You can perform a search for servers that have an FTP access with an anonymous user and can be accessed without a username and password.
If we perform the search with the "port: 21 Anonymous user logged in" string, we obtain those vulnerable FTP servers:
This script allows you to obtain a list of IP addresses in servers that allow FTP access anonymously.
You can find the following code in the ShodanSearch_FTP_Vulnerable.py file:
import shodanimport resites =[]shodanKeyString = 'v4YpsPUJ3wjDxEqywwu6aF5OZKWj8kik'shodanApi = shodan.Shodan(shodanKeyString)results = shodanApi.search("port: 21 Anonymous user logged in") ...