KW1304 – Cutting the Cable

Sep 25
KW1304 – Cutting the Cable

This week Knightwise talks about cutting the cable and some thoughts about what this could mean for not just your pocketbook, but also your sanity. There are tons of places you can get content that you source and curate yourself. Come join us to hear about a few.

Producer’s note: Originally recorded in 2017, but not originally aired in KW Season 12.

Links

Credits

Related Posts

Subscribe in iTunes Subscribe to our RSS feed Subscribe in Miro Download this episode

Posted by in Podcasts | Leave a comment: 0

Google Hacking Week : Find webcams, mediacenters and more with Inurl

Feb 27

Today on our Google Hacking week, we continue to use the Google search engine as a source for interesting information. In our  previous posts we talked about finding and downloading certain kinds of files but today we are on the lookout for “juicy devices”. 

The theory is quite simple : Most appliances like webcams, routers, copiers and more have web interfaces. A lot of different applications and services can also be controlled by a web interface. It’s easy and convenient when you can use the browser on your computer to configure and watch your webcam or change settings on your router while on your local lan. But what if those devices are hooked up directly to the internet ? 

Any device that gets connected directly to the internet is at some point scanned and indexed by Google and if you enter the right search term you will be able to find it. The way we are looking for those devices and services today is by using the INURL option. Some web interfaces (to your router or webcam) have a very specific way their URL looks. By searching for those specific url types with the INURL option.. you can find some very cool stuff. If people have done their homework most of these services will be blocked by a unique login or password. But some people just use the default password … or even none at all.

Let us take you an a walk through the net with some very specific INURL Google Dorks.

  • inurl:ViewerFrame?Mode= 
    • This one will get you some interesting webcams (some you can even control with your mouse). Look around and see if you can find the Giraffe Cam.
  • inurl:view/view.shtml
    • More network camera’s here. This one is in some dorm/college. You can control the zoom and the direction of the camera.
  • inurl:”:10000″ intext:”webmin”
    • Remember we talked about WEBMIN ? This will give you a list of all webmin servers connected directly to the internet. most of them are protected by a password (we hope) .. but common usernames like ROOT and some generic passwords might get you in. 
  • inurl:”32400/web/index.html#!/dashboard”
    • This will get you a list of PLEX media servers where people can store music and movies to watch on any device (even across the internet). Most of them are locked down with a login/password. Some of them … are not. Happy streaming.

webvammies

So you see : there are quite a few webservices out there that are inadvertently open to the indexing power of Google. Some clever searching and you can find them.

We close off by going by to our camera in the student dorm. Where is this ?  A simple ping of the url gives us the following IP :  138.25.6.37 and by going to Whereisthisip.net we find out that its Sydney Australia. Its THAT simple.

Puzzling information together.

This might all look like fun and games, but badly secured devices are dangerous. Whether you have weirdo’s peeking through your accidentally-publicly-connected Ip camera, or random people printing out documents on your www-connected printer.. its never good. Using the Domain name, the IP and the registration information of the domain people can quickly find out where and even WHO you are. If you skip good security and don’t use passwords (or default passwords) .. it does not bode well for you. Hackers even use the INURL search to find specific webservers/services with vulnerabilities. All they then need to do is run some code to take advantage of the exploit .. and they are in. Hackers don’t NEED to search for your open Webmin server with the buggy (and vulnerable) version of the http code .. Google did it for them.

Related Posts

Posted by in Knightlife | Leave a comment: 0

Privacy week : Be careful what you share.

Feb 08

 We close up privacy week with this little awareness video. We talked about how the bad guys can sniff and snoop, and how you can protect your traffic by using our tips and tricks. There is however ONE factor we cannot do anything about .. and that is about YOUR behaviour. Privacy is not only about what you keep a secret .. its also about what you choose to share. Below is a little Belgian social media awareness video (I’m pretty proud about the Belgian Part) that will make you see how “trivial” information can be “correlated” into something quite .. Scary …. Beware of what you share ! 

Related Posts

Posted by in Knightlife | Leave a comment: 0

Control auto-starting applications on your Android device (or Android media center)

Jan 04

The MK802 is just one example of Android “hopping over” to more different kinds of devices then the phones and tablets it was designed for. In essence the MK802 is a little computer that comes with a couple of USB ports and an HDMI port so you can hook it up to any TV/Monitor and instantly turn that machine into a ‘smartscreen’. With devices like the MK802, you can easily turn your television into a media center using applications like PLEX or Boxee who let your Android ‘stick’ become your media front end.

startup_manager_android_2

The only thing that is missing is that those applications should ‘start up’ automatically whenever your android device of choice boots. In order to make that work we found the free app called “Startup Manager” (how DO they come up with these original names). 

You can either tweak your Android device by removing applications that run on startup (nice way to clean out some branded cruft) OR add some auto starting applications of your own. (perfect for launching VLC, Boxee or Plex at bootup). 

Startup manager is free, does not require root and is available in the Android Marketplace.

Related Posts

Posted by in Knightlife | Leave a comment: 0

Turn Plex into the heart of your media consumption setup.

Dec 17

If there is one thing I love, then it’s performing acts of Blasphemy 🙂 Strickly technological blasphemy of course. The kind that makes operating system makers, virtual shopkeepers and DRM overlords grasp the few stray hairs on their balding heads and cry out “Blasphemy” into the digital night. To be frank : I love it to make tech do things it wasn’t supposed to.

With our Mac Mini as a central mediahub in our house, it holds all the movies and TV shows that I love to watch, and hidden deeply behind the magical fairy dust that is the Itunes library, lie hidden all my songs. Locked away in a proprietary cloud of pixy poo. 

Around the house we have several devices lying around depicting both the Cupertinian Apple, The green android goblin or boast a bold penguin. The owners of these devices have long ago banished the television from its monopolistical rule of the entertainment empire. These masters would like to consume any content, anywhere on any device. Wether this be Android, IOS, Linux or even Windows .. They would like to watch and listen to anything, anywhere .. and if possible, pickup on one device where they left of on the other.

I have done a podcast about these shenanigans once before (Remember KC0057 : Cross platform Streaming ) where I used a combination of XBMC and DLNA to get things where I wanted them to go. However technology is always on the move and there is always something better on the horizon.

Today I have been playing around with Plex. A central media hub that takes all of the content you have at your disposal (Audio or video) and “streams” that towards any connected device in the house. (Tablets, Phones and embedded devices) Aside from being the red-light district for your home media with the “plex server” It also offers a great front end to “consume” that media on whatever desktop (or media center pc) you are using.  If you ever feel the urge to crawl out from under your desk and enter the big airy meeting room with the high ceiling (Referred by some as “outside”) Plex even lets you connect back home so you can continue to enjoy whatever you have been watching before you were forced out of your house. 

So far I”ve enjoyed flawless transcoding and streaming of some of my favorite TV shows and ‘backed up’ movies to both my Tablets (Android and IOS) and am currently enjoying some music streamed from my itunes library .. on my Android tablet. Can you spell Blasphemy ? No ? thats ok .. you can just SCREAM it ! :p

The Plex server app is ‘Slider friendly’ and available for Windows, Linux, OSX and some “embedded NAS” devices. The clients will put you back a couple of bucks (about 5 or 10 depending of what you choose) on your mobile device .. but the quality and convenience is totally worth it.

In a couple of words. Download and install the Plex server, run the configuration wizzard ( Click yes yes yes and point it towards your media) Put the mobile apps on your portable devices and let them auto discover your Plex server .. Run to the bathroom and don’t come out until you have watched the entire series of Friends .. from your tablet or smartphone.

Never mind the family members who command the black monolith downstairs to consume whatever dribble they like to watch .. Get Plex and turn any device into your personal media station.

Links : PLEX. 

So have YOU played with plex ? Share your experiences or questions in the comments.

Related Posts

Posted by in Knightlife | Leave a comment: 0