Termux ID: Shodan

Shodanwave is a tool for exploring and obtaining information from cameras specifically Netwave IP Camera. The tool uses a search engine called shodan that makes it easy to search for cameras online.
What does the tool to? Look, a list!

Search
Brute force
SSID and WPAPSK Password Disclosure
E-mail, FTP, DNS, MSN Password Disclosure
Exploit

This is an example of shodan wave running, the password was not found through raw force so the tool tries to leak the camera's memory. If the tool finds the password it does not try to leak the memory.

How to use?
To use shodanwave you need an api key which you can get for free at https://www.shodan.io/, then you need to follow the next steps.

Installation

$ cd /opt/
$ git clone https://github.com/fbctf/shodanwave.git
$ cd shodanwave
$ pip install -r requirements.txt

Usage

Usage: python shodanwave.py -u usernames.txt -w passwords.txt  -k Shodan API key --t OUTPUT
       python shodanwave.py --help 
         __              __                                   
   _____/ /_  ____  ____/ /___ _____ _      ______ __   _____ 
  / ___/ __ \/ __ \/ __  / __ `/ __ \ | /| / / __ `/ | / / _ \
 (__  ) / / / /_/ / /_/ / /_/ / / / / |/ |/ / /_/ /| |/ /  __/
/____/_/ /_/\____/\__,_/\__,_/_/ /_/|__/|__/\__,_/ |___/\___/ 
                                                              

This tool is successfully connected to shodan service
Information the use of this tool is illegal, not bad.

usage: shodanwave.py [-h] [-s SEARCH] [-u USERNAME] [-w PASSWORD] [-k ADDRESS]

optional arguments:
  -h, --help            show this help message and exit
  -s SEARCH, --search SEARCH
                        Default Netwave IP Camera
  -u USERNAME, --username USERNAME
                        Select your usernames wordlist
  -w PASSWORD, --wordlist PASSWORD
                        Select your passwords wordlist
  -k ADDRESS, --shodan ADDRESS
                        Shodan API key
  -l LIMIT, --limit LIMIT
                        Limit the number of registers responsed by Shodan
  -o OFFSET, --offset OFFSET
                        Shodan skips this number of registers from response
  -t OUTPUT, --output OUTPUT
                        Save the results

Attention
Use this tool wisely and not for evil. To get the best performece of this tool you need to pay for shodan to get full API access Options --limit and --offset may need a paying API key and consume query credits from your Shodan account.

Disclaimer
Code samples are provided for educational purposes. Adequate defenses can only be built by researching attack techniques available to malicious actors. Using this code against target systems without prior permission is illegal in most jurisdictions. The authors are not liable for any damages from misuse of this information or code.

References:

Shodan API search engine for Internet-connected devices.
Requests Requests: HTTP for Humans
Netwave Exploit Netwave IP Camera - Password Disclosure

Download Shodanwave

IP Linux Mac Netwave Passwords Python Shodan Shodanwave

Shodanwave - Exploring and Obtaining Information from Netwave IP Camera

Admin Thursday, December 14, 2017

A default credential scanner.

About
Getting default credentials added to commercial scanners is often difficult and slow. changeme is designed to be simple to add new credentials without having to write any code or modules.
changeme keeps credential data separate from code. All credentials are stored in yaml files so they can be both easily read by humans and processed by changeme. Credential files can be created by using the ./changeme.py --mkcred tool and answering a few questions.
changeme supports the http/https, mssql, mysql, postgres, ssh, ssh w/key, snmp, mongodb and ftp protocols. Use ./changeme.py --dump to output all of the currently available credentials.
You can load your targets using a variety of methods, single ip address/host, subnet, list of hosts, nmap xml file and Shodan query. All methods except for Shodan are loaded as a positional argument and the type is inferred.

Installation
changeme has only been tested on Linux and has known issues on Windows and OS X/macOS. Use docker to run changeme on the unsupported platforms.
Stable versions of changeme can be found on the releases page.
For mssql support, unixodbc-dev needs to be installed prior to installing the pyodbc.
PhantomJS is required in your PATH for HTML report screenshots.
Use pip to install the required python modules: pip install -r requirements.txt

Docker
A convenient way of running changeme is to do so inside a Docker container. You can run a pre-built container from Docker Hub, or build your own using the instructions below.

Run changeme in Docker

Download the container: docker pull ztgrace/changeme
Run the container: docker run -it ztgrace/changeme /bin/bash

Build from Dockerfile

Build the docker container: docker build -t changeme .
Run changeme from inside the container: `docker run -it changeme /bin/bash'

Usage Examples
Below are some common usage examples.

Scan a single host: ./changeme.py 192.168.59.100
Scan a subnet for default creds: ./changeme.py 192.168.59.0/24
Scan using an nmap file ./changeme.py subnet.xml
Scan a subnet for Tomcat default creds and set the timeout to 5 seconds: ./changeme.py -s 192.168.59.0/24 -n "Apache Tomcat" --timeout 5
Use Shodan to populate a targets list and check them for default credentials: ./changeme.py --shodan_query "Server: SQ-WEBCAM" --shodan_key keygoeshere -c camera
Scan for SSH and known SSH keys: ./changeme.py 192.168.59.0/24 --protocols ssh,ssh_key
Scan a host for SNMP creds using the protocol syntax: ./changeme.py snmp://192.168.1.20

Download changeme

changeme FTP Linux Mac MongoDB MSSQL Nmap Python Scanner Shodan SNMP SSH Telnet Tomcat Windows

changeme - A Default Credential Scanner

Admin Monday, October 16, 2017

Halaman

Social Items

Termux ID

Shodanwave - Exploring and Obtaining Information from Netwave IP Camera

changeme - A Default Credential Scanner