I was given this because I am working on a project to scan a very large subnet for open VNC and automatically screenshot it and the person said this one-liner could be modified to do so.
The |s separate commands, pipes also take the output of the previous command and insert it into the next command.
sort -u just removes duplicates.
nmap -sT -Pn -n -oG - -iL - -p 7001 | grep open accepts the sorted shodan results and checks if the IP exists and is active
awk prints the 2nd column of the nmap results which must be an IP
xargs takes the IP and inserts it into the curl | egrep; echo command which tries to download IP:7001/ws_utc_config.do file and then runs egrep on it for a line of text that contains HTTP
The result from curl | egrep is stored in a variable RESULT