Most of these blog posts are about projects from my time at the Interactive Telecommunications Program at NYU, which I attended from 2017-2019. Take a look through and take a step back into time with me, to an earlier era, a simpler time when we all knew the rules.


Shodan Workshop Resource List


Welcome! This is a list of resources to supplement my “Basic Hacking in 2019 with Shodan” workshop. First it’s very important to take care of yourself out there when you start poking around. I recommend a VPN to hide who you are a bit and some kind of browser tools to prevent someone from running malicious code in your browser. My favorite VPN is Nord, and I use the uMatrix browser extension in all my browsers to control what code my browsers are running.…
Read more ⟶

Shodan Stories Day 93: Poking the BusyBox in Camboriu


Today I saw someone’s search for BusyBox’s, the query was “port:9000 ash”. BusyBox is a kind of GNU-lite system for embedded boards, allowing you to telnet into a shell that has most of the usual tools you get in Linux. It seems like it gets used in modems and stuff. A BusyBox on 191.186.195.10 I picked the very first result, in Brazil. So it’s not very interesting in some senses, it’s just running a telnet port on 9000.…
Read more ⟶

Shodan Stories Day 91: Collecting Workforce Biometrics in Mumbai, GPS Tagging My Employee Assets to Ensure Payroll Compliance, and Using Watermarked Stock Footage in Your Deployed Product Means Never Having To Say You're Sorry


Today I just went looking for AWS servers. AWS EC2 Instance on 35.154.190.199 The first one I found, in India, seemed pretty interesting. It had ssh running on port 22 and on 80 a webserver that just hosted a login. But this login page had a 15 second video loop with a giant watermark saying POND 5 on it. Turns out that POND 5 is a stock image/footage company and the fact that this video still has a giant watermark means that it certainly was not paid for.…
Read more ⟶

Shodan Stories Day 88: The Internet Feels Empty in Caoya


I’ve been feeling exhausted the past week, so I decided to take a couple of easy days reaching out to some webcams. I was hoping to see some people, looking at chiller stations all day can make you feel you a little lonely. Internet Camera on 122.117.120.153 I found an IP in Taiwan that had two different cameras, one on 8000 and one on 9000. It seems to be in an internet cafe.…
Read more ⟶

Shodan Stories Day 86: Graphing Databases in Sydney


About a week ago I saw a search for “dgraph” and I thought today I would take a look. Dgraph is a kind of graph database, which is a kind of NoSQL database with a graph-like structure of nodes and edges. The search was for “Dgraph Ratel Dashboard”. Dgraph Server on 13.210.169.101 There were only 5 results, all either in China or Australia, and so I picked one in Australia because Dgraph is based in Sydney.…
Read more ⟶

Shodan Stories Day 85: Hosting on Raspberry Pis in Arnstadt, CNAME Record Trails, and 'Home' Automation


There’s been a flurry of interesting recently shared searches on Shodan recently and I’m just catching up with them. Today I looked into one for Raspberry Pis running SSH that was just “port:22 “raspbian”“. There are almost 100,000 results which I think goes to show just how popular these tiny computers are. A Raspberry Pi on 178.12.106.221 I picked a result in Germany because I saw that in addition to SSH it was also running a webserver on 443.…
Read more ⟶

Shodan Stories Day 83: Logging In In Koshigaya


Today I saw a search for the Microsoft Remote Desktop protocol. The search was for “\x03\x00\x00\x0b\x06\xd0\x00\x00\x124\x00”. ] Microsoft Remote Desktop on 124.146.236.44 There were several hundred thousand results, showing just how popular the remote desktop protocol is. I remember using it quite often in a job I had several years ago. Initially I thought of looking for my old company’s system but that seemed kind of like a weird thing to be doing.…
Read more ⟶

Shodan Stories Day 82: Monitoring Modbus Logic Controllers in Wroclaw


Saw a search today for “Modbus Gateway”. I wasn’t sure what that would be exactly so I thought I’d take a look. Modbus Gateway on 82.143.179.14 Modbus is a protocol for communication over serial developed in 1979, originally meant for logic controllers, but now with wide use across industrial electronic devices. A modbus gateway is a device for connecting modbus devices into IP networks (sometimes the internet), typically so that they can be remotely monitored.…
Read more ⟶

Shodan Stories Day 81: Microwave Access in Ghaziabad


Today a search for “unprotected WiMAX towers”. The word tower was pretty tantalizing. The actual search was for “OX253P”. WiMAX Tower on 117.244.48.33 WiMAX is a communication standard meant to give last mile wireless access to the internet to homes and businesses using microwaves. This would be a wireless alternative to DSL and cable internet, not requiring any cabling to the home endpoint, only a receiver antenna, much like LTE.…
Read more ⟶

Shodan Stories Day 80: Managing Apartment Security in Bangkok, IoT Defacements, and My Wifi Video Door Lock Makes Me More Safe Because It Lets Anyone Remotely Monitor My Home For Intruders


Today I saw a search for “comelit multi apartment gateway”. Sounded pretty interesting so I jumped in. The query was “input_box==true window.open reboot.html” Apartment Door Lock Management System on 184.82.206.184 Comelit is a manufacturer of IoT video doorbells and locks. This search seemed to be showing up the configuation pages for apartment owners and supers, who assumedly had either retrofited all of the apartments in their building to have these wifi locks or had built a new building with them.…
Read more ⟶