Bash Scripting
87
while at the same time assisting the Computer Emergency Response Team
(CERT) in Pittsburgh with defending against hackers.
A few years before Max was caught, he realized that the Aloha Point of
Sale (POS) system used by many small restaurants had a technical support
backdoor built into it. In this case, the backdoor enabled tech support to
assist their clients. Aloha tech support could access the end user’s system
through port 5505 to provide assistance when the user called for help. Max
realized that if he found a system connected to the internet with the Aloha
POS system, he could access the system with sysadmin privileges through
port 5505. Max was able to enter many of these systems and steal tens of
thousands of credit card numbers.
Eventually, Max wanted to find
every system that had port 5505 open so
that he could go from stealing thousands of credit card numbers to steal-
ing millions. Max decided to write a script that would scan millions of IP
addresses looking for systems with port 5505 open. Of course, most systems
do
not have port 5505 open so, if they did, it was likely they were running the
doomed Aloha POS. He could run this script while at work during the day,
then by night hack into those systems identified as having port 5505 open.
Our task is to write a script that will be nearly identical to Max’s script,
but rather than scan for port 5505 as Max did, our script will scan for systems
connected to the ubiquitous online database MySQL. MySQL is an open
source database used behind millions of websites; we’ll be working with
MySQL in Chapter 12. By default, MySQL uses port 3306. Databases are the
“Golden Fleece” that nearly every black hat hacker is seeking, as they often
contain credit card numbers and personally identifiable information (PII)
that is
very valuable on the black market.
