{"uuid": "a5e377cd-9d70-4498-800a-afe33aed12e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2015-3306", "type": "published-proof-of-concept", "source": "https://t.me/lostsec/193", "content": "SHODAN DORK: \nwebcamXP/webcam7:\n(\"webcam 7\" OR \"webcamXP\") http.component:\"mootools\" -401\n\nSome Webcams(SQ Webcams?):\nServer: SQ-WEBCAM\n\nYawcam Webcams:\n\"Server: yawcam\" \"Mime-Type: text/html\"\n\nSurveillance Cams:\nServer: uc-httpd 1.0.0\nNETSurveillance uc-httpd\nSurveillance cams with admin:admin or admin:(none) creds\n\nHikvision Cameras:\nproduct:\"Hikvision IP Camera\"\nLink for Hikvision backdoor here: https://ipvm.com/reports/hik-exploit\n\nGeneric dork for finding cameras:\ntitle:camera\n\nGeneric dork for finding cameras (with screenshots):\nwebcam has_screenshot:true\n\nDahua Cameras:\nhttp.title:\"WEB VIEW\"\n\nSome random webcams:\nhttp.title:\"Webcam\"\n\nVulnerable Services / Servers\n\nEternalBlue SMB RCE:\nos:\"Windows 10 Home 19041\n\nProFTPD 1.3.5 (mod_copy exec; CVE-2015-3306) :\n\"220 ProFTPD 1.3.5\"\n\nAnonymous FTP Login #1:\n\"230 User anonymous\"\n\nAnonymous FTP Login #2:\n\"220\" \"230 Login successful.\" port:21\n\nAlready Logged-In as root via Telnet:\n\"root@\" port:23 -login -password -name -Session\n\nNo password for Telnet Access:\nport:23 console gateway\n\nOther Services that you can find\n\nOpenSSH:\nopenssh port:22\n\nLogitech Media Servers:\n\"Server: Logitech Media Server\" \"200 OK\"\n\nJenkins Unrestricted Dashboard:\nx-jenkins 200\n\nMySQL:\n\"product:MySQL\"\n\nMongoDB #1:\nmongodb port:27017\n\nMongoDB #2:\nproduct:\"MongoDB\"\n\nInteresting Things that you can find on Shodan\n\nRDP/VNC's WITHOUT AUTH:\n\"authentication disabled\" \"RFB 003.008\"\nremote desktop \"port:3389\"\n\nXZERES Wind Turbines:\ntitle:\"xzeres wind\"\n\ntitle:\"IP CAMERA Viewer\" Content-Length: 703\n\nMikroTik Routers:\nport:8291 os:\"MikroTik RouterOS 6.45.9\"\n\nMinecraft Servers:\n\"Minecraft Server\" \"protocol 340\" port:25565\n\nSmart TVs:\n\"Chromecast:\" port:8008\n\nMaritime Satellites:\n\"Cobham SATCOM\" OR (\"Sailor\" \"VSAT\")\nReal-time location of ships via satelite\n\nTesla PowerPack Charging Status Page:\nhttp.title:\"Tesla PowerPack System\" http.component:\"d3\"\n\nSamsung Electronic Billboards:\n\"Server: Prismview Player\"", "creation_timestamp": "2024-03-20T08:50:27.000000Z"}