chewyd

Untitled

May 6th, 2018
2,817
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Let me know if you find anything that isnt on this list that should be added
  2. Collection of shodan keywords for webcams :
  3.  
  4. webcamxp
  5.  
  6. webcam 7
  7.  
  8. IPCamera_Logo (admin/admin)
  9.  
  10. Vivotek Network Camera -401
  11.  
  12.  
  13.  
  14. Server: SQ-WEBCAM (admin/admin)
  15.  
  16. maygion (admin/admin)
  17.  
  18. Netwave IP Camera (foscam exploit)
  19.  
  20. Server: U S Software Web
  21.  
  22. yawcam
  23.  
  24. Android Webcam Server -Authenticate
  25.  
  26. Server: i-Catcher Console
  27.  
  28. ADH-web
  29.  
  30. Server: VB100
  31.  
  32. Auther: Steven Wu
  33.  
  34. title:'+tm01+'
  35.  
  36.  
  37.  
  38. D-Link Internet Camera 200
  39.  
  40. imagiatek ipcam (admin/)
  41.  
  42. Server: VCS-VideoJet-Webserver
  43.  
  44.  
  45.  
  46. Boa ipcam (admin/123456)
  47.  
  48. hikvision Content-Length: 1341 (admin/12345)
  49.  
  50. "webcam" "last-modified"
  51.  
  52.  
  53.  
  54. has_screenshot:true -port:5900 -port:5901 -port:6000
  55.  
  56.  
  57.  
  58. Content-Length: 695 (root/pass)
  59.  
  60. title:"NetCamXL"
  61.  
  62. title:"WVC210 Wireless-G PTZ Internet Camera with Audio"
  63.  
  64. d-Link Internet Camera, 200 OK
  65.  
  66. title:"DCS-5300G" Server: D-Link Internet Camera
  67.  
  68. title:"Login cgicc form" (admin/)
  69.  
  70. LNE3003 Wireless IP Camera (admin/admin)
  71.  
  72. title:"DCS-5220 IP camera"
  73.  
  74. title:"Web Viewer for Samsung DVR" Content-Length: 2524 (admin/4321)
  75.  
  76. title:"IP CAMERA Viewer" Content-Length: 703
  77.  
  78. abelcam
  79.  
  80. Brickcom
  81.  
  82. admin/admin
  83.  
  84. or try
  85.  
  86. rtsp://ip/channel1
  87.  
  88. sometimes no auth needed for rtsp :-)
  89.  
  90. also work on vlc :
  91.  
  92. http://admin:admin@ip/channel1
  93.  
  94. Downloader:
  95. https://drive.google.com/open?id=1HJhQ8U02RA1cJ3ipBE_OwVlS8c48w8y3
  96. List Parser:
  97. https://drive.google.com/open?id=143_ZiTA_9e-kDPVDdQ_S7aDMo3KEr_iP
  98.  
  99. Make Shodan your bitch with Joe's TamperMonkey script:
  100. https://pastebin.com/apGYXCiT
  101.  
  102. Or strip down to URLs only with this TamperMonkey script:
  103. https://pastebin.com/a4m85aK4
  104.  
  105. Loonix
  106. https://pastebin.com/fm9dM8q7
  107.  
  108. Grabb CCTV all Type (foscam , axis , sony , ..)
  109. https://github.com/CCrashBandicot/IPCam
  110.  
  111. https://github.com/CCrashBandicot/IPCam/blob/master/netcam_viewer.sh
  112.  
  113. If you want do do some CLI shit, you might want to start with this code. Updated to download kcore files but it will not parse out credentials.
  114.  
  115. Netcam Firmware
  116. https://pastebin.com/2HBvR2ye
  117.  
  118. Shodan IPCam Extractor by Arsouill3
  119. v1.0
  120. https://pastebin.com/RjdhjFBh
  121. v2.0
  122. https://pastebin.com/N6FjMRYC
  123. iSpy "Add Foscam" button
  124. Diff file for commit 28fcbda3b9ef345adac54fdf098e2c1e1dd5a5d3
  125. https://pastebin.com/hM8R4fNj
  126. Adds a "Foscam (and Knockoffs)" button to the iSpy "Add Camera" dropdown. You enter the camera IP, username, and password, and it automatically sets up the camera for you.
  127.  
  128. BUILD YOUR LIST
  129. For the sake of efficiency an evil hacker would want to build a list of IP cameras in order to test them for 1) default credentials and 2) vulnerability to exploits.
  130. It's not a requirement, though. Casuals can use Joe's Foscam Helper, which is a TamperMonkey script that enhances Shodan results (most current version linked in OP).
  131. Back to list building…
  132. https://www.shodan.io/search?query=%22netwave+ip+camera%22
  133. Shodan.io crawls the web testing IPs and ports. The "netwave ip camera" string matches FOSCAM camera IPs. Since this exploit has a distance limit of a few hundred miles you should add "country" and/or "city" filters to your search.
  134. Evil's "links only" TamperMonkey script makes the process of collecting links much faster (most current version linked in OP).
  135.  
  136. BUILD YOUR LIST
  137. For the sake of efficiency an evil hacker would want to build a list of IP cameras in order to test them for 1) default credentials and 2) vulnerability to exploits.
  138. It's not a requirement, though. Casuals can use Joe's Foscam Helper, which is a TamperMonkey script that enhances Shodan results (most current version linked in OP).
  139. Back to list building…
  140. https://www.shodan.io/search?query=%22netwave+ip+camera%22
  141. Shodan.io crawls the web testing IPs and ports. The "netwave ip camera" string matches FOSCAM camera IPs. Since this exploit has a distance limit of a few hundred miles you should add "country" and/or "city" filters to your search.
  142. Evil's "links only" TamperMonkey script makes the process of collecting links much faster (most current version linked in OP).
  143.  
  144. GET CAMS: WINDOWS
  145. This used to be a pretty manual process but thanks to Joe's File Downloader and Parser you too can get your hands on fresh cams!
  146. Most current mega links are in the OP.
  147. FILE DOWNLOADER
  148. add instructions or features list
  149. PARSER
  150. 1. Drag bruteforce log file onto "ListMasterFlex.exe"
  151. 2. Wait
  152. How to configure:
  153. Open settings.xml and edit certain values. If you break the config, just delete it and re-open the program. It will reset to default.
  154. <BackgroundColor> - Background color of overlay in hex argb
  155. <ForegroundColor> - Foreground color (font) of overlay in hex argb
  156. <FontFamily>
  157. <FontSize>
  158. <OutputFormat> - Format string for overlay. {0} = IP, {1} = username, {2} = password
  159. <OutputFolder>
  160. <SaveParams> - If true, also saves "get_params.cgi"
  161. <SaveStatus> - If true, also saves "get_status.cgi"
  162. <Threads> - Number of threads. Higher amount means it will go faster, but it will also be more demanding. Recommended 4, not recommended above 25.
  163. <MaxTries> - Number of times to retry connecting to the camera.
  164. <SnapshotTimeout> - Timeout to get snapshot in ms
  165. <PageTimeout> - Timeout to get misc pages in ms (Params, Status)
  166. <MaintenanceEnabled> - If true, performs maintenance on the settings file. (Currently, adds a trailing slash to the output folder
  167. <SnapshotFormat> - Image output format. Options: "png", "jpg", "bmp"
  168.  
  169. GET CAMS: LINUX
  170. Create your IP list and run the script. Output includes
  171. - List of cams with default creds
  172. - List of cams with kcore vulnerability (optional)
  173. - HTML file "viewer" for default creds
  174. - kcore files (optional)
  175. Instructions are in the bash comments.
  176. Most current pastebin link with source is in the OP
  177.  
  178. WHILE YOU WERE AWAY
  179. Windows users highly recommend BlueIris: http://blueirissoftware.com/
  180. Full version:
  181. Link Coming Soon!
  182. ISpy software itself isnt the best its better to go with the web version (Less CPU):
  183. http://www.ispyconnect.com/download-agent.aspx
  184. For Linux (and maybe OSX) folks you can try ZoneMinder. My experience is that ZM works but the motion detection is horrible (too sensitive) so you might go through a large HDD every day or two.
  185. http://www.zoneminder.com/
RAW Paste Data