Welcome back, my heroes!
The barbaric attack against Ukraine by Russian forces continues. Ukraine has officially requested that hackers from around the world assist their fight against this aggression. Stopping Russia now at Ukraine may be essential to saving Europe in the future. An effective cyber war against Russia may make them think twice about their attack on Ukraine.
Those of you willing to fight this aggression, I am here to help.
One of the ways we can find sites vulnerable to attack is to use a service I introduced you to earlier, netlas.io. For some background on netlas.io, click here.
Step#1: Navigate to netlas.io and open an account
With the site open, you can search for Russian sites with a CVE greater than 8.
cve.base_score:>8 and geo.country:("RU")
This search brings up over 60,000 sites in Russia. We can narrow our search to the largest provider of digital services in Russia, Rostelecom, by appending our search with asn.organization such as;
cve.base_score:>8 and geo.country:("RU") and asn.organization:("Rostelecon")
This narrows our search to just over 2000 sites. We can above that the first site listed is a Windows Server with Apache 2.2.22 (the current version of Apache is 2.4).
When we click on the CVE tab, it opens a list of vulnerabilities that this server including;
CVE-2821-39275
CVE-2821-44790
CVE-2018-1312
Each of these vulnerabilities is rated at 9.8 or very high!
Use your imagination to find more vulnerabilities in these Russian sites!
Summary
This is quick and dirty approach to finding vulnerable sites in Russia.
I'll add additional techniques an info as time allows.
You are heroes!