Advertisement
RedBirdTeam

Cámaras Foscam y dispositivos de red claves codificadas

May 19th, 2018
333
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.94 KB | None | 0 0
  1. Todas las cámaras y dispositivos de red de Foscam utilizan la misma clave privada SSL que está codificada en el firmware descargable. Las claves se extrajeron utilizando la utilidad 'binwalk' y permiten a un atacante a MITM cualquier dispositivo Foscam.
  2.  
  3. Dos problemas en uno que anulan SSL en dispositivos foscam:
  4. Todas las cámaras en red de Foscam usan la misma clave privada SSL que está codificada en el firmware descargable. Esto se extrae fácilmente usando una utilidad como binwalk y permitiría a un atacante a MITM cualquier dispositivo Foscam.Las claves SSL de un dispositivo son válidas para cualquier otro dispositivo. Ver los certificados CN a continuación: *.myfoscam.org
  5.  
  6. A continuación se encuentran los certificados ssl de dos dispositivos foscam.
  7.  
  8. openssl s_client -connect [REDACTED]myfoscam.org:443
  9.  
  10. CONNECTED(00000003)
  11. depth=0 C = CN, ST = Guangdong, L = Shenzhen, O = "Shenzhen Foscam Intelligent Technology Co,Ltd", CN = *.myfoscam.org
  12. verify error:num=20:unable to get local issuer certificate
  13. verify return:1
  14. depth=0 C = CN, ST = Guangdong, L = Shenzhen, O = "Shenzhen Foscam Intelligent Technology Co,Ltd", CN = *.myfoscam.org
  15. verify error:num=21:unable to verify the first certificate
  16. verify return:1
  17. ---
  18. Certificate chain
  19. 0 s:/C=CN/ST=Guangdong/L=Shenzhen/O=Shenzhen Foscam Intelligent Technology Co,Ltd/CN=*.myfoscam.org
  20. i:/C=CN/O=WoSign CA Limited/CN=WoSign Class 3 OV Server CA
  21. ---
  22. Server certificate
  23. -----BEGIN CERTIFICATE-----
  24. MIIFFDCCA/ygAwIBAgIQEMpzCCRnnDOkG7I+cxTlKTANBgkqhkiG9w0BAQUFADBP
  25. MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxJDAiBgNV
  26. BAMTG1dvU2lnbiBDbGFzcyAzIE9WIFNlcnZlciBDQTAeFw0xNTA0MDcwODIwMDda
  27. Fw0xNjEyMDcwOTIwMDdaMIGFMQswCQYDVQQGEwJDTjESMBAGA1UECAwJR3Vhbmdk
  28. b25nMREwDwYDVQQHDAhTaGVuemhlbjE2MDQGA1UECgwtU2hlbnpoZW4gRm9zY2Ft
  29. IEludGVsbGlnZW50IFRlY2hub2xvZ3kgQ28sTHRkMRcwFQYDVQQDDA4qLm15Zm9z
  30. Y2FtLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK8H1eeluYBP
  31. 7x/7DLKPGneAnI9LWdMYbo+dIQKsyxQXRPOL+eWpQ/aWm/TAy0i4eDxmE0F7HmEn
  32. Y/m3Prl7TweSvFYcthDn77bJTXjbdKdLPFxc34j/KC2AdaJOJzGVJfmPuSVk2NW+
  33. mQyZxFuMU0X8M88+HwPX7leADUAjNdNIGcw4BG9xCrTY/6N/tk9an5iOHc+WKRQm
  34. P6S+2xCSHIUETpbPlpbRnk+FYDP8KLqdLwTgECIYEfsefNdasACyQ9EafWF1C683
  35. iuMAxtRe+mghklQoWYeslA6FhDcIZilPPkgnWjjqIkkAn+ik1q521aI3fUz/iGfM
  36. ugsGMuBmck0CAwEAAaOCAbMwggGvMAsGA1UdDwQEAwIFoDAdBgNVHSUEFjAUBggr
  37. BgEFBQcDAgYIKwYBBQUHAwEwCQYDVR0TBAIwADAdBgNVHQ4EFgQUYf1ztHxahhue
  38. DsBxwaJJhZHpTAIwHwYDVR0jBBgwFoAUYi6B2eNCeRSjzdlUim743pWqj5gwfwYI
  39. KwYBBQUHAQEEczBxMDUGCCsGAQUFBzABhilodHRwOi8vb2NzcDEud29zaWduLmNv
  40. bS9jbGFzczMvc2VydmVyL2NhMTA4BggrBgEFBQcwAoYsaHR0cDovL2FpYTEud29z
  41. aWduLmNvbS9jbGFzczMuc2VydmVyLmNhMS5jZXIwOQYDVR0fBDIwMDAuoCygKoYo
  42. aHR0cDovL2NybHMxLndvc2lnbi5jb20vY2ExLXNlcnZlci0zLmNybDAnBgNVHREE
  43. IDAegg4qLm15Zm9zY2FtLm9yZ4IMbXlmb3NjYW0ub3JnMFEGA1UdIARKMEgwCAYG
  44. Z4EMAQICMDwGDSsGAQQBgptRAQMCAQIwKzApBggrBgEFBQcCARYdaHR0cDovL3d3
  45. dy53b3NpZ24uY29tL3BvbGljeS8wDQYJKoZIhvcNAQEFBQADggEBAFSLG5spzqWY
  46. qzZmHTYvNPwFSF6AD1VXksIaqKvrj4x4tOR5JQz3JBpgHpchaxQlv0VxA12lmGRY
  47. kkF7vK48yVwlZkV6+ScYiK2PAVxpyJqqA42cv0vbna+cgoSbw5zz6/VjWdiAlqbl
  48. lS5Su2FsVuPJBEIbRXQshRJycmxG9JqKOWQRSNvxdO59EHyYSmo+avNLzGl218R4
  49. FeF4fEP4/QHmOPNzrDMFzfXFdlsO3T3WeXcmgeSyNGev9d6EwhP+LRJsawpVdRAq
  50. f1sqtSGbqN3iGQrEQeGMCDAE+U7nzTTCWBcFXg8O5077kiB/MZtx2kDpZf2p3qqt
  51. OVAbevhaNsE=
  52. -----END CERTIFICATE-----
  53. subject=/C=CN/ST=Guangdong/L=Shenzhen/O=Shenzhen Foscam Intelligent Technology Co,Ltd/CN=*.myfoscam.org
  54. issuer=/C=CN/O=WoSign CA Limited/CN=WoSign Class 3 OV Server CA
  55.  
  56. openssl s_client -connect [REDACTED]myfoscam.org:443
  57.  
  58.  
  59. CONNECTED(00000003)
  60.  
  61. depth=0 C = CN, ST = Guangdong, L = Shenzhen, O = "Shenzhen Foscam Intelligent Technology Co,Ltd", CN = *.myfoscam.org
  62. verify error:num=20:unable to get local issuer certificate
  63. verify return:1
  64. depth=0 C = CN, ST = Guangdong, L = Shenzhen, O = "Shenzhen Foscam Intelligent Technology Co,Ltd", CN = *.myfoscam.org
  65. verify error:num=21:unable to verify the first certificate
  66. verify return:1
  67. ---
  68. Certificate chain
  69. 0 s:/C=CN/ST=Guangdong/L=Shenzhen/O=Shenzhen Foscam Intelligent Technology Co,Ltd/CN=*.myfoscam.org
  70. i:/C=CN/O=WoSign CA Limited/CN=WoSign Class 3 OV Server CA
  71. ---
  72. Server certificate
  73. -----BEGIN CERTIFICATE-----
  74. MIIFFDCCA/ygAwIBAgIQEMpzCCRnnDOkG7I+cxTlKTANBgkqhkiG9w0BAQUFADBP
  75. MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxJDAiBgNV
  76. BAMTG1dvU2lnbiBDbGFzcyAzIE9WIFNlcnZlciBDQTAeFw0xNTA0MDcwODIwMDda
  77. Fw0xNjEyMDcwOTIwMDdaMIGFMQswCQYDVQQGEwJDTjESMBAGA1UECAwJR3Vhbmdk
  78. b25nMREwDwYDVQQHDAhTaGVuemhlbjE2MDQGA1UECgwtU2hlbnpoZW4gRm9zY2Ft
  79. IEludGVsbGlnZW50IFRlY2hub2xvZ3kgQ28sTHRkMRcwFQYDVQQDDA4qLm15Zm9z
  80. Y2FtLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK8H1eeluYBP
  81. 7x/7DLKPGneAnI9LWdMYbo+dIQKsyxQXRPOL+eWpQ/aWm/TAy0i4eDxmE0F7HmEn
  82. Y/m3Prl7TweSvFYcthDn77bJTXjbdKdLPFxc34j/KC2AdaJOJzGVJfmPuSVk2NW+
  83. mQyZxFuMU0X8M88+HwPX7leADUAjNdNIGcw4BG9xCrTY/6N/tk9an5iOHc+WKRQm
  84. P6S+2xCSHIUETpbPlpbRnk+FYDP8KLqdLwTgECIYEfsefNdasACyQ9EafWF1C683
  85. iuMAxtRe+mghklQoWYeslA6FhDcIZilPPkgnWjjqIkkAn+ik1q521aI3fUz/iGfM
  86. ugsGMuBmck0CAwEAAaOCAbMwggGvMAsGA1UdDwQEAwIFoDAdBgNVHSUEFjAUBggr
  87. BgEFBQcDAgYIKwYBBQUHAwEwCQYDVR0TBAIwADAdBgNVHQ4EFgQUYf1ztHxahhue
  88. DsBxwaJJhZHpTAIwHwYDVR0jBBgwFoAUYi6B2eNCeRSjzdlUim743pWqj5gwfwYI
  89. KwYBBQUHAQEEczBxMDUGCCsGAQUFBzABhilodHRwOi8vb2NzcDEud29zaWduLmNv
  90. bS9jbGFzczMvc2VydmVyL2NhMTA4BggrBgEFBQcwAoYsaHR0cDovL2FpYTEud29z
  91. aWduLmNvbS9jbGFzczMuc2VydmVyLmNhMS5jZXIwOQYDVR0fBDIwMDAuoCygKoYo
  92. aHR0cDovL2NybHMxLndvc2lnbi5jb20vY2ExLXNlcnZlci0zLmNybDAnBgNVHREE
  93. IDAegg4qLm15Zm9zY2FtLm9yZ4IMbXlmb3NjYW0ub3JnMFEGA1UdIARKMEgwCAYG
  94. Z4EMAQICMDwGDSsGAQQBgptRAQMCAQIwKzApBggrBgEFBQcCARYdaHR0cDovL3d3
  95. dy53b3NpZ24uY29tL3BvbGljeS8wDQYJKoZIhvcNAQEFBQADggEBAFSLG5spzqWY
  96. qzZmHTYvNPwFSF6AD1VXksIaqKvrj4x4tOR5JQz3JBpgHpchaxQlv0VxA12lmGRY
  97. kkF7vK48yVwlZkV6+ScYiK2PAVxpyJqqA42cv0vbna+cgoSbw5zz6/VjWdiAlqbl
  98. lS5Su2FsVuPJBEIbRXQshRJycmxG9JqKOWQRSNvxdO59EHyYSmo+avNLzGl218R4
  99. FeF4fEP4/QHmOPNzrDMFzfXFdlsO3T3WeXcmgeSyNGev9d6EwhP+LRJsawpVdRAq
  100. f1sqtSGbqN3iGQrEQeGMCDAE+U7nzTTCWBcFXg8O5077kiB/MZtx2kDpZf2p3qqt
  101. OVAbevhaNsE=
  102. -----END CERTIFICATE-----
  103.  
  104.  
  105. Foscam has had two years to fix this and has not.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement