Hacking CCTV cameras around the world!

[CarderPlanet]

BiG Brother (https://github.com/nwqda/BiG-Brother) is a tool that can be used to find CCTV cameras with open ports around the world.

Currently only 3 brands of CCTV cameras are supported: Sony, Canon and Panasonic. The following brands are planned to be added soon: Alphafinity, INSTAR, Milesight, Vacron and VideoIQ. It is also possible to save and export the result in .csv or .txt formats after completion.

Installation:
git clone https://github.com/nwqda/BiG-Brother
pip install -r requirements.txt

Usage:
python3 big-brother.py

 

[Man]

Welcome, hacker!
Today we will talk about vulnerabilities in IP cameras with GoAhead server on port 81: Disclosure of authentication data.

IP cameras have become an integral part of our modern life, providing us with video surveillance and security. However, even in such devices that are supposed to provide us with protection, vulnerabilities can be found. In this article, we will consider one of such vulnerabilities in IP cameras using the vulnerable GoAhead server and operating on port 81. Specifically, we will pay attention to the vulnerability associated with the disclosure of data for authorization of the camera.

Description of vulnerability:

The vulnerability is in the ability to send a request to the URL "system.ini?loginuse&loginpas", which results in the download of the file "system.ini". This file contains sensitive data required for authentication on the video camera. This means that an attacker with access to this vulnerability can easily obtain this data and thus gain unauthorized access to the IP camera.

Search for vulnerable devices:​

Shodan was used to find devices affected by this vulnerability. Shodan is an Internet of Things (IoT) search engine that allows you to search and explore devices connected to the Internet. Using Shodan, the researchers found that a significant number of IP cameras were using the vulnerable GoAhead server and were running on port 81.

Possible consequences:​

Unauthorized access to an IP camera can have serious consequences. Attackers can use this access to monitor people's private lives, commit theft, spy, and other illegal activities. In addition, such a vulnerability can be used to install malware on the device and use it as a botnet for cyberattacks.

Recommendations for protection:​

Owners of IP cameras running on the vulnerable GoAhead server and using port 81 are advised to take the following security measures:

1. Software Update: Check if updates are available for your IP camera and install them to fix the vulnerability.
2. Changing the port: Consider changing the IP camera's operating port from 81 to another unprivileged port. This may reduce the likelihood of a vulnerability being attacked.
3. Access Restriction: Check the IP camera access settings and ensure that only authorized users have access to it. Use strong passwords for authentication.
4. Firewalls and Network Restrictions: Consider using firewalls and network restrictions to limit access to the IP camera to only certain networks or IP addresses.

Conclusion:​

The vulnerability in IP cameras using the vulnerable GoAhead server on port 81 poses a serious threat to the security and privacy of users. Owners of such devices should take measures to protect and secure their IP cameras. In addition, IP camera manufacturers should pay attention to the vulnerabilities in their devices and release software updates to fix them in order to prevent possible attacks and protect their users.