echoblack Posted December 21, 2009 Share Posted December 21, 2009 I was at the mall with my laptop and just was sniffing to see what was around. Low and behold a Wireless network broadcasting an essid of "Security Cam" First I though Hay, I could deauth the cam and connect it to my Pineapple but then realized there is a far more simple and harmful attack that could be done. Just DeAuth all the Cam's ! It would be crazy simple to take down the whole Security Cam system & run a DOS on the AP. Any noob could do it. This alone is an Unacceptable security risk. Not to mention taping in and being able to see what all the security cams see. Sure having the Security Cam system broadcasting it's essid and naming it "Security Cam" is super dumb too but it could be found out anyway. I think all WiFi Security Cams should be taken off the market do to there complete lack of "Security." Quote Link to comment Share on other sites More sharing options...
dr0p Posted December 21, 2009 Share Posted December 21, 2009 This network didn't have any kind of protection on it? Quote Link to comment Share on other sites More sharing options...
echoblack Posted December 21, 2009 Author Share Posted December 21, 2009 Yes, It has WPA2-Personal. However, with an essid like that I bet the passphrase is crackable. But that would not matter if you just want to DOS's it. Or if you have a Pineapple..... Right, Jasager will just except any encryption the AP it is impersonating has or just tell the client that there is not need or something to that effect? Quote Link to comment Share on other sites More sharing options...
Sud0x3 Posted December 21, 2009 Share Posted December 21, 2009 I've never seen wifi cams being used in permenant locations, usually just used for short term basis. Even if they had cloaked the ssid or obfuscated it by naming it bobs-wifi, you could still brute the ssid and if the wpa key is not well thought through it wouldn't take long till your in. However these cams do have their own ip and web inteface which are password protected, in your case maybe not! Quote Link to comment Share on other sites More sharing options...
echoblack Posted December 21, 2009 Author Share Posted December 21, 2009 Hum, I'd like to do just a little more research on them. Just to find out more facts. Here in Hawaii everyone uses Aloha, Shaka, Hawaii, Pineapple, in there passwords. It is crazy easy to crack passwords out here :P Aloha + some #'s is Huge seemingly 20% of passwords Quote Link to comment Share on other sites More sharing options...
h3%5kr3w Posted December 21, 2009 Share Posted December 21, 2009 There are a lot of wifi cams out there that do not support encryption, or they only support lower levels of encryption. You have to spend the big bucks to get the better encryption, so it's most probably the latter. Also.. Beware of Trojans! (not the viruses or the condoms) Could be a honey pot... Well either that or it could be some perv that set one up in the women's dressing rooms. If that were the case ddos'ing it would be a good semaritan service. Quote Link to comment Share on other sites More sharing options...
Dаrren Kitchen Posted December 21, 2009 Share Posted December 21, 2009 This reminds me, I still need to make that IP security cam article. Even if it's not wireless, if you can get on the same LAN as an IP camera it's pretty much game over. Quote Link to comment Share on other sites More sharing options...
The Game Posted January 10, 2010 Share Posted January 10, 2010 This is very poor practice on there behalf. I actually work as a security technician. (Cameras, Card Readers, Wireless Duress etc) and never ever have i seen cameras been taken over Wifi. It would be so stupid. Anyone can disconnect the entire network with a simple deauth attack and DOS all day if they wanted to. As for cracking it, well if you got a good dictionary and they are stupid to have a lame password like "Security1" then it would be a matter of minutes before someone is in. This reminds me, I still need to make that IP security cam article. Even if it's not wireless, if you can get on the same LAN as an IP camera it's pretty much game over. Agreed. We use axis network cameras and some people leave them as there default password "root" & "admin" all you need is to get your IP setup and its just that simple. Quote Link to comment Share on other sites More sharing options...
theSuperman Posted January 10, 2010 Share Posted January 10, 2010 This network didn't have any kind of protection on it? Encryption or not, sending out deauth packets every second will prevent the wifi camera from connecting back to its AP. Quote Link to comment Share on other sites More sharing options...
Whig Posted January 13, 2010 Share Posted January 13, 2010 One problem with WiFi Security cam's is also that they are so easy to jam with Wifi Jammer. Of course there is also wireless camera without anykind of protection: http://en.wikipedia.org/wiki/WarViewing Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.