Revolver and the VNC app: Imagine you have the keys to the internet. Within a minute you could see from a developer's console their Windows, to a school principal's email inbox, or a Facebook profile account, to a receptionist's desktop in a pediatrician's office, which is filled with patient names, addresses, dates of birth, and phone numbers.
It's a whole new meaning to the "open" internet, and you certainly don't want to be on the victim side.
Can this be done? Thousands of screenshots have been collected and uploaded to the website called VNC Roulette, proves that everything is possible on the internet.
All the PC photos displayed on the site have one audience: running VNC, an open source software that allows users to remotely access and control a desktop from anywhere in the world. However, if the VNC is set up without a password, anyone can scan the internet and access those computers.
A hacker, therefore, began to look at how many unsafe computers are available on the internet. The name he uses on the internet is Revolver and is a gray-hat hacker from Morocco.
"This is deep f**k", ανέφερε σε ένα message τη Δευτέρα. "Έχω πρόσβαση σε sysadmin σε κουτιά, και μεγάλα μηχανήματα με ευαίσθητα δεδομένα. Δεν υπάρχει καμία ασφάλεια."
Revolver created a script that switches IP addresses and picks ports when trying to connect to servers using VNC. When the script discovers an available connection that does not require authentication, it pulls one photo, and forward to a different IP address.
After thousands of successful links, there are about 23 gigabytes of vulnerable screenshots, and they are posted on the VNC Roulette website.
Ο Revolver συνειδητοποίησε γρήγορα ότι υπάρχουνε χιλιάδες επιτραπέζιοι υπολογιστές - Windows, Mac, ακόμη και Linux, και εκατοντάδες pictures from potentially highly sensitive data from SCADA control systems commonly used in industrial facilities.
He explained that uninterrupted access to thousands of desktops is not due to a defect or vulnerability in the design of the VNC application. It is the result of users' absolute indifference to using a basic security setting.
"Μόλις εγκαταστήσετε ένα διακομιστή VNC, θα εμφανιστεί ένα f ** king μεγάλο μήνυμα που αναφέρει ότι θα πρέπει να εισάγετε ένα κωδικό πρόσβασης για την ασφάλεια σας. Και οι περισσότεροι άνθρωποι δεν εισάγουν αυτό τον κωδικό πρόσβασης" αναφέρει ο ερευνητής.
Shodan.io, is one searching machine για συσκευές του internet of things. Έγινε γνωστή προβάλλοντας εικόνες από χιλιάδες κάμερες διαδικτύου που χρησιμοποιούν προεπιλεγμένους κωδικούς πρόσβασης. Αν και έχει επικριθεί από ορισμένους, μερικοί άλλοι την αναφέρουν σαν το "απόλυτο παράδειγμα" για το τι μπορεί να συμβεί σε συσκευές που δεν είναι ασφαλισμένες.
A rushed search on the default VNC port (5900 or 5901) will show you hundreds if not thousands of different snapshots that you can map to geo-location.
