Shodan Stories Day 73: Automating Application Testing in Tel-Aviv, Jenkins, and Extremely Secure Devops

Posted on Mar 17, 2019

I recently read about something called Jenkins, “the leading open source automation server”. The name and the logo reminded me of the now long gone Ask Jeeves, a search engine that I used when I was first getting online back in the 90s.

Jenkins Automation Server on

I just searched for “Jenkins” and looked around until I found a result without a login. It was in Ashburn, Virginia which almost certainly meant it was running on AWS in the giant Amazon server facility there. Checking host confirms that it’s running on an AWS EC2.

👻🌵🔮 $ host domain name pointer

It was running one thing, a webserver on port 8080. So Jenkins is for… automating… stuff. I didn’t really have the time to understand it fully. But it looks here like they were attempting to test out several different applications for Samsung Galaxy phones. I couldn’t run anything myself but I was able to see a lot of information about these apps. The one named “yuvalisGod” was pretty confusing to me, until I realized that “yuval” was the name of one of the users of this server. Given all of this I was able to figure out pretty definitively that this server belonged to the Tel Aviv office of a company named Perfecto Mobile.

They had various API keys exposed and if I were a black hat I’d probably be able to do a lot of damage. Shows the importance of having infosec as part of your devops. See you tomorrow.