Busy today so I found an IP camera. This time I got one of my all time favorites, an AXIS camera, this one with a 4K resolution and 700° pan/tilt control. AXIS Q6128-E Network Camera on 107.85.76.185 Shodan couldn’t identify where it was beyond “United States”, and I found that was likely because it was connected to the network via a mobile Sierra AirLink router, the kind we’ve seen several times now.…

I saw a great search on Shodan the other day, one just for Apache Webservers. Apache is a true classic, a webserver now 24 years old that had a big hand in the expansion of the early web. It’s still among the most popular servers today; it’s estimated that 20% of all current websites are running Apache. So I was expecting to see a lot of results, and indeed Shodan could identify at least 320,000 IP addresses running Apache.…

Today I saw a search just for everything that’s a customer of PT Telkom Indonesia, an Indonesian ISP. Tuban Cement Factory on 180.250.182.241 I ended up picking the first result because I saw on Shodan, in the town of Tuban on Java, that it was running this warning on the telnet port, 23. ***************************************************************************** PT Holcim Indonesia Tbk Astinet Router to STO Kerek Tuban Plant WARNING: This is a private system.…

Today I wanted to find any kind of Alexa-compatible device, be it WiFi plug, smart bulb, or whatever, so I searched in Shodan for “alexa”. After looking at the results for awhile I found that there was a particular type of object that showed up that I thought was worth looking into further, what looked like a “smart projector”. Optoma on 54.223.86.54 The actual search I used to narrow down on the projectors was “alxtest/alexa”, which was part of the name in the webserver these projectors were running.…

Today I saw a search for Iomega (now Lenovo EMC) Network Attached Storage, probably because these devices have been show to have huge security flaws (or the novelty of finding devices that still have “Iomega” written into their cookie code even after the brand had been incorporated into Lenovo). But I thought it would be a nice change from all of the Synology NAS we’ve been seeing. Lenovo EMC NAS on 190.…

There’s been a lot of hubbub in the infosec world the past couple of days because the NSA released one of their reverse engineering tools, Ghidra, as an open source toolkit. This is huge news because the closest tool in functionality, IDA Pro, is $1200 a year for a license, but also raised a question: would you trust software from the NSA, even if it’s hosted on Github? I’m starting with this preamble because of a default setting in Ghidra.…

Today I wanted to find a webcam but not because I needed an easy target, but rather so that I could find a webcam that would lead me to its precise location. I mulled about in Shodan’s image viewer until I found an interesting result, and lo and behold, it’s another webcam server made by Steven Wu (see days 38 and 47 if that name doesn’t ring a bell). Thank you, Steven Wu, for your really terribly insecure webcam server.…

Today’s episode is again taken off of the recent searches. I saw someone searching for “octoprint -login -authenticate”, and decided I’d take a look. Turns out OctoPrint is a web interface for 3D printers that let you remotely monitor and control your in progress jobs. So I’d be finding 3D printers, a whole dimension up from the paper printer I found back on day 31. A Wanhao Duplicator i3 3D Printer on 173.…

I saw a search for “prison phones” and gosh if that isn’t a lure I don’t know what is. The search was just for “encartele”, and doing some Googling I found that Encartele is a major player in the United States inmate phone service industry. I think this ad will explain what that means: An Encartele Prison Phone on 66.112.68.130 So Encartele charges inmates and their families artificially high phone rates and give paybacks to the wardens running the prisons.…

A plethora of good shared searches on Shodan today. I decided to go with satellite receiver web interfaces, thinking that after my attempts back on day 13 this would be about as close to a real satellite as I could get. Leica Satellite Receiver on 212.39.114.78 I chose a result in Bosnia and Herzegovina. It was running email ports and a webserver on port 80, so I took a look at the webserver.…