Skip to main content

Web scanning / weird HTTP headers

So there I was, scanning the web with a little Python script, looking for servers and other connected devices (you know, typical Tuesday night stuff) when I found a response that had an HTTP header with the key "X-hacker".

I've never seen that one before so I opened it up to see what the value was, thinking that surely it'll be something awesome...
X-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
That's right. They're in our meetups, and discussion boards, and now recruiters are even lurking in HTTP headers.


To anyone interested in the scanning script, it's basically a modified version of this: https://gist.github.com/wybiral/8529a14092fef7e31a1c82eb65d36c60. You need a MongoDB instance for it to insert the scans into. Then you can query that MongoDB instance. I use a small web interface that groups them for quick statistics on common responses, popular server versions, etc. Yes, you'd have much better performance if you put something like ZMap in front of a parser, but this works well enough for my needs. Don't do anything I wouldn't do.

Popular posts from this blog

Exploring Sub-GHz Radio With RTL-SDR and GQRX

Today I took a look at some hardware for working with sub-GHz radio transmissions, especially FM. All of which came in a previous HackerBoxes box. My favorite item was definitely the RTL-SDR dongle! I could play around with this thing for hours surfing the radio waves and listening to weird broadcasts. There's even a Python library named pyrtlsdr for working with these devices so you can scan/record radio transmissions programmatically:  https://github.com/roger-/pyrtlsdr Next I'm going to solder together the FM transceivers included in the box and play around with writing Arduino firmware for them. Those things should work similar to the LoRa modules I've been using but they trade in the long range for increased bandwidth. Should be good for streaming data locally and still have much better range than most home WiFi or Bluetooth. Here's a video overview of the hardware included in HackerBox 0034 as well as a demo of the RTL-SDR dongle using GQRX to visually and...

Always Secure Your localhost Servers

Recently I was surprised to learn that web browsers allow any site you visit to make requests to resources on localhost (and that they will happily allow unreported mixed-content ). If you'd like to test this out, run an HTTP server on port 8080 (for instance with python -m http.server 8080 ) and then visit this page. You should see "Found: HTTP (8080)" listed and that's because the Javascript on that page made an HTTP GET request to your local server to determine that it was running. Chances are it detected other services as well (for instance if you run Tor or Keybase locally). There are two implications from this that follow: Website owners could potentially use this to collect information about what popular services are running on your local network. Malicious actors could use this to exploit vulnerabilities in those services. Requests made this way are limited in certain ways since they're considered opaque , meaning that the web page isn't able...

DIY Solar Powered LoRa Repeater (with Arduino)

In today's video I be built a solar powered LoRa signal repeater to extend the range of my LoRa network. This can easily be used as the basis for a LoRa mesh network with a bit of extra code and additional repeaters. Even if you're not into LoRa networks all of the solar power hardware in this video can be used for any off-the-grid electronics projects or IoT nodes!