Revolver and the VNC app: Imagine having the wrenches of the Internet. In a minute you could see from a Windows developer's console, to a school principal's email inbox, or a Facebook profile account, to a receptionist's desktop in a pediatrician's office, which is filled with patient names, addresses, dates of birth, and telephone numbers.
It's a whole new meaning on the "open" internet, and you certainly wouldn't want to be on the victim side.
Can this be done? Thousands of screenshots have been collected and uploaded to the website called VNC Roulette, proves that everything is possible on the internet.
All the PC photos displayed on the site have one audience: running VNC, an open source software that allows users to remotely access and control a desktop from anywhere in the world. However, if the VNC is set up without a password, anyone can scan the internet and access those computers.
A hacker, therefore, began to look at how many unsafe computers are available on the internet. The name he uses on the internet is Revolver and is a gray-hat hacker from Morocco.
“This is deep f**k”, ανέφερε σε ένα μήνυμα τη Δευτέρα. “Έχω πρόσβαση σε sysadmin σε κουτιά, και μεγάλα μηχανήματα με ευαίσθητα δεδομένα. Δεν υπάρχει καμία better safety. "
Revolver created a script that switches IP addresses and selects ports trying to connect to servers using VNC. When the script discovers an available connection that does not require authentication, pulls a photo, and proceeds to a different IP address.
After thousands of successful connections, there are about 23 gigabytes screenshots of vulnerable systems, and have been posted on the VNC Roulette website.
Revolver quickly realized that there are thousands of desktops – Windows, Mac, even Linux, and hundreds of images of potentially highly sensitive data from systems control SCADA which are usually used in industrial facilities.
He explained that his unfettered access to thousands of desktops was not due to a flaw or vulnerability in the planning of the VNC application. It is the result of users' complete indifference to using a basic security setting.
"Once you install a VNC server, a f ** king large message will appear stating that you need to enter a password for your security. And most people do not enter this password, "says the researcher.
Shodan.io is a search engine for internet of things devices. It became famous by displaying images from thousands of webcams that use default passwords. Although criticized by some, others cite it as the "ultimate example" of what can happen to uninsured devices.
A rushed search on the default VNC port (5900 or 5901) will show you hundreds if not thousands of different snapshots that you can map to geo-location.
