IoT This Week Video | Episode 23.1

Listen on Google Play Music

 

Quick video on a small enhancement to Firmwalker so that any certificate files discovered will be run against OpenSSL. If successful, the certificate serial number will be output for use with the Shodan search engine.

So something like this in Shodan to reveal how many devices are running the same certificate.

ssl.cert.serial:BA15F761DBB7B2B7

An interesting side note on this particular certificate, the total results in Shodan seems to be decreasing lately so maybe there is some kind of update going for these devices. There are around 90k device showing on Shodan, there were over 700k a little over a year ago.

4-8-17 Update: Another interesting tidbit, Bricker Bot is attacking IoT devices with much love for Ubiquiti devices. Makes one wonder if the slow decrease in numbers of these Ubiquitu devices on Shodan with this particular certificate serial number is due to the bot attack?