IoTSeeker, developed by Rapid7, is a tool for scanning default password credentials of IoT devices. It can scan specific IoT devices to determine if they are using default or factory-set passwords.
Tool Introduction
The recent large-scale network disruption in the United States was investigated to be caused by malware exploiting default password credentials of IoT devices (CCTV cameras, DVRs, etc.), leading to infections and the formation of botnets for DDoS attacks. IoTSeeker can help enterprises scan their networks for IoT devices to check if their passwords have been changed or if the devices are still in factory settings. The early Mirai malware primarily exploited the telnet services of IoT devices for infection, while IoTSeeker mainly utilizes HTTP/HTTPS services for detection and identification.
Project Address
https://github.com/rapid7/IoTSeeker
Tool Features
To accommodate various types of IoT devices and large-scale IP network scanning, IoTSeeker has the following features:
High concurrency: Using the Perl module AnyEvent, it can execute scans of thousands of IoT devices simultaneously.
Scalability: No need to change or write a large amount of code, supports many new types of devices.
File composition: The tool consists of two parts, one being the device configuration identification JSON format file devices.cfg, and the other being the scanning control Perl file iotScanner.pl.
Operating environment: Currently, IoTSeeker only supports Linux or Mac OS systems.
Installation
1. Ensure that Perl and cpan are installed on your system (installation method can be searched online).
2. Install the required Perl modules using the following command:
cpan AnyEvent::HTTP Data::Dumper JSON
Running Example
perl iotScanner.pl 1.1.1.1-1.1.4.254,2.1.1.1-2.2.3.254
You may also like
Batch Detection of IoT Cameras
Will IoT Applications Allow Hackers to Control Everything?
Preventing IoT Hacker Invasion: Experts Propose Six Preventive Measures
