SHODAN is a search engine that allows you to find servers/routers/etc. It scans the Internet and indexes the headers that come back. What this means is that instead of finding an exploit that works on a target system, you can grab any exploit then find a system vulnerable to it
To demonstrate, let us find an FTP server in China with anonymous access. To do that, I typed FTP port:21 country:CN. In response, SHODAN gives a list of systems matching the criteria:
Running an FTP command with a IP address from the list confirms that the server exists:
Please remember that it is illegal (in most countries) to scan and/or fingerprint a system without proper authorisation from the owner. Considering SHODAN capabilities, one should consider a question of ethical aspects of the "cloud hacking".