2018-10-01
Getting distracted on shodan
This morning I was looking on shodan for open remote desktop servers in the work network since RDP was mentioned as an attack vector in the latest GANDCRAP ransomware. Searching for '3389' on shodan found something completely different: an open industrial control system (ICS) for tankstation gauges.IN-TANK VOORRAAD TANK PRODUCT VOLUME TC VOLUME VULVOL HOOGTE WATER TEMP 1 UL 98 9757 9693 10283 939.2 0.0 20.09 2 EURO 2...According to The Internet of Gas Station Tank Gauges -- Take #2 - Rapid7 this was already a reported issue in January 2015 and according to their research it may be possible to do bad things with this access. The above is from a gas station I can find on google maps. Oh I found the way to search for open remote desktop servers on shodan: port:3389.