277,886 results

Filezilla FTP
filezilla port:"21" - 168,509 results

Samba Shares with Authentication Disabled
"Authentication: disabled" port:445 product:"Samba" - 113,230 results

Open Lists on Port 80
port:80 title:"Index of /" - 98,587 results

FTP Access Without Credentials
"220" "230 Login successful." port:21 - 40,296 results

Anonymous Access Allowed FTP
"Anonymous access allowed" port:"21" - 21,892 results

NDMP on FTP Port 10000
ftp port:"10000" - 7,503 results

Vulnerable vsftpd Service
vsftpd 2.3.4 - 1,705 results

QuickBooks Files Shared Over Network
"QuickBooks files OverNetwork" -unix port:445 - 23 results

Compromised devices and websites

Compromised Legacy Systems on Port 4444
port:4444 system32 - 1,111 results

General Hacked Label Search
hacked - 1,021 results

Hacked By in HTTP Title
http.title:"Hacked by" - 412 results

Compromised Routers Labeled HACKED-ROUTER
HACKED-ROUTER - 388 results

Compromised Routers
hacked-router-help-sos - 371 results

Variation of Hacked By Label Search
hacked by - 249 results

Ransomware Infected RDP Services
"attention" "encrypted" port:3389 - 47 results

Compromised Hosts Advertising Default Password
HACKED-ROUTER-HELP-SOS-HAD-DEFAULT-PASSWORD - 46 results

Compromised FTP Servers
HACKED FTP server - 23 results

Bitcoin Ransomware with Screenshot
bitcoin has_screenshot:true - 7 results
Bitcoin Ransomware with Screenshot Screenshot

Owned By Label in HTTP Title
http.title:"0wn3d by" - 6 results

Miscellaneous

General Dashboard Interfaces
http.title:"dashboard" - 354,607 results

Control Panel Access Points
http.title:"control panel" - 64,160 results

Minecraft Servers
"Minecraft Server" "protocol 340" port:25565 - 4,413 results

Bitcoin Antminer Miners
antminer - 1,659 results
These devices are often left with default credentials.

Bomgar Help Desk Portals
"Server: Bomgar" "200 OK" - 354 results

Tesla-related Interfaces
http.title:"Tesla" - 346 results

Everything in North Korea
net:175.45.176.0/22,210.52.109.0/24,77.94.35.0/24 - 48 results

EIG Electricity Meters
"Server: EIG Embedded Web Server" "200 Document follows" - 29 results

Misconfigured WordPress Installations
http.html:"* The wp-config.php creation script uses this file" - 8 results

Ethereum Miners
ETH - Total speed - 2 results