- Notifications
You must be signed in to change notification settings - Fork542
Description
While using the VLC I can monitor theBesder 6024PB-JW201 1080p camera via this link:rtsp://admin:password123@192.168.0.228:554/onvif1
I did a test by my camera with "Cameradar v4.1.2", I inserted the password "password123" into the "credentials.json" file. The required route "onvif1" already exists in the "routes" file.
then I started the "Cameradar"./cameradar -t 192.168.0.228
When I run the "Cameradar" on the screen, I see "Cameradar" trying different combinations of usernames and passwords.
For example:
* Trying 192.168.0.228:554...* TCP_NODELAY set* Connected to 192.168.0.228 (192.168.0.228) port 554 (#0)* Server auth using Digest with user 'service'> DESCRIBE rtsp://service:12345@192.168.0.228:554/ RTSP/1.0CSeq: 1Accept: application/sdpLater the program starts checking the routes, but as far as I can see the front of thertsp:// link no longer has username and password values
"rtsp://:@192.168.0.228: 554/cam/realmonitor"
For example:
< RTSP/1.0 401 Unauthorized< CSeq: 1< WWW-Authenticate: Digest realm="HIipCamera",nonce="13759f8bcb221178a57ff433b8721278"< * Connection #0 to host 192.168.0.228 left intact* Issue another request to this URL: 'rtsp://192.168.0.228:554/cam'* Protocol "rtsp" not supported or disabled in libcurl* Closing connection -1* Trying 192.168.0.228:554...* TCP_NODELAY set* Connected to 192.168.0.228 (192.168.0.228) port 554 (#0)* Server auth using Digest with user ''> DESCRIBE rtsp://:@192.168.0.228:554/cam/realmonitor RTSP/1.0CSeq: 1Accept: application/sdpThe program reports when the job is complete - that did not find the correct username and password Also prints wrong path "RTSP route: /cam/realmonitor"
For example:
> Perform failed for "rtsp://:@192.168.0.228:554/cam" (auth 2): curl: Unsupported protocolValidating that streams are accessible...ok > Perform failed for "rtsp://:@192.168.0.228:554/cam/realmonitor" (auth 2): curl: RTSP CSeq mismatch or invalid CSeq✖ Admin panel URL: http://192.168.0.228/ You can use this URL to try attacking the camera's admin panel instead. Available: ✖ IP address: 192.168.0.228 RTSP port: 554 Auth type: digest Username: not found Password: not found RTSP route: /cam/realmonitor✖ Streams were found but none were accessed. They are most likely configured with secure credentials and routes. You can try adding entries to the dictionary or generating your own in order to attempt a bruteforce attack on the cameras.Am I doing something wrong, or is there a bug in the program?
Maybe you can create an option when the route is known, "Cameradar" would bruteforce only the username and password?