This is a little script i’ve knocked up to assist with testing payment portals and for annoying phishing bellends. it’s dead simple to run and use. View the code on Gist.
I emailed burp support for some help one an app i wanted to see what it was doing traffic wise…. This was their response. Some native apps use their own certificate trust store, and some implement certificate pinning to only trust specific server-side certificates. […]
Here is how I make the IP camera Playlists…. First download my nice script https://raw.githubusercontent.com/txt3rob/My-Shodan-Scripts/master/cams.py Edit cams.py API_KEY = “YOUR API KEY” Change this to your shodan api key from https://accounts.shodan.io ensure you have the python API installed. pip install shodan pip install requests once […]
You get the same XSS payload working on the same sites over and over… ignore the bottom 2 but this just highlights what can happen. Payload to be disclosed in 6 weeks.
Here is a scan from yesterdays shodan results. https://pastebin.com/6EqGy5eZ #EXTM3U #EXTINF:-0, CCTV – 220.127.116.11 – United States rtsp://18.104.22.168 #EXTINF:-0, CCTV – 22.214.171.124 – United States rtsp://126.96.36.199/live/ch00_0 #EXTINF:-0, CCTV – 188.8.131.52 – United States rtsp://184.108.40.206/live/ch00_0 #EXTINF:-0, CCTV – 220.127.116.11 – United States rtsp://18.104.22.168/live/ch00_0 #EXTINF:-0, CCTV – […]
Once Again here is a nice playlist of unsecure IP cameras from around the world. https://pastebin.com/raw/qjurbDjd #EXTM3U #EXTINF:-0, CCTV – 22.214.171.124 – Italy rtsp://126.96.36.199/live/ch00_0 #EXTINF:-0, CCTV – 188.8.131.52 – Spain rtsp://184.108.40.206/live/ch00_0 #EXTINF:-0, CCTV – 220.127.116.11 – Trinidad and Tobago rtsp://18.104.22.168 #EXTINF:-0, CCTV – 22.214.171.124 – […]