Saw a search just for “gmail.com”, I assume to look for anyone who put their email address into their service. I decided to take a look. A Torrenting Operation on 162.157.129.215 I like this search because it’s device and service agnostic. I ended up just picking the first result and running with it, this one in Toronto. It turned out that the email address that brought me there belonged to the developer of a bittorent client named Deluge.…

A quick cam day today because I’m a busy bee. I found a search awhile back for “Auther: Steven Wu”. Yes with the typo. It seems that Steven Wu wrote some server software for networked cameras back in maybe 2009 that is now used in a few different camera brands, all of which allow for snapshots to be taken without a password even if the video feed itself requires a password.…

Oh Minitel. I never expected to find you, here on the very World Wide Web that killed you. 3614 TEASER emulator on 62.210.93.204 I saw a recent search on Shodan for “ttyd terminal shell”. ttyd is a service for sharing your Terminal over the web, meaning that an insecure ttyd server would mean total access over someone’s computer (assuming they were porting root). I decided to take a look. Of the 12 results most were just named ‘ttyd - terminal’ and most of those were inactive, but one stood out.…

The Shodan recent searches is a well that never runs dry. Today I saw someone searching for “Sickbeard”. What could that possibly be?? Sickbeard TV on 85.145.200.210 The search was named Sickbeard but the actual search was for “CherryPy/3.2.0rc1 This resource can be found at”. Looking into it, CherryPy is a python based framework for running webapps. It looks useful and I think I’ll log it into my toolkit for a later project.…

Saw an amazing search on Shodan today: someone searched for “kiosk” with the comment “lotta cool stuff”. Lotta cool stuff! How could I resist. A Library Kiosk Management System on 104.239.140.99 Most of the kiosks seemed to be library kiosks, I even found one from my alma mater’s library! I ended up going with the first one that I couldn’t immediately figure out the purpose of. It was running some kind of web server on port 3000.…

As many of my days now start, I began my morning by looking through the recent searches on Shodan. I found one for Logitech devices that looked kind of interesting and dove in. Logitech Media Server on 82.64.23.201 I no longer remember why I picked this particular device since I did my searching in the morning and am writing at night. I think I was impressed by the number of ports it had open.…

Today I saw someone had compiled a list of every Shodan-discovered server running in North Korea. To be honest I was a little surprised that there would be much outward-facing internet in North Korea, so I decided to take a look. Media Ryugyong on 175.45.176.80 Most of the servers seemed to be mail servers, but some of them were running webpages. I picked the first one I found that was running a web page.…

Today I decided to go looking for for industrial control systems made by a company called Red Lion Controls. Red Lion makes controllers, touch screen operation panels, and a few other things besides. Reading Shodan I found that I could find them by searching for devices using port 789, which is the default port that Red Lion’s software uses to communicate. A Red Lion Controller on 166.167.27.6 I just went with the first result, this one somewhere in the US on a Verizon wireless mobile network, and immediately got sucked into figuring out whatever was going on with it.…

I saw a search on Shodan for “Jetdirect” with the tagline “unsecured printers”. I’d recently heard a story about fans of the Youtuber PewDiePie using Shodan to hack into 50,000 printers to print messages about him so I thought maybe I could take a look and see maybe how they had done it. HP Officejet Pro 8100 N811a on 121.161.211.66 Shodan showed 18,000 results for Jetdirect, with a plurality of them being in Korea.…

Today I decided to go looking for SCADA systems. SCADA stands for supervisory control and data acquisition and is a type of widely used industry management software, typically made bespoke for a particular factory or building. For a little more information I’ll let the man himself, Carl Gould, take it away. SCADA Building Automation System on 80.71.129.61 Not really sure how to find one, I just searched on Shodan for “SCADA” hoping to reap rewards with little research.…