top of page
  • Writer's pictureotw

Finding Vulnerabilities in Russian Sites with

Updated: Dec 28, 2022

Welcome back, my heroes!

The barbaric attack against Ukraine by Russian forces continues. Ukraine has officially requested that hackers from around the world assist their fight against this aggression. Stopping Russia now at Ukraine may be essential to saving Europe in the future. An effective cyber war against Russia may make them think twice about their attack on Ukraine.

Those of you willing to fight this aggression, I am here to help.

One of the ways we can find sites vulnerable to attack is to use a service I introduced you to earlier, For some background on, click here.

Step#1: Navigate to and open an account

With the site open, you can search for Russian sites with a CVE greater than 8.

cve.base_score:>8 and"RU")

This search brings up over 60,000 sites in Russia. We can narrow our search to the largest provider of digital services in Russia, Rostelecom, by appending our search with asn.organization such as;

cve.base_score:>8 and"RU") and asn.organization:("Rostelecon")

This narrows our search to just over 2000 sites. We can above that the first site listed is a Windows Server with Apache 2.2.22 (the current version of Apache is 2.4).

When we click on the CVE tab, it opens a list of vulnerabilities that this server including;

  1. CVE-2821-39275

  2. CVE-2821-44790

  3. CVE-2018-1312

Each of these vulnerabilities is rated at 9.8 or very high!

Use your imagination to find more vulnerabilities in these Russian sites!


This is quick and dirty approach to finding vulnerable sites in Russia.

I'll add additional techniques an info as time allows.

You are heroes!

bottom of page