Quick video on a small enhancement to Firmwalker so that any certificate files discovered will be run against OpenSSL. If successful, the certificate serial number will be output for use with the Shodan search engine.
So something like this in Shodan to reveal how many devices are running the same certificate.
An interesting side note on this particular certificate, the total results in Shodan seems to be decreasing lately so maybe there is some kind of update going for these devices. There are around 90k device showing on Shodan, there were over 700k a little over a year ago.
4-8-17 Update: Another interesting tidbit, Bricker Bot is attacking IoT devices with much love for Ubiquiti devices. Makes one wonder if the slow decrease in numbers of these Ubiquitu devices on Shodan with this particular certificate serial number is due to the bot attack?
Short on time? Subscribe to the IoT This Week Newsletter for weekly email updates on interesting stories from IoT, InfoSec and Tech world.
Follow @iotthisweek on twitter for the latest tweets on interesting stories.
Contact: @craigz28 on twitter or via email at [email protected]