Computer_Security Posted July 17, 2014 Share Posted July 17, 2014 Okay let me start off by saying that I am not doing anything malicious I am just trying to break into my ip camera that I bought and is on my network so hold back all of your comments of how this is illegal because IT IS NOT! okay now that that is out of the way let me say that my inspiration to take on this task was when I watched Craig Heffner at Black Hat https://www.youtube.com/watch?v=B8DjTcANBx0 I just don't understand how he gets into the camera's and can anyone help my try to exploit MY IP CAMERA which the antenna doesn't work on it so I have to use Ethernet and would not having the option of wifi limit me in any way? I'm 99% sure that this camera has security flaws because it is a cheap 40$ camera that I picked up on amazon and then I got a 15$ rebate so it was technically a 25$ camera and Heffner showed multi-thousand dollar cameras being exploited so...... yea! If any of you guys can help me that will be great since I am very interested in how Ip-Camera's can be exploited and yea for the final time this will be on my network! -Thanks Guys Quote Link to comment Share on other sites More sharing options...
cooper Posted July 17, 2014 Share Posted July 17, 2014 High price doesn't equal high security. Actually, more often than not it means more security problems because the high price means lots of features and each feature is potentially a security risk. I mean, you can buy an AP for like 20 bucks that will be next to impossible to break into yet every so often exploits are found for the Cisco's and Juniper's and Huawei's of today... Quote Link to comment Share on other sites More sharing options...
digininja Posted July 17, 2014 Share Posted July 17, 2014 Asking how to break into your camera is like asking how to fix a rattle on a car, without much more information it could be a pen rolling around in the glove box or something deep inside the engine. You could google for your camera's name and see if anything has already been published but if not you are looking at a vulnerability assessment to look for weaknesses. Quote Link to comment Share on other sites More sharing options...
no42 Posted July 17, 2014 Share Posted July 17, 2014 Quick google : http://www.tenvis.com/blog/how-to-realize-factory-settings-for-jpt3815w-ip-camera.html Quote Link to comment Share on other sites More sharing options...
Guest spazi Posted July 17, 2014 Share Posted July 17, 2014 I believe the common way to find exploits on embedded systems is to look at the firmware. Sometimes it's just luck. Take it apart with binwalker and ida pro. Understand how it works and check for common exploits like common passwords, cgi code execution etc. The security on embedded systems can sometimes be horrible. Quote Link to comment Share on other sites More sharing options...
Computer_Security Posted July 17, 2014 Author Share Posted July 17, 2014 High price doesn't equal high security. Actually, more often than not it means more security problems because the high price means lots of features and each feature is potentially a security risk. I mean, you can buy an AP for like 20 bucks that will be next to impossible to break into yet every so often exploits are found for the Cisco's and Juniper's and Huawei's of today... Yea i figured Quote Link to comment Share on other sites More sharing options...
Computer_Security Posted July 17, 2014 Author Share Posted July 17, 2014 Quick google : http://www.tenvis.com/blog/how-to-realize-factory-settings-for-jpt3815w-ip-camera.html This link just gives me the default creds I already know the creds I just want to break into it another way like what spazi said I believe the common way to find exploits on embedded systems is to look at the firmware. Sometimes it's just luck. Take it apart with binwalker and ida pro. Understand how it works and check for common exploits like common passwords, cgi code execution etc. The security on embedded systems can sometimes be horrible. I will check out binwlker and ida pro! thanks and ill do a lot of googling! (DIGININJA) Quote Link to comment Share on other sites More sharing options...
Guest spazi Posted July 18, 2014 Share Posted July 18, 2014 If you are interested in hacking embedded devices you should look into Praeda by Deral Heiland. I just stumbled over this tool, haven't really had the time to check it out properly, but it seems very cool :) Quote Link to comment Share on other sites More sharing options...
Computer_Security Posted July 19, 2014 Author Share Posted July 19, 2014 Thanks for the help guys and yea I will check it out I have just been sooo busy lately so when I get the time I will.... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.