The personal blog of Alden.
Shodan Stories Day 80: Managing Apartment Security in Bangkok, IoT Defacements, and My Wifi Video Door Lock Makes Me More Safe Because It Lets Anyone Remotely Monitor My Home For Intruders
Today I saw a search for “comelit multi apartment gateway”. Sounded pretty interesting so I jumped in. The query was “input_box==true window.open reboot.html”
Apartment Door Lock Management System on 184.82.206.184 Comelit is a manufacturer of IoT video doorbells and locks. This search seemed to be showing up the configuation pages for apartment owners and supers, who assumedly had either retrofited all of the apartments in their building to have these wifi locks or had built a new building with them.…
Read more ⟶
Shodan Stories Day 79: Controlling the Climate in Constanta, Legacy Browser Extensions, Windows Virtual Machines, Reliable Old Internet Explorer, and Java Applet Deep Hell
Real tough one today. I found a search for Siemen’s Saphir HVAC control systems, and four hours later I was installing a Windows virtual machine.
HVAC SCADA System on 5.2.229.60 The search itself was for “wince Content-Length: 12581”. Many of the results on Shodan were in Romania, and so I picked one in Romania. It was running a webserver on 80. This is a pretty cool design for a SCADA opening page.…
Read more ⟶
Shodan Stories Day 78: The Ol' Unix Nostalgia in the Netherlands, Fortune | Cowsay, and the Mysteries of Tranquility Quidor
Today I’ve been trying to write a paper about the waste industry and garbage, so I decided to search on Shodan just for the word “garbage” and see what I get.
Telnet Service on 62.133.200.27 There were about 100 results, most of them garbage themselves. But I found one in the Netherlands that perplexed me. It showed up in my Shodan search because Shodan had gotten the following response on port 7777:…
Read more ⟶
Shodan Stories Day 77: Compressing Natural Gas in West Virginia
Today I saw a search on Shodan just for “compressor station”. Turns out that compressor stations are facilities for compressing natural gas so that it can be transported through a pipeline, and that a natural gas pipeline will frequently have many compressor stations to help keep things moving.
Natural Gas Compressor Station on 184.13.121.30 There were only 8 results, and I chose one in Fairmont, West Virginia because it was using Red Lion Controls, just like the oil field I found on day 32.…
Read more ⟶
Shodan Stories Day 76: Conference Calls in Noida
Today I read about insecure video conferencing systems made by Polycom, and Googled up a Shodan query to find them. The query was “polycom command shell”.
Polycom Conference Calling System on 14.143.72.118 The results were all video conferencing devices that had open telnet ports, but I ultimately chose one in India that was runnign a webserver as well, so that I could have something more interesting to take pictures of.…
Read more ⟶
Shodan Stories Day 75: Powerful Routing in Karachi
Today’s the kind of day where I just don’t remember how I found the IP I decided to write about. The dangers of looking in the morning and writing at night.
VoIP WiMAX Gateway on 115.167.115.93 Today’s just a router. Well not “just” I router I suppose, it’s a powerful router. The configuration page was running on port 8080, but fortunately for them they had a password and it wasn’t a default.…
Read more ⟶
Shodan Stories Day 74: Charging My Car in Heraklion
Today I saw a search for “charging station” and I thought I would take a look.
Electric Car Charging Station on 62.103.74.118 There seemed to be a variety of brands of devices that showed up, but all of them were charging stations for electric cars. I ended up picking one in Greece with no authentication. It was running a webserver on port 10000. I love this. It’s a dashboard for an electric vehicle charging station made by Etrel, a Slovenian maker of such charging stations (here’s the manual).…
Read more ⟶
Shodan Stories Day 73: Automating Application Testing in Tel-Aviv, Jenkins, and Extremely Secure Devops
I recently read about something called Jenkins, “the leading open source automation server”. The name and the logo reminded me of the now long gone Ask Jeeves, a search engine that I used when I was first getting online back in the 90s.
Jenkins Automation Server on 52.73.234.8 I just searched for “Jenkins” and looked around until I found a result without a login. It was in Ashburn, Virginia which almost certainly meant it was running on AWS in the giant Amazon server facility there.…
Read more ⟶
Shodan Stories Day 71: Transfering Files in Moscow, Macommet, and Open Source Mirrors
Today I just wanted to find a working public FTP server. So I searched “FTP”, and went with the first result I found, this one in Moscow.
FTP Server on 195.128.64.25 FTP seems like an ancient technology but I had a job just a few years ago where we would use it all of the time, and I frequently use it to move files to my servers when I can’t be bothered to remember the correct scp syntax.…
Read more ⟶
Shodan Stories Day 70: Engineering Consulting in Tangier, WampServer, CORS the Silent Killer, and You'll Always Have a Job with PHP
Today I truly cast a stone into the sea blindfolded, and decided to see what typing in just any old random IP address into Shodan would bring up.
WampServer on 197.230.101.90 I’m not sure what force compelled me to type 197.230.101.90, but it was indeed in Shodan and looked like it was running a website (80 and 443 were serving HTTP) and SQL databases (3306, the mySQL database port and 5432, the PostgreSQL port were both running).…
Read more ⟶