So Sup Forums

So Sup Forums,
do you think anyone gives a fuck if I scan the whole of Cuba for open SSH ports?

Other urls found in this thread:

zmap.io/documentation.html#output
bixnood.net
reddit.com/r/controllablewebcams
twitter.com/NSFWRedditImage

port scanning isn't a crime
exploitation and unauthorized access is, though

>whole of cuba's ssh ports
that's only like 16 ports

Yes, your isp

It isn't a crime, but that won't stop someone for suing you or filing charges for scanning open ports under attempts to unauthorized access. You honestly shouldn't use nmap unless you have permission to use it.

I'm actually more worried about my ISP being stupid about this.

Let's see how long this takes.

I portscanned my chinese CCTV recorder last night and there was an open telnet port, login admin:123456. Very clever.

Did you have a stroke or something?

did you mean sea ports?

Nope, that's actually a buttload. Did a quick sample yesterday, there's metric tons.

Always make sure you change default admin passwords for anything.

Chances are that I did too.

Also nice are the ones where you just bypass the login by adding the correct path to the url.

I changed the telnet password

However I suspect there are more options and logins spread throughout the webinterface and other hidden URLs, haven't checked them all since it seems that most stuff is hidden behind an ActiveX component, or other services like NFS

I got banned from my ISP scanning their whole network for open ports in 2001, I kid you not

There is probably some kind of service account still running.
I would advice you to not use cheap chinese CCTV boxes at all. Or at least do some more research on yours, might as well try to break into it for fun.

What prohibits you from just using Shodan?

As far as I can tell everything's run as the root user (that's what 'ps' tells me, anyways) but I haven't figured it out completely. Found the folder with the webinterface data, images, html but its run by some CGI service which I cannot identify from the process list. I will take another look eventually, it's not meant to be on a public network anyways.

Don't want to buy credits and I simply like to tinker with this myself and see how far I'm able to optimize the whole process.

Use a dedicated server for scanning, your own connection takes a shit if you try.

I got a reasonable beefy connection, but yeah I locked it up before. Easy remedy to this was just splitting the scan into bursts. Hasn't happened since then.

the cia

Try zmap. It's way faster.

I don't think they would care for me politely knocking on a single port once while sweeping some rather huge blocks.
Also I'm from a non fife-eyes country.

Considered that, would probably not make much of a difference because this isn't a 10GB uplink.
Considered masscann too.

Nmap has tor support, use vip72 if they blacklist tor
Or disable wifi password and blame someone else

Can zmap show up ports as they're found instead of waiting for the entire scan to finish like nmap?

That is my #1 usability complain with nmap

Always make sure you airgap all shitty networked devices

>waiting for the entire scan to finish like nmap?

Found this to be annoying too, resolved this by splitting my scans into parts that will complete in 5 minutes and then appending.

Because that other dude mentioned shodan.
Hilarious what you can find when you go for CCTV equipment or even plain old webcams.

You could autoscriptomate the whole thing and make a huge art installation out of CCTV/cam streams.

Does anyone know if that was done before?

>Can zmap show up ports as they're found
I'm not positive about this but I think it can be done through fiddling with the output fields.
zmap.io/documentation.html#output

Plz no hack Cuba D':

>do you think anyone gives a fuck if I scan the whole of Cuba for open SSH ports?
Please don't. You'd be too hardcore

just curious never used nmap broadly, how would you target a specific type like CCTV or webcams? searching for specific protocols/ports? or even manufactures?

isnt there already a full /24 scan available somewhere? or was done atleast
pretty sure they provided some website to access it

a mixture of checking default ports and what the webinterface looks like, would be my guess

a lot of chinese cctv systems use a Busybox HiLinux system, yet they have different URL schemas that point to the video source(s), but many are the same across devices or even manufacturers

somewhat and version detection features.

The main headache is cobbling something together thats efficient and won't just hammer a few machines for minutes.

There used to be threads of people finding and sharing unsecured network cams ip's, much like the open network printer threads. IIRC not much interesting ever happened but then not much interesting ever does. Not sure about art installations but at one stage there were websites which listed and tracked them.

>not much interesting happened
Yep, I remember these threads. Reason was these were mostly CCTV in companies or stores etc.

Some months ago ALDI(Germany) sold thousands of vulnerable webcams, these were a lot more interesting. Just google it, was quite the happening there, even made it on the news.

Have you been bothered to change your default user agent yet?

Join the club of a bajillion other people who scan netblocks pointlessly. They usually do telnet though, pic related.

>firewall.ad.bixnood.net

The short answer is of course ya dingus.

I just knock on 22, no user agent involved.

I guess.

>his router only support a handful of simultaneous connections
what a fag

Its a internal DNS name you retard. Did you not noticed the .ad. part? Also my IP is listed in there which somehow you managed to not notice even though it is on nearly every syslog line.

It just made me laugh, where did I say it wasn't an internal DNS name?

>full /24 scan
oh shit he scanned 254 addresses

interesting read

I assumed you were point it out as if it was some kind of secret. My bad. bixnood.net

Why Cuba?

Manageable size mainly.

To be more exact:
5.101.221.128-5.101.221.255
104.224.20.0-104.224.20.255
152.206.0.0-152.207.255.255
169.158.0.0-169.158.199.255
169.158.201.0-169.158.255.255
181.215.135.48-181.215.135.63
181.225.224.0-181.225.255.255
190.6.64.0-190.6.95.255
190.15.144.0-190.15.159.255
190.92.112.0-190.92.127.255
190.107.0.0-190.107.15.255
196.1.112.0-196.1.112.255
196.1.135.0-196.1.135.255
196.3.152.0-196.3.152.255
200.0.16.0-200.0.16.255
200.0.24.0-200.0.27.255
200.5.12.0-200.5.15.255
200.13.144.0-200.13.151.255
200.14.48.0-200.14.55.255
200.55.128.0-200.55.191.255
201.220.192.0-201.220.223.255

True, not a lot of internet connections. My parents are actually Cuban, shitty place haha.

u should of been jailed

oh, you're the attention whore who kept autistically trying to sound smart on lolcow with buzzwords

>Cisco ASA
How do you like the NSA rootkits?

use zmap instead, it's built for doing a whole load of machines at once.

Is it true there are people going around with all kinds of pirated stuff on large harddrives because there's so little broadband connections?

253

yup
I dl some hd porn for them

>I wish I had equipment nice enough for the NSA to care about it

yes. I almost forgot about that site, thanks for reminding me, i'll shitpost there more often.

How much did you get your ASA for? I'm about to start CCNA Security

A couple hundred on ebay iirc. A 1GB RAM upgrade and 2.6? Ghz cpu for a few bucks more; it uses a Pentium 4.

Also I dont know if you care but the 5510 has 4 GbE ports but 2 are locked to 100Mbit, if you want full GbE on all ports you need one of the higher models because of the Cisco jews.

--max-hostgroup 1

are you retard???

I'm talking about port scanning a single host

I want the open ports on that host to show up as as they're found, rather than waiting for all 1000 ports to be scanned before displaying the table

I know Sup Forums hates reddit, but...
reddit.com/r/controllablewebcams

Have fun :D

Then zmap is not the best choice as it can only scan one port per scan.