Thứ Năm, 10 tháng 9, 2015

Exploiting CCTV

Step 1: Download Angry Ip Scanner

Angry Ip scanner is powerful GUI Port scanner . Angry Ip scanner available for all major OS.
Download and Install Angry ip scanner



Step 2: Choose Ip Address Range

Its important that how to choose proper ip address range for CCTV cteamera hacking. CCTV cameras are connected with broadband internet connection. If you are accessing broadband router then find your public ip address. Just type ‘My IP’ in Google or Bing search bar. Google will show your public ip address
Here 77.247.181.165 is my public ip . So ip range can be 77.247.181.1 o 77.247.181.255 or 77.247.181.1 o 77.247.185.255

Step 3: Configure Angry Ip for CCTV exploit

Open Angry Ip Scanner

Go to tools > Preferences > Ports | add ports 80,8080,23 in Port selection tab

It will scan 80,8080 and 23 port.
We need add web detect. Web detect can show short details about device details connected to internet. like as follow

  1. CCTV  model name
  2. CCTV  name
  3. router name or router model name
Add web detect as follows
Go to Tools > Fetchers > add (<<) web detect
Click OK




Step 4: Start Ip Range Scanning

Add ip range in Ip range tab and click start
After scanning finished you will find interesting information in web detect tab some examples as follows
  1. RomPager/4.07 UPnP/1.0 —– router
  2. uc-httpd 1.0.0 —– CCTV 
  3. DVRDVS-Webs —– CCTV 
  4. microhttpd —– router
  5. Webs —– CCTV 
  6. Hikvision-Webs —– CCTV 
  7. iBall-Baton —– CCTV 

Step 5: Default Username and Password

Most of the CCTV  and router configured default username and password. example

Username : admin | password : admin
Username : admin | password : (blank )
Username : admin | password : 12345
Username : admin | password : 9999
You can find default username and password list trying some googling
some CCTV cameras need plugin, you can download from same page. If not found plugin at same page then go to manufacture website site and download it.

Step 6: Exploit CCTV Camera Password Using Hydra

If default password not work then we need to crack it. hydra is powerful brute for tool can crack CCTV password.
Now fire up kali
root@DeepHack:~# hydra -s 80 -l admin -P /root/Desktop/wl/cctvpass.txt -e ns -t 16 targetIP http*
Hydra syntax-s 80 — define port number
-l admin — default login name admin
-P /root/desktop/worldlist.txt — choose your word list for brute force
-e — empty password
ns — try login as passwordand try empty password
http — port name for attackUsing these can hack CCTV cameras


thank you for reading
Người đăng: vào lúc
Nhãn:

Không có nhận xét nào:

Đăng nhận xét

Đăng ký: Đăng Nhận xét (Atom)