• Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Menu
  • Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Search
Close
  • Home
  • 2017
  • May
  • 23
  • Cameradar – An RTSP Surveillance Camera Access Multitool

Cameradar – An RTSP Surveillance Camera Access Multitool

May 23, 2017July 27, 2019 Comments Off on Cameradar – An RTSP Surveillance Camera Access Multitool
cameradar hack cctv cameras how to hack cameras how to hack cctv camera how to hack surveillance cameras tools to hack surveillance cameras

Cameradar hacks its way into RTSP CCTV cameras

Cameradar allows you to:

  • Detect open RTSP hosts on any accessible target
  • Get their public info (hostname, port, camera model, etc.)
  • Launch automated dictionary attacks to get their stream route (for example /live.sdp)
  • Launch automated dictionary attacks to get the username and password of the cameras
  • Generate thumbnails from them to check if the streams are valid and to have a quick preview of their content
  • Try to create a Gstreamer pipeline to check if they are properly encoded
  • Print a summary of all the informations Cameradar could get

And all of this in a single command-line.
Of course, you can also call for individual tasks if you plug in a Database to Cameradar using the MySQL cache manager for example. You can create your own cache manager by following the simple example of the dumb cache manager.

Quick install
The quick install uses docker to build Cameradar without polluting your machine with dependencies and makes it easy to deploy Cameradar in a few commands. However, it may require networking knowledge, as your docker containers will need access to the cameras subnetwork.

Dependencies
The only dependencies are docker, docker-tools, git and make.

Five steps guide

  1. git clone https://github.com/EtixLabs/cameradar.git
  2. cd cameradar/deployment
  3. Tweak the conf/cameradar.conf.json as you need (see the configuration guide here for more information)
  4. docker-compose build ; docker-compose up

By default, the version of the package in the deployment should be the last stable release.
If you want to scan a different target or different ports, change the values CAMERAS_TARGET and CAMERAS_PORTS in the docker-compose.yml file.
The generated thumbnails will be in the cameradar_thumbnails folder after Cameradar has finished executing.
If you want to deploy your custom version of Cameradar using the same method, you should check the advanced docker deployment tutorial here.

Manual installation
The manual installation is recommended if you want to tweak Cameradar and quickly test them using CMake and running Cameradar in command-line. If you just want to use Cameradar, it is recommended to use the quick install instead.

Dependencies
To install Cameradar you will need these packages

  • cmake (cmake)
  • git (git)
  • gstreamer1.x (libgstreamer1.0-dev)
  • ffmpeg (ffmpeg)
  • boost (libboost-all-dev)
  • libcurl (libcurl4-openssl-dev)

Steps
The simplest way would be to follow these steps :

  1. git clone https://github.com/EtixLabs/cameradar.git
  2. cd cameradar
  3. mkdir build
  4. cd build
  5. cmake ..
  6. make
  7. cd cameradar_standalone
  8. ./cameradar -s the_target_you_want_to_scan

Output
For each camera, Cameradar will output these JSON objects :

{
   "address" : "173.16.100.45",
   "ids_found" : true,
   "password" : "123456",
   "path_found" : true,
   "port" : 554,
   "product" : "Vivotek FD9381-HTV",
   "protocol" : "tcp",
   "route" : "/live.sdp",
   "service_name" : "rtsp",
   "state" : "open",
   "thumbnail_path" : "/tmp/127.0.0.1/1463735257.jpg",
   "username" : "admin"
}

Check camera access
If you have VLC Media Player, you should be able to use the GUI to connect to the RTSP stream using this format : rtsp://username:[email protected]:port/route
With the above result, the RTSP URL would be rtsp://admin:[email protected]:554/live.sdp
If you’re still in your console however, you can go even faster by using vlc in commmand-line and just run vlc rtsp://username:[email protected]:port/route with the camera’s info instead of the placeholders.

Command line options

  • “-c” : Set a custom path to the configuration file (-c /path/to/conf) <<<<<<< HEAD
  • “-s” : Set custom subnets (overrides configuration) : You can use this argument in many ways, using a subnet (e.g.: 172.16.100.0/24) or even an IP (e.g.: 172.16.100.10), a range of IPs (e.g.: 172.16.100.10-172.16.100.20) or a mix of all those (e.g.: 172.17.100.0/24,172.16.100.10-172.16.100.20,0.0.0.0). =======
  • “-s” : Set custom target (overrides configuration)
  • “-p” : Set custom ports (overrides configuration)
  • “-m” : Set number of threads (Default value : 1)
  • “-l” : Set log level
    • “-l 1” : Log level DEBUG
      • Will print everything including debugging logs
    • “-l 2” : Log level INFO
      • Prints every normal information
    • “-l 4” : Log level WARNING
      • Only prints warning and errors
    • “-l 5” : Log level ERROR
      • Only prints errors
    • “-l 6” : Log level CRITICAL
      • Doesn’t print anything since Cameradar can’t have critical failures right now, however you can use this level to debug your own code easily or if you add new critical layers
  • “-d” : Launch the discovery tool
  • “-b” : Launch the dictionary attack tool on all discovered devices
    • Needs either to be launched with the -d option or to use an advanced cache manager (DB, file, …) with data already present
  • “-t” : Generate thumbnails from detected cameras
    • Needs either to be launched with the -d option or to use an advanced cache manager (DB, file, …) with data already present
  • “-g” : Check if the stream can be opened with GStreamer
    • Needs either to be launched with the -d option or to use an advanced cache manager (DB, file, …) with data already present
  • “-v” : Display Cameradar’s version
  • “-h” : Display this help
  • “–gst-rtsp-server” : Use this option if the attack does not seem to work (only detects the username but not the path, or the opposite). This option will switch the order of the attacks to prioritize path over credentials, which is the way priority is handled for cameras that use GStreamer’s RTSP server.

 

Download Cameradar

Post navigation

Hacking Traffic Lights is Apparently Really Easy
Find Out Who’s Tracking You Through Your Smartphone

Related Articles

Suborner - The Invisible Account Forger

Suborner – The Invisible Account Forger

- Hack Tools
February 2, 2023
DefaScan: Defacement Scan and Alert

DefaScan: Defacement Scan and Alert

- Hack Tools
February 2, 2023
curio: finds risks and vulnerabilities in your code

curio: finds risks and vulnerabilities in your code

- Hack Tools
February 1, 2023
hacker gadgets
hacker phone covers

Recent Posts

Suborner - The Invisible Account Forger

Suborner – The Invisible Account Forger

February 2, 2023
DefaScan: Defacement Scan and Alert

DefaScan: Defacement Scan and Alert

February 2, 2023
curio: finds risks and vulnerabilities in your code

curio: finds risks and vulnerabilities in your code

February 1, 2023
Monomorph - MD5-Monomorphic Shellcode Packer - All Payloads Have The Same MD5 Hash

Monomorph – MD5-Monomorphic Shellcode Packer – All Payloads Have The Same MD5 Hash

February 1, 2023
A Guide to Crypto Self-Custody

A Guide to Crypto Self-Custody

February 1, 2023
CVE-2023-23924: Critical-Severity RCE Flaw Found in Popular Dompdf Library

CVE-2023-23924: Critical-Severity RCE Flaw Found in Popular Dompdf Library

February 1, 2023

Social Media Hacking

SocialPath – Track users across Social Media Platforms

SocialPath – Track users across Social Media Platforms

- Social Media Hacking
October 16, 2019October 16, 2019

SocialPath is a django application for gathering social media intelligence on specific username. It checks for Twitter, Instagram, Facebook, Reddit...

SocialScan – Check Email Address and Username Availability on Online Platforms

SocialScan – Check Email Address and Username Availability on Online Platforms

June 17, 2019
Shellphish – Phishing Tool For 18 Social Media Apps

Shellphish – Phishing Tool For 18 Social Media Apps

June 10, 2019July 27, 2019
WhatsApp Hacking using QRLJacking

WhatsApp Hacking using QRLJacking

May 2, 2019May 19, 2019
How to Hack any Facebook Account with Z-Shadow

How to Hack any Facebook Account with Z-Shadow

April 26, 2019June 29, 2020
hacker buffs

About Us

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Join Our Community!

Please wait...
Get the latest News and Hacking Tools delivered to your inbox.
Don't Worry ! You will not be spammed

Active Members

Submit a Tool

Hackers Handbook 2018


Grab your copy here

ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • LANC Remastered
  • PCPS IP Puller
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Menu
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • LANC Remastered
  • PCPS IP Puller
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Live Chat
RESOURCES
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Menu
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Get Started
TOOLBOX
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Menu
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook Twitter Google-plus Wordpress
Please wait...

Join Our Community

Subscribe now and get your free HACKERS HANDBOOK

Don't Worry ! You will not be spammed
SIGN UP FOR NEWSLETTER NOW