I am trying to do a version range search within Shodan as a one-liner but having trouble doing so. Not eve sure if that is possible, but basically, I am able to get search results if I did it 2 times as follows:
software 1.5.*
software 1.6.*
Is it possible to combine the above two lines into one, so that it will lists me all the 1.5.* and 1.6.* results all at one go?
Adding on, I wasn't able to find much info on the search syntax online..
Tried writing like software 1.[5|6].* but it returns me invalid result.
You would want to use the version filter and provide it with a comma-separated list of values. For example, the following would find Microsoft IIS servers that are either 5.0 OR 6.0:
The basic rules of the Shodan search syntax are outlined in this article:
https://help.shodan.io/the-basics/search-query-fundamentals
Values provided in filters are OR-ed together and everything else is AND-ed together. Shodan search syntax doesn't support wildcards currently. If the property you're searching for is always numeric then you can also search for ranges:
This blog post covers it in further detail:
https://blog.shodan.io/search-engine-improvements/
And the list of available search filters is here:
https://beta.shodan.io/search/filters