IT System Security Lab Experiment 04

B. Tech CSF-CSE Semester III Course: IT Systems & Physical Security Code: CSSF 2109

By: Mr. Keshav Kaushik

Lab Objective: Find vulnerabilities in Live IoT devices on Internet

Tools:
 Web Browser
 Shodan
 Netcraft

IoT Devices or Internet of Things (IoT) is a system of interrelated computing devices, mechanical and digital
machines, objects, animals or people that are provided with unique identifiers (UIDs) and the ability to transfer data
over a network without requiring human-to-human or human-to-computer interaction.

Shodan is an IoT search engine, indexes nearly every device connected to the Internet. Displays as easy-to-search
database, giving hackers access to vulnerable devices online across the globe, you can search its database via its
website or command-line library.

Netcraft provides details regarding Site/Domain reputation, Cybercrime Trends, Phishing (Countries, Hosters, Map,
Bad Certificates for SSL), Popular Web sites, Takedown Map.

Steps to perform:

1. Using SHODAN: Open Web Browser  www.shodan.io and Login to Shodan (free account)

2. Search keywords in Shodan browser for IoT sources  washing machine, watch, music, IP webcam, webcam,
printer, traffic controller, Netflix
3. E.g. Search  VSAT port 80

4. Open IP Addresses listed and check if the devices are LIVE  (Ping and Tracert) to detect the availability.
Note  if PING/ICMP is blocked, you’ll get request timed out.

5. Copy the IP from the Shodan List and open it as per the ports mentioned in your web browser.

6. Open the IP  http://104.155.111.206/#diagnostics

7. Check if you can reach to the device admin page

8. Default username and passwords of some of the most widely used webcams below OR search for Setup Guide
of that device on Google.

ACTi: admin/123456 or Admin/123456 Panasonic: admin/12345

Axis (traditional): root/pass, Samsung Electronics: root/root or admin/4321
Axis (new): requires password creation during Samsung Techwin (old): admin/1111111
first login Samsung Techwin (new): admin/4321
Cisco: No default password, requires creation Sony: admin/admin
during first login TRENDnet: admin/admin
Grandstream: admin/admin Toshiba: root/ikwd
IQinVision: root/system Vivotek: root/<blank>
Mobotix: admin/meinsm WebcamXP: admin/ <blank>

9. Using Netcraft: open https://toolbar.netcraft.com/

10. Search about any web site’s reputation  https://toolbar.netcraft.com/site_report

11. Report a Phishing Web site or domain  https://report.netcraft.com/report
12. Find out Phishing Trends:
a. Top Phishing Leaders  https://report.netcraft.com/stats/leaderboard
b. Phishing Map  https://trends.netcraft.com/cybercrime/map
c. Maximum Phishing Incidents  https://trends.netcraft.com/cybercrime/countries
d. Most Popular Web Sites  https://toolbar.netcraft.com/stats/topsites

Examples
 http://86.47.227.216:81/top.htm?Currenttime=2015-08-19%2005:28:15
 http://144.92.207.90/top.htm?Currenttime=2016-01-24%2023:17:13
 http://128.103.101.254/top.htm?Currenttime=2012-02-06%2017:47:04

Lab #04 File Work:

IP Address Device Open Ports Geolocation Mode/Make Product Version Admin Password
103.140.95. Washin 80,123,443 HAMS null 3(0x2) -
103 g ,554, Garments
Machin 2000,5000, Ltd,
e 37777 Narsingdi,B
angladesh
164.92.89.1 Watch 22,80,443 DigitalOcea null 3(0x2) -
9 n,LLC,Atlant
ic City, US
140.238.31. Netflix 53,80,443, Oracle null 3(0x2) -
49 5353, 8080 Public
Cloud,
 Seoul,
Republic of
Korea
210.18.156. Video 80, 123, Chennai,Ind Dahua DVR Version: 3.1.0.2 -
226 recorde 443, 554, ia 87503
r 5000,
37777

178.154.22 Open 80 Latitude SSH-2.0- Ubuntu-4ubunt -

6.199 SSH 443 55.75222 OpenSSH_ u0.4
Server 3001 Longitude 8.2p1
3306 37.61556
33060
Moskva
121.182.87. Camera 90 Gyeonggi- Hikvision IP 4.0.1 -
99 554 do Camera
Korea
114.215.74. Printer 11,13,15,1 Shandong Toshiba e- 3(0x2) -
123 7,19,23,25, STU
26….
42.113.147. Web 82 Viet Nam Vision DVR Mac Version: 1. -
162 Cam 0.0.1