Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Todas las cámaras y dispositivos de red de Foscam utilizan la misma clave privada SSL que está codificada en el firmware descargable. Las claves se extrajeron utilizando la utilidad 'binwalk' y permiten a un atacante a MITM cualquier dispositivo Foscam.
- Dos problemas en uno que anulan SSL en dispositivos foscam:
- Todas las cámaras en red de Foscam usan la misma clave privada SSL que está codificada en el firmware descargable. Esto se extrae fácilmente usando una utilidad como binwalk y permitiría a un atacante a MITM cualquier dispositivo Foscam.Las claves SSL de un dispositivo son válidas para cualquier otro dispositivo. Ver los certificados CN a continuación: *.myfoscam.org
- A continuación se encuentran los certificados ssl de dos dispositivos foscam.
- openssl s_client -connect [REDACTED]myfoscam.org:443
- CONNECTED(00000003)
- depth=0 C = CN, ST = Guangdong, L = Shenzhen, O = "Shenzhen Foscam Intelligent Technology Co,Ltd", CN = *.myfoscam.org
- verify error:num=20:unable to get local issuer certificate
- verify return:1
- depth=0 C = CN, ST = Guangdong, L = Shenzhen, O = "Shenzhen Foscam Intelligent Technology Co,Ltd", CN = *.myfoscam.org
- verify error:num=21:unable to verify the first certificate
- verify return:1
- ---
- Certificate chain
- 0 s:/C=CN/ST=Guangdong/L=Shenzhen/O=Shenzhen Foscam Intelligent Technology Co,Ltd/CN=*.myfoscam.org
- i:/C=CN/O=WoSign CA Limited/CN=WoSign Class 3 OV Server CA
- ---
- Server certificate
- -----BEGIN CERTIFICATE-----
- MIIFFDCCA/ygAwIBAgIQEMpzCCRnnDOkG7I+cxTlKTANBgkqhkiG9w0BAQUFADBP
- MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxJDAiBgNV
- BAMTG1dvU2lnbiBDbGFzcyAzIE9WIFNlcnZlciBDQTAeFw0xNTA0MDcwODIwMDda
- Fw0xNjEyMDcwOTIwMDdaMIGFMQswCQYDVQQGEwJDTjESMBAGA1UECAwJR3Vhbmdk
- b25nMREwDwYDVQQHDAhTaGVuemhlbjE2MDQGA1UECgwtU2hlbnpoZW4gRm9zY2Ft
- IEludGVsbGlnZW50IFRlY2hub2xvZ3kgQ28sTHRkMRcwFQYDVQQDDA4qLm15Zm9z
- Y2FtLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK8H1eeluYBP
- 7x/7DLKPGneAnI9LWdMYbo+dIQKsyxQXRPOL+eWpQ/aWm/TAy0i4eDxmE0F7HmEn
- Y/m3Prl7TweSvFYcthDn77bJTXjbdKdLPFxc34j/KC2AdaJOJzGVJfmPuSVk2NW+
- mQyZxFuMU0X8M88+HwPX7leADUAjNdNIGcw4BG9xCrTY/6N/tk9an5iOHc+WKRQm
- P6S+2xCSHIUETpbPlpbRnk+FYDP8KLqdLwTgECIYEfsefNdasACyQ9EafWF1C683
- iuMAxtRe+mghklQoWYeslA6FhDcIZilPPkgnWjjqIkkAn+ik1q521aI3fUz/iGfM
- ugsGMuBmck0CAwEAAaOCAbMwggGvMAsGA1UdDwQEAwIFoDAdBgNVHSUEFjAUBggr
- BgEFBQcDAgYIKwYBBQUHAwEwCQYDVR0TBAIwADAdBgNVHQ4EFgQUYf1ztHxahhue
- DsBxwaJJhZHpTAIwHwYDVR0jBBgwFoAUYi6B2eNCeRSjzdlUim743pWqj5gwfwYI
- KwYBBQUHAQEEczBxMDUGCCsGAQUFBzABhilodHRwOi8vb2NzcDEud29zaWduLmNv
- bS9jbGFzczMvc2VydmVyL2NhMTA4BggrBgEFBQcwAoYsaHR0cDovL2FpYTEud29z
- aWduLmNvbS9jbGFzczMuc2VydmVyLmNhMS5jZXIwOQYDVR0fBDIwMDAuoCygKoYo
- aHR0cDovL2NybHMxLndvc2lnbi5jb20vY2ExLXNlcnZlci0zLmNybDAnBgNVHREE
- IDAegg4qLm15Zm9zY2FtLm9yZ4IMbXlmb3NjYW0ub3JnMFEGA1UdIARKMEgwCAYG
- Z4EMAQICMDwGDSsGAQQBgptRAQMCAQIwKzApBggrBgEFBQcCARYdaHR0cDovL3d3
- dy53b3NpZ24uY29tL3BvbGljeS8wDQYJKoZIhvcNAQEFBQADggEBAFSLG5spzqWY
- qzZmHTYvNPwFSF6AD1VXksIaqKvrj4x4tOR5JQz3JBpgHpchaxQlv0VxA12lmGRY
- kkF7vK48yVwlZkV6+ScYiK2PAVxpyJqqA42cv0vbna+cgoSbw5zz6/VjWdiAlqbl
- lS5Su2FsVuPJBEIbRXQshRJycmxG9JqKOWQRSNvxdO59EHyYSmo+avNLzGl218R4
- FeF4fEP4/QHmOPNzrDMFzfXFdlsO3T3WeXcmgeSyNGev9d6EwhP+LRJsawpVdRAq
- f1sqtSGbqN3iGQrEQeGMCDAE+U7nzTTCWBcFXg8O5077kiB/MZtx2kDpZf2p3qqt
- OVAbevhaNsE=
- -----END CERTIFICATE-----
- subject=/C=CN/ST=Guangdong/L=Shenzhen/O=Shenzhen Foscam Intelligent Technology Co,Ltd/CN=*.myfoscam.org
- issuer=/C=CN/O=WoSign CA Limited/CN=WoSign Class 3 OV Server CA
- openssl s_client -connect [REDACTED]myfoscam.org:443
- CONNECTED(00000003)
- depth=0 C = CN, ST = Guangdong, L = Shenzhen, O = "Shenzhen Foscam Intelligent Technology Co,Ltd", CN = *.myfoscam.org
- verify error:num=20:unable to get local issuer certificate
- verify return:1
- depth=0 C = CN, ST = Guangdong, L = Shenzhen, O = "Shenzhen Foscam Intelligent Technology Co,Ltd", CN = *.myfoscam.org
- verify error:num=21:unable to verify the first certificate
- verify return:1
- ---
- Certificate chain
- 0 s:/C=CN/ST=Guangdong/L=Shenzhen/O=Shenzhen Foscam Intelligent Technology Co,Ltd/CN=*.myfoscam.org
- i:/C=CN/O=WoSign CA Limited/CN=WoSign Class 3 OV Server CA
- ---
- Server certificate
- -----BEGIN CERTIFICATE-----
- MIIFFDCCA/ygAwIBAgIQEMpzCCRnnDOkG7I+cxTlKTANBgkqhkiG9w0BAQUFADBP
- MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxJDAiBgNV
- BAMTG1dvU2lnbiBDbGFzcyAzIE9WIFNlcnZlciBDQTAeFw0xNTA0MDcwODIwMDda
- Fw0xNjEyMDcwOTIwMDdaMIGFMQswCQYDVQQGEwJDTjESMBAGA1UECAwJR3Vhbmdk
- b25nMREwDwYDVQQHDAhTaGVuemhlbjE2MDQGA1UECgwtU2hlbnpoZW4gRm9zY2Ft
- IEludGVsbGlnZW50IFRlY2hub2xvZ3kgQ28sTHRkMRcwFQYDVQQDDA4qLm15Zm9z
- Y2FtLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK8H1eeluYBP
- 7x/7DLKPGneAnI9LWdMYbo+dIQKsyxQXRPOL+eWpQ/aWm/TAy0i4eDxmE0F7HmEn
- Y/m3Prl7TweSvFYcthDn77bJTXjbdKdLPFxc34j/KC2AdaJOJzGVJfmPuSVk2NW+
- mQyZxFuMU0X8M88+HwPX7leADUAjNdNIGcw4BG9xCrTY/6N/tk9an5iOHc+WKRQm
- P6S+2xCSHIUETpbPlpbRnk+FYDP8KLqdLwTgECIYEfsefNdasACyQ9EafWF1C683
- iuMAxtRe+mghklQoWYeslA6FhDcIZilPPkgnWjjqIkkAn+ik1q521aI3fUz/iGfM
- ugsGMuBmck0CAwEAAaOCAbMwggGvMAsGA1UdDwQEAwIFoDAdBgNVHSUEFjAUBggr
- BgEFBQcDAgYIKwYBBQUHAwEwCQYDVR0TBAIwADAdBgNVHQ4EFgQUYf1ztHxahhue
- DsBxwaJJhZHpTAIwHwYDVR0jBBgwFoAUYi6B2eNCeRSjzdlUim743pWqj5gwfwYI
- KwYBBQUHAQEEczBxMDUGCCsGAQUFBzABhilodHRwOi8vb2NzcDEud29zaWduLmNv
- bS9jbGFzczMvc2VydmVyL2NhMTA4BggrBgEFBQcwAoYsaHR0cDovL2FpYTEud29z
- aWduLmNvbS9jbGFzczMuc2VydmVyLmNhMS5jZXIwOQYDVR0fBDIwMDAuoCygKoYo
- aHR0cDovL2NybHMxLndvc2lnbi5jb20vY2ExLXNlcnZlci0zLmNybDAnBgNVHREE
- IDAegg4qLm15Zm9zY2FtLm9yZ4IMbXlmb3NjYW0ub3JnMFEGA1UdIARKMEgwCAYG
- Z4EMAQICMDwGDSsGAQQBgptRAQMCAQIwKzApBggrBgEFBQcCARYdaHR0cDovL3d3
- dy53b3NpZ24uY29tL3BvbGljeS8wDQYJKoZIhvcNAQEFBQADggEBAFSLG5spzqWY
- qzZmHTYvNPwFSF6AD1VXksIaqKvrj4x4tOR5JQz3JBpgHpchaxQlv0VxA12lmGRY
- kkF7vK48yVwlZkV6+ScYiK2PAVxpyJqqA42cv0vbna+cgoSbw5zz6/VjWdiAlqbl
- lS5Su2FsVuPJBEIbRXQshRJycmxG9JqKOWQRSNvxdO59EHyYSmo+avNLzGl218R4
- FeF4fEP4/QHmOPNzrDMFzfXFdlsO3T3WeXcmgeSyNGev9d6EwhP+LRJsawpVdRAq
- f1sqtSGbqN3iGQrEQeGMCDAE+U7nzTTCWBcFXg8O5077kiB/MZtx2kDpZf2p3qqt
- OVAbevhaNsE=
- -----END CERTIFICATE-----
- Foscam has had two years to fix this and has not.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement