Jump to content

Exploiting PC-based Surveillance Cameras


AndyzBong

Recommended Posts

Howdy all,

I recently was employed as a "Surveillance System Software Support Specialist" for a private video surveillance company here in Pa. Now, we all know that if you aim an infrared laser-pointer at an IR surveillance camera at night, you will completely "white out" the camera; but today I wanted to discuss some of the other vulnerabilities in not only the surveillance cameras, but the PC that runs the surveillance software.

First off, all of our PCs are running Windows XP and automatically login to windows under an administrator account without password verification. The reason I was given for this; is so when there is a power outage the computer will automatically reboot when the UPS is out of battery and the power is restored. Good, great, grand, and wonderful... but it doesn't have to be an administrative user. However, I just do what I'm told.

Secondly, when Windows XP boots the surveillance software runs on startup, logged in under "guest mode". Guest allows you to do nothing (such as Stop Monitoring, exit full screen mode, exit the software, etc). My boss thinks that "When you're logged in as guest, you cannot close the software or make any changes." However, you can run task manager and kill the process. Our software's process is not run under system it is run under the administrative user.

Lastly, I do not install the surveillance cameras or run their conduit, but I have learned a lot about how surveillance cameras can pick up interference. A couple of our customers are machine shops (machinist), who want to keep a watchful eye on their carbide supply. The exterior of the building is usually aluminum and the welders like to ground their equipment to the beams of the building. This gives the entire building a negative charge which will go through the metal housing of the cameras and cause interference on the cameras that looks like HBO porn before a descrambler.

I asked a camera installer if I put a 9v battery up to the housing of the camera, would it cause the same interference? His response was "I wouldn't doubt it."

And our wireless cameras? Worse.

Now this is not the same for every video surveillance company, just the companies that cheat their customers and fill up the pockets of the boss. We don't even use shielding for any of the cameras unless there is a cell phone base tower right next door to our customer (or some other equivalent of massive interference).

One final note, the administrative login to ALL of our customers is "admin" and the administrative password to ALL of our customers is eight characters all lowercase. If you could run a dictionary attack on our software's login page, not only would you be in on one computer, but if you had a copy of our clients' DNS addresses... you'd be admin on them all.

PS: Since our surveillance systems are PC-based, our customers enjoy monitoring their cameras from home via the internet. If one were to stumble upon their DNS address and reached a login page; one would only have to login as "guest" with no password in-order to view the cameras. Just like Space Rogue's write-up about Google hacking surveillance systems.

http://www.spacerogue.net/wordpress/?p=38

- AndyzBong

Link to comment
Share on other sites

Yes, just like in Space Rouge's article; you can use Google to view and move (PTZ) cameras. However, you will not be able to stop the recording or disable the surveillance system in anyway. Actually, most of these "Google hack" cameras are meant to be viewed over the internet without a login or password; as they are always in "guest mode".

You could DDoS the address; but even then, you're not "hacking" (and all recorded video events will still be on the local machine)

- AndyzBong

Link to comment
Share on other sites

  • 5 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...