Shodan - Google for Hackers

Countless devices such as routers, heating systems, printers, telephone systems and other office machinery have network features these days. But also publicly visible systems such as security cameras, car wash or even traffic signals. This makes the Shodan search engine to use and display a huge number of devices with internet connection and of which very few are secured. Access to such devices is hardly possible for the average Internet user, but it is laughably easy for an expert. Devices such as network printers in particular are often left out of the equation when it comes to security measures. The result: An unsecured printer with standard access data can easily be hacked and taken over via an Internet connection.

Shodan users have already found control systems for a water park, a gas station, a wine cooler in a hotel and a crematorium. Security experts have even managed to locate a command and control system for a nuclear power plant and a cyclotron particle accelerator. Many of these systems were not protected at all or only insufficiently. Every month Shodan adds around 500 million new devices to their database. A quick search for "Default Password" reveals tons of routers, printers, and servers with default logins and "1234" as the password. Many don't even require credentials and all you need to access is a web browser.

During the Defcon cybersecurity conference last year, security tester Dan Tentler demonstrated how easy it is to search for controllable devices with Shodan. He found a car wash that could be switched on and off and an ice hockey rink in Denmark that can be de-iced at the push of a button. The traffic control system of an entire city could be put into test mode via the Internet. He even came across a control system for a hydropower plant in France. Many of these devices do not even need to be connected to the Internet. Many companies buy complete control solutions that give them as much control as possible. In order, for example, to control a heating system by computer, the heating system is not connected directly to the control computer, but directly to a web server. The heating control is already accessible from the Internet. Hardly anyone thinks about safety here.

Shodan itself is mainly used for legal purposes. The search is limited to ten hits without an account and does not allow any personalization. Even with a free user account, Shodan is still limited to a few pages and does not show all entries. If you want to see everything, you have to submit more personal information, a letter of motivation and a fee. Shodan's primary users are security testers, researchers, and law enforcement officers. In addition, cyber criminals usually have access to botnets that provide them with the same information with fewer risks. Security experts try to use Shodan to inform affected operators and educate them about the weak points in the system. However, tens of thousands of devices, from printers to power plants, can still be attacked via the Internet.

Shodan - Google for Hackers

Because I'm always asked what the easiest way to invest in Bitcoin is: with the app relay It can be done in just a few steps and without complicated registration. Nobody has access to your Bitcoin except you. With the referral code REL 105548 Your fees will be reduced by 0,5%.

Psst, follow us inconspicuously!

More for you:

Support us!

 
"Dravens Tales from the Crypt" has been enchanting for over 15 years with a tasteless mixture of humor, serious journalism - for current events and unbalanced reporting in the press politics - and zombies, garnished with lots of art, entertainment and punk rock. Draven has turned his hobby into a popular brand that cannot be classified.

My blog was never designed to spread news, let alone get political, but with current affairs I just can't help but capture information here that is otherwise censored on all other channels. I am aware that the design page may not seem "serious" to many in this regard, but I will not change this to please the "mainstream". Anyone who is open to non-state-compliant information sees the content and not the packaging. I've tried enough to provide people with information over the last 2 years, but quickly noticed that it never matters how it's "packaged", but what the other person's attitude towards it is. I don't want to put honey on anyone's mouth to meet expectations in any way, so I'll keep this design because hopefully at some point I'll be able to stop making these political statements, because it's not my goal to go on like this forever ;) I leave it up to everyone how they deal with it. However, you are welcome to simply copy and distribute the content, my blog has always been under the WTFPL license.

It's hard for me to describe what I'm actually doing here, DravensTales has become a culture blog, music blog, shock blog, tech blog, horror blog, fun blog, a blog about found items on the internet, internet bizarre, trash blog, art blog, water heater, zeitgeist blog over the years , Scrap blog and grab bag blog called. Everything that is right ... - and yet not. The main focus of the blog is contemporary art, in the broadest sense of the word.

To ensure the operation of the site, you are welcome to Make a donation by credit card, Paypal, Google Pay, Apple Pay or direct debit/bank account. Many thanks to all readers and supporters of this blog!
 

Comment on

Your e-mail address will not be published. Required fields are marked with * marked

The following GDPR rules must be read and accepted:
This form collects your name, email address and content so that we can follow the comments on the website. You can find more information in our Privacy policy, in which you can find out where, how and why we store your data.

#Computer#The Internet#Technology#Knowledge

We are being censored!

Our content is now fully censored. The major search engines were asked to remove our articles from their results. Stay with us Telegram in touch or subscribe to our newsletter.


No thanks!