I was feeling listless today and a bit grumpy, so I decided to look for something that I could be motivationally upset about: automatic license plate readers (ALPRs). These are a kind of surveillance camera that are frequently used by police forces or parking facility managers to track cars and car movement. You might have seen a kind of them attached to traffic signal beams to catch red light runners, but they are used far more widely than just that.…

This is another one I found from looking at recent searches on Shodan. Someone searched for “BlueSpray irrigation” and I decided to follow their lead. BlueSpray Wifi-Enabled Irrigation Controller (or maybe somebody’s pentesting playground) on 71.52.48.61 BlueSpray is a startup that makes an internet of things irrigation system for the consumer level (so for suburban lawns, not farms). If “internet of things lawn sprinkler” makes your eyes roll all the way back into your head well then this blog is for you.…

A couple of days ago I noticed some people searching on Shodan for “ETH: total speed”. That didn’t mean anything to me so I took note of it and today decided to dig in. An Ethereum Miner on 186.90.40.229 Almost all the results I found for this search in Shodan were running off of port 3001 (the ones that weren’t were on 9001), and tended to be in Russia, South Korea, or Ukraine.…

Someone tried to phish me yesterday via text from a Los Vegas phone number. Fortunately I was able to figure out their IP address and, yes, their IP is on Shodan. Someone Trying to Phish Me on 146.120.89.201 I started out checking both номе.рф and xn–e1ance.xn–p1ai, which is the address the text message actually links to. In case you are wondering, and don’t want to read further, номе.рф is safe to go to in a browser but xn–e1ance.…

Today I decided to look for more industrial control systems, specifically Mitsubishi Q-Series logic controllers. Yokohama Air Traffic Control Tower on 133.34.157.13 Reading about them on Shodan it looks like the Q-Series logic controllers tend to run off ports 5006 or 5007. So I did a search for those open ports. Judging from the results it looks like the majority of these Mitsubishi controllers are in Japan, not surprising I suppose since Mitsubishi is a Japanese company.…

Today I decided to go looking for MySQL databases. I’ve always loved SQL, it was one of the first “programming languages” I learned and was a big part of one of my first jobs. Institute of Industrial Organic Chemistry on 79.96.39.102 Checking with MySQL documents I found that MySQL databases typically run off of port 3306. So I went on Shodan to look for things with port 3306. One of the first results I saw was from Poland, and being Polish I couldn’t resist poking around a bit in the homeland.…

Today I saw that the fifth most searched for term on Shodan of the day was “dreambox”. What a name! I couldn’t resist! After a little digging I found that dreambox probably referred to a kind of linux-based television receiver, made by a German company with a truly fantastic logo. Cloned Dreambox Television Receiver on 84.39.177.219 I started out just searching on Shodan for “dreambox”, like so many others were doing today.…

Since I didn’t do Minecraft servers yesterday I decided to do them today. First I read a little guide on how to set up a Minecraft server to get a sense of what they looked like. Les Chevaliers Royale Minecraft Server on 97.94.56.211 I actually don’t know much about Minecraft, I’ve never played it. I know it’s popular with a wide range of people, and that really dedicated players like to set up servers for group play, so I thought it might be interesting to look around for a server and figure out if I could find the people who were using it.…

Today I had two quick ideas for what to look for, either industrial control systems or minecraft servers. Flipping a coin, ICS won out. Reading a quick Shodan guide on them I decided to look for Siemens control systems, for no reason other than I’d heard of them before. Joann Fabric’s Industrial Control System on 208.83.32.213 Siemens has a proprietary network protocol called S7 Communications that they use for their Programmable Logic Controllers (PLC), which they also provide a nice sales brochure for.…

A note up front: Generally I’ve been struggling with an ethical question of this project, should I be publishing the IP addresses and personal identification of individual people I find? I can’t imagine that anyone reading this would take that info and do anything untoward with it, but it’s an odd stance on surveillance culture to dox strangers meaninglessly, even if the ability to reach out and randomly touching a stranger is the reality of networked existence.…