marid

  • Nov 17, 2016
  • Joined Jan 18, 2013
  • In Gambling Sites being blocked in Lebanon
    Session hijacking (MITM attack).. At least that's what i know, correct me if i'm wrong please :)
  • In Shodan
    NuclearVision wroteMost of connections are closed, are under on live check/trace?
    Nvm figured it out, might be the best educational post I ever came across thanks marid!
    Cheers, I could go into much more details about what shodan is capable of, maybe when i'm not actually posting from work.
  • In Shodan
    -edit WARNING edit-
    I am not responsible to whatever idiocy anyone does with this information. Please use proxies/tor/whatever.
    -/edit-


    Hello!
    I've always wanted to contribute to this community (And promised to do so when i met the admin about 7 years ago)
    Anyway here's a BRIEF - very poorly structured - tutorial on SHODAN.

    1. What Is Shodan?

    I'm sure You all know about googledorks; Specific google search queries that expose sensitive information (Password files, login panels, php shells, etc..). Imagine using that to search for DEVICES connected to the internet. That's what shodan does.

    Wikipedia:
    Shodan is a search engine that lets you find specific types of computers (routers, servers, etc.) in the internet using a variety of filters. Some have also described it as a search engine of service banners, which are meta-data the server sends back to the client.

    Using Shodan, You can expose a whole variety of devices.. Scada systems(suicide mission), Security cameras, root shells on devices (i.e Android), etc..
    Enough talk.. lets get to the juicy stuff.

    2. Juicy Stuffses

    Using some quick research, I found out about an android webcam server app called -drumroll- Android Webcam Server !
    So I went to http://shodanhq.com and searched for: android webcam server ( http://www.shodanhq.com/search?q=android+webcam+server )
    Results pop up ! GREAT !! I pick the first result, and i get an authentication screen... that's not good.
    Another google search shows me that this cam does not have default login credentials, so no hope testing there.
    So then I searched for "Android webcam server 200" .. Why 200 ?

    "200 OK
    Standard response for successful HTTP requests. The actual response will depend on the request method used. In a GET request, the response will contain an entity corresponding to the requested resource. In a POST request the response will contain an entity describing or containing the result of the action.
    "
    Pretty self explanatory..
    I click on the first result and...

    BOOM!

    Won't go into much more detail.. Just some things you must know:
    Free accounts have a limit on the number of results per query (You can view more results with some smart querying, like adding country:LB or other attributes to narrow your search), They also dont have full access to the port:xx feature (such as telnet).
    Know this: Searching for devices that require authentication, but HAVE default usernames and passwords, will at WORST give out a 1/10 ratio of devices with default credentials.

    Some of my fav. queries:
    boa ipcam (admin:123456)
    dcs 5220 200 (200 -> no auth popup)
    root@android:/ #
    default password
    iomega 200 (juicy extrenal hard discs)
    everything related to dreambox (cable TV with web interface.. default credentials)

    If you like this, tell me and i'll restructure it so it doesn't look like a piece of crap..
    Cheerz.
  • In What are you playing these days ?
    vegetaleb wroteStill playing Watch Dog but I am keeping an eye on Wolfenstein, anyone found it yet in Lebanon?
    Game Land (Or Game Center) in St. Elie, Antelias, has it for X360.. not sure about other consoles/pc.
  • In Cracking the Android app "Cars numbers"
    Oh i had forgotten about this thread!
    Anyway glad you got it figured out.
  • In New
    Hello!
    I've known some of You a while back but You guys probably dont remember :)
    Telecom Engineer here,
    Security enthusiast.
    Cheerz.
  • In Gambling Sites being blocked in Lebanon
    Hello!
    I just registered to reply to this post:
    samer wroteEverything you need to know is in this manual.
    mrflyingflipflop wroteI use wise and bet365 is down. is there a way to get around the block?
    NEVER give out credit card information over free proxy servers.
    The End.
  • In Dota 2 request.
    Hey i PM'd you but nevermind i got one :) Cheerz!
  • In Cracking the Android app "Cars numbers"
    I recently cracked the lookups limit (you get only 3 lookups for free) with gameCIH, made it 9999, but forgot to save the int's ADDRESS..when i restarted the app, it was 0 and it's impossible to crack it again from my device..
    Can someone with a rooted android phone -and who hasn't yet used this app- get that address please?
    If you need help i'll post a tutorial about using GameCIH..
    Cheerz..
  • In Dota 2 request.
    Hi !
    Can someone send me a dota 2 invite please? New player.. and new member here!
    If possible please reply and i'll PM you my steam id / mail..
    Thanks in advance!