Commit 42d07fc3 authored by Jake Jarvis's avatar Jake Jarvis 馃惣

shodan post more links

parent fbcc5d00
......@@ -56,7 +56,7 @@ The world and its devices are quickly becoming more connected through the shiny
![Example: Electronic Billboards](images/billboard2.png)
### Gas Station Pump Inventories [→](https://www.shodan.io/search?query=%22in-tank+inventory%22+port%3A10001)
### Gas Station Pump Controllers [→](https://www.shodan.io/search?query=%22in-tank+inventory%22+port%3A10001)
```
"in-tank inventory" port:10001
......@@ -109,14 +109,14 @@ http.title:"Tesla PowerPack System" http.component:"d3" -ga3ca4f2
```
### Nordex Wind Turbine Farms [→](https://www.shodan.io/search?query=http.title%3A%22Nordex+Control%22+%22Windows+2000+5.0+x86%22+%22Jetty%2F3.1+%28JSP+1.1%3B+Servlet+2.2%3B+java+1.6.0_14%29%22)
### [Nordex Wind Turbine](http://www.nordex-online.com/en/products-services/wind-turbines.html) Farms [→](https://www.shodan.io/search?query=http.title%3A%22Nordex+Control%22+%22Windows+2000+5.0+x86%22+%22Jetty%2F3.1+%28JSP+1.1%3B+Servlet+2.2%3B+java+1.6.0_14%29%22)
```
http.title:"Nordex Control" "Windows 2000 5.0 x86" "Jetty/3.1 (JSP 1.1; Servlet 2.2; java 1.6.0_14)"
```
### [C4 Max](https://www.mobile-devices.com/our-products/c4-max/) Vehicle GPS Trackers [→](https://www.shodan.io/search?query=%22%5B1m%5B35mWelcome+on+console%22)
### [C4 Max](https://www.mobile-devices.com/our-products/c4-max/) Commercial Vehicle GPS Trackers [→](https://www.shodan.io/search?query=%22%5B1m%5B35mWelcome+on+console%22)
```
"[1m[35mWelcome on console"
......@@ -125,7 +125,7 @@ http.title:"Nordex Control" "Windows 2000 5.0 x86" "Jetty/3.1 (JSP 1.1; Servlet
![Example: C4 Max Vehicle GPS](images/c4max.png)
### DICOM Medical X-Ray Machines [→](https://www.shodan.io/search?query=%22DICOM+Server+Response%22+port%3A104)
### [DICOM](https://www.dicomstandard.org/about/) Medical X-Ray Machines [→](https://www.shodan.io/search?query=%22DICOM+Server+Response%22+port%3A104)
Secured by default, thankfully, but these 1,700+ machines still [have no business](https://documents.trendmicro.com/assets/rpt/rpt-securing-connected-hospitals.pdf) being on the internet.
......@@ -282,7 +282,7 @@ PBX "gateway console" -password port:23
```
### Polycom Video Conferencing [→](https://www.shodan.io/search?query=http.title%3A%22-+Polycom%22+%22Server%3A+lighttpd%22)
### [Polycom](https://www.polycom.com/hd-video-conferencing.html) Video Conferencing [→](https://www.shodan.io/search?query=http.title%3A%22-+Polycom%22+%22Server%3A+lighttpd%22)
```
http.title:"- Polycom" "Server: lighttpd"
......@@ -297,7 +297,7 @@ Telnet Configuration: [→](https://www.shodan.io/search?query=%22Polycom+C
![Example: Polycom Video Conferencing](images/polycom.png)
### Bomgar Help Desk Portal [→](https://www.shodan.io/search?query=%22Server%3A+Bomgar%22+%22200+OK%22)
### [Bomgar Help Desk](https://www.beyondtrust.com/remote-support/integrations) Portal [→](https://www.shodan.io/search?query=%22Server%3A+Bomgar%22+%22200+OK%22)
```
"Server: Bomgar" "200 OK"
......@@ -402,14 +402,14 @@ Redirecting sencha port:9000
![Example: Logitech Media Servers](images/logitech.png)
### Plex Media Servers [→](https://www.shodan.io/search?query=%22X-Plex-Protocol%22+%22200+OK%22+port%3A32400)
### [Plex](https://www.plex.tv/) Media Servers [→](https://www.shodan.io/search?query=%22X-Plex-Protocol%22+%22200+OK%22+port%3A32400)
```
"X-Plex-Protocol" "200 OK" port:32400
```
### PlexPy / Tautulli Dashboards [→](https://www.shodan.io/search?query=%22CherryPy%2F5.1.0%22+%22%2Fhome%22)
### [Tautulli / PlexPy](https://github.com/Tautulli/Tautulli) Dashboards [→](https://www.shodan.io/search?query=%22CherryPy%2F5.1.0%22+%22%2Fhome%22)
```
"CherryPy/5.1.0" "/home"
......@@ -531,7 +531,7 @@ ssl:"Xerox Generic Root"
```
### Crestron Smart Home Controllers [→](https://www.shodan.io/search?query=%22Model%3A+PYNG-HUB%22)
### [Crestron Smart Home](https://www.crestron.com/Products/Market-Solutions/Residential-Solutions) Controllers [→](https://www.shodan.io/search?query=%22Model%3A+PYNG-HUB%22)
```
"Model: PYNG-HUB"
......@@ -570,7 +570,7 @@ http.title:"Index of /" http.html:".pem"
```
### Literally Everything in North Korea 馃嚢馃嚨 [→](https://www.shodan.io/search?query=net%3A175.45.176.0%2F22%2C210.52.109.0%2F24)
### Literally [Everything](https://www.vox.com/2014/12/22/7435625/north-korea-internet) in North Korea 馃嚢馃嚨 [→](https://www.shodan.io/search?query=net%3A175.45.176.0%2F22%2C210.52.109.0%2F24)
```
net:175.45.176.0/22,210.52.109.0/24,77.94.35.0/24
......@@ -579,7 +579,7 @@ net:175.45.176.0/22,210.52.109.0/24,77.94.35.0/24
### TCP Quote of the Day [→](https://www.shodan.io/search?query=port%3A17+product%3A%22Windows+qotd%22)
[RFC 865](https://tools.ietf.org/html/rfc865) has a [bizarre history](https://en.wikipedia.org/wiki/QOTD)...
Port 17 ([RFC 865](https://tools.ietf.org/html/rfc865)) has a [bizarre history](https://en.wikipedia.org/wiki/QOTD)...
```
port:17 product:"Windows qotd"
......
[build]
command = "hugo --gc"
publish = "public/"
[context.production.environment]
HUGO_VERSION = "0.53"
HUGO_ENV = "production"
HUGO_ENABLEGITINFO = "true"
[[headers]]
# Define which paths this specific [[headers]] block will cover.
for = "/*"
[headers.values]
Cache-Control = "max-age=3600, public"
X-Frame-Options = "SAMEORIGIN"
X-XSS-Protection = "1; mode=block; report=https://jarvis.report-uri.com/r/d/xss/enforce"
Content-Security-Policy = "default-src 'none'; script-src 'self' stats.jarv.is 'sha256-QwZM+dNl2R1KcXo8ORmpT3mqAVwIBbEcJBmWYurBNv4='; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; object-src 'self'; media-src 'self'; base-uri 'none'; form-action 'self'; frame-src 'self'; frame-ancestors 'self'; worker-src 'none'; connect-src 'self' jarvis.report-uri.com stats.jarv.is; upgrade-insecure-requests; report-uri https://jarvis.report-uri.com/r/d/csp/enforce; report-to default"
Report-To = "{\"group\":\"default\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://jarvis.report-uri.com/a/d/g\"}]}"
NEL = "{\"report_to\":\"default\",\"max_age\":604800}"
X-Content-Type-Options = "nosniff"
Referrer-Policy = "same-origin"
X-DNS-Prefetch-Control = "off"
X-UA-Compatible = "IE=edge"
X-Permitted-Cross-Domain-Policies = "none"
Feature-Policy = "accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; sync-xhr 'none'; payment 'none'; usb 'none'; vr 'none'"
# Content-Type and Cache-Control
[[headers]]
for = "*.ico"
[headers.values]
Content-Type = "image/x-icon"
Cache-Control = "max-age=604800, public"
[[headers]]
for = "*.svg"
[headers.values]
Content-Type = "image/svg+xml"
Cache-Control = "max-age=2628000, public"
[[headers]]
for = "*.ttf"
[headers.values]
Content-Type = "font/ttf"
Cache-Control = "max-age=2628000, public"
[[headers]]
for = "*.otf"
[headers.values]
Content-Type = "font/otf"
Cache-Control = "max-age=2628000, public"
[[headers]]
for = "*.eot"
[headers.values]
Content-Type = "application/vnd.ms-fontobject"
Cache-Control = "max-age=2628000, public"
[[headers]]
for = "*.woff"
[headers.values]
Content-Type = "font/woff"
Cache-Control = "max-age=2628000, public"
[[headers]]
for = "*.woff2"
[headers.values]
Content-Type = "font/woff"
Cache-Control = "max-age=2628000, public"
[[headers]]
for = "*.xml"
[headers.values]
Content-Type = "text/xml"
Cache-Control = "max-age=3600, public"
[[headers]]
for = "*.mp4"
[headers.values]
Content-Type = "video/mp4"
Cache-Control = "max-age=604800, public"
[[headers]]
for = "*.webm"
[headers.values]
Content-Type = "video/webm"
Cache-Control = "max-age=604800, public"
[[headers]]
for = "*.docx"
[headers.values]
Content-Type = "application/vnd.openxmlformats-officedocument.wordprocessingml.document"
Cache-Control = "max-age=604800, public"
[[headers]]
for = "*.pdf"
[headers.values]
Content-Type = "application/pdf"
Cache-Control = "max-age=604800, public"
[[headers]]
for = "*.css"
[headers.values]
Cache-Control = "max-age=604800, public"
[[headers]]
for = "*.js"
[headers.values]
Cache-Control = "max-age=604800, public"
[[headers]]
for = "*.jpg"
[headers.values]
Cache-Control = "max-age=604800, public"
[[headers]]
for = "*.png"
[headers.values]
Cache-Control = "max-age=604800, public"
[[headers]]
for = "*.gif"
[headers.values]
Cache-Control = "max-age=604800, public"
[[headers]]
for = "/jarvis.asc"
[headers.values]
Content-Type = "text/plain; charset=utf-8"
Content-Disposition = "inline; filename=\"jarvis.asc\""
Cache-Control = "max-age=0, no-store, no-cache, must-revalidate"
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment