The personal blog of Alden.


Shodan Stories Day 39: More TV Torrenting in Toronto, Reckless API Key Exposure, Sonarr, Radarr, Jackett, Ombi, and Deluge


Saw a search just for “gmail.com”, I assume to look for anyone who put their email address into their service. I decided to take a look. A Torrenting Operation on 162.157.129.215 I like this search because it’s device and service agnostic. I ended up just picking the first result and running with it, this one in Toronto. It turned out that the email address that brought me there belonged to the developer of a bittorent client named Deluge.…
Read more ⟶

Shodan Stories Day 38: A Clothing Store in Moscow


A quick cam day today because I’m a busy bee. I found a search awhile back for “Auther: Steven Wu”. Yes with the typo. It seems that Steven Wu wrote some server software for networked cameras back in maybe 2009 that is now used in a few different camera brands, all of which allow for snapshots to be taken without a password even if the video feed itself requires a password.…
Read more ⟶

Shodan Stories Day 37: Minitel


Oh Minitel. I never expected to find you, here on the very World Wide Web that killed you. 3614 TEASER emulator on 62.210.93.204 I saw a recent search on Shodan for “ttyd terminal shell”. ttyd is a service for sharing your Terminal over the web, meaning that an insecure ttyd server would mean total access over someone’s computer (assuming they were porting root). I decided to take a look. Of the 12 results most were just named ‘ttyd - terminal’ and most of those were inactive, but one stood out.…
Read more ⟶

Shodan Stories Day 36: A Sick Beard in Hilversum, Usenet Is Still Around, Torrenting SuperUsers, and How Much of the Internet Is Just People Trying to Watch TV?


The Shodan recent searches is a well that never runs dry. Today I saw someone searching for “Sickbeard”. What could that possibly be?? Sickbeard TV on 85.145.200.210 The search was named Sickbeard but the actual search was for “CherryPy/3.2.0rc1 This resource can be found at”. Looking into it, CherryPy is a python based framework for running webapps. It looks useful and I think I’ll log it into my toolkit for a later project.…
Read more ⟶

Shodan Stories Day 35: Library Kiosks in Duchesne, Session Management Solutions, and True Friendship


Saw an amazing search on Shodan today: someone searched for “kiosk” with the comment “lotta cool stuff”. Lotta cool stuff! How could I resist. A Library Kiosk Management System on 104.239.140.99 Most of the kiosks seemed to be library kiosks, I even found one from my alma mater’s library! I ended up going with the first one that I couldn’t immediately figure out the purpose of. It was running some kind of web server on port 3000.…
Read more ⟶

Shodan Stories Day 34: Listening to La Merde in Bonneuil-sur-marne, Logitech Servers, the Squeezebox, and Becoming the Ghost in the Wifi Connected Radio


As many of my days now start, I began my morning by looking through the recent searches on Shodan. I found one for Logitech devices that looked kind of interesting and dove in. Logitech Media Server on 82.64.23.201 I no longer remember why I picked this particular device since I did my searching in the morning and am writing at night. I think I was impressed by the number of ports it had open.…
Read more ⟶

Shodan Stories Day 33: Propaganda in Pyongyang


Today I saw someone had compiled a list of every Shodan-discovered server running in North Korea. To be honest I was a little surprised that there would be much outward-facing internet in North Korea, so I decided to take a look. Media Ryugyong on 175.45.176.80 Most of the servers seemed to be mail servers, but some of them were running webpages. I picked the first one I found that was running a web page.…
Read more ⟶

Shodan Stories Day 32: Red Lion Industrial Controls in a Remote US Location, Riding the XetaWave, the AirLink ACEmanager, Tank Batteries, and the Stack Overflow Answer that Launched 6000 Redirects


Today I decided to go looking for for industrial control systems made by a company called Red Lion Controls. Red Lion makes controllers, touch screen operation panels, and a few other things besides. Reading Shodan I found that I could find them by searching for devices using port 789, which is the default port that Red Lion’s software uses to communicate. A Red Lion Controller on 166.167.27.6 I just went with the first result, this one somewhere in the US on a Verizon wireless mobile network, and immediately got sucked into figuring out whatever was going on with it.…
Read more ⟶

Shodan Stories Day 31: Youth Volunteering in Guri, ePrinting, Jetdirect, Requiem for a Hewlett Packard, the State of Civil Society, and Hand Massages for the Elderly


I saw a search on Shodan for “Jetdirect” with the tagline “unsecured printers”. I’d recently heard a story about fans of the Youtuber PewDiePie using Shodan to hack into 50,000 printers to print messages about him so I thought maybe I could take a look and see maybe how they had done it. HP Officejet Pro 8100 N811a on 121.161.211.66 Shodan showed 18,000 results for Jetdirect, with a plurality of them being in Korea.…
Read more ⟶

Shodan Stories Day 30: Automating Buildings in Copenhagen, the BAS SCADA Industry, Expandable Controllers, Cloriūs, KeRo, and O&J CTS A/S


Today I decided to go looking for SCADA systems. SCADA stands for supervisory control and data acquisition and is a type of widely used industry management software, typically made bespoke for a particular factory or building. For a little more information I’ll let the man himself, Carl Gould, take it away. SCADA Building Automation System on 80.71.129.61 Not really sure how to find one, I just searched on Shodan for “SCADA” hoping to reap rewards with little research.…
Read more ⟶