Shodan. The website banner says it best.
I've been using this out of curiosity for a number of weeks now having read about it previously. I've also included it in a presentation I gave to my work colleagues on security and showing why good security could be a must. I ended this presentation with a screenshot of a MongoDB installation from a foreign educational establishment, 1.4Tb in size and with anonymous access. This screenshot also contained (redacted) information from the installation containing super administrator privileges for their CMS.
Anyway, this is going to be screenshot heavy. I'll be censoring addresses and any identifiable information and I'll drop the people an email alerting them to the fact everything is open.
So firstly, MongoDB is a document storage engine that stores information in binary json format.
So lets search for mongoDB on Shodan and see what we find.
Well thats not a huge database, but if they've left mongo open, what else is there?
So, Shodan tells me IIS is running on port 80. Interesting, seems that if its running Windows they MIGHT be running RDP on there....oh look. 3389.
Mongo and the mongo status pages are also available.
Cat pictures? I hope so, or that's a lot of unsecured data!
I could go on for days.
Have a look for RDP servers, PostgreSQL installs, IRC servers.
This also shows how bad security can bite anyone. Make sure that IPTables are set in such a way so that it only connects to devices that SHOULD have access to them, at the very least use a username and password to add a layer of security.
More will follow.....