Little shodan app

Discussion in 'other security issues & news' started by Stefan Froberg, Apr 19, 2018.

  1. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    538
    Was totally bored today....
    So as an exercise made a lil tool that grabs & shows shodan data, list them,
    and also does some primitive default login attempts in case a link that uses http basic authentication is clicked.

    upload_2018-4-20_2-2-59.png


    upload_2018-4-20_2-4-52.png

    Some open webcam in Italy...
    upload_2018-4-20_2-5-58.png


    Wanna play with someones router from Hong Kong?
    upload_2018-4-20_2-6-32.png

    Also shows exploits from shodan database with search term.
    upload_2018-4-20_2-7-1.png


    Only checked the first 100 or so from the listed 230 000 netgear routers and 14 of them had default login/password. So if the rest of the results are also around 14% then there is approximately 32 200 netgear routers listed by shodan that have default logins.
     
  2. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    538
    Added very old (from 2013) D-Link backdoor exploit. You can now automatically log in to pretty much any router (well almost any, except those with recent enough firmware ofc...)
    that has thttpd-alphanetwork as server tag, without password!

    upload_2018-7-11_23-44-30.png
     
  3. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,639
    I clicked on the link, and noticed the misspelling of the word, candidate. ;)

    "Also a running candinate:"
     
  4. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    538
    Oooops! :oops:
    Good catch, fixed now ;)
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.