the best part about it is that from my experience, cameras are often embedded devices, and they have abysmal security.
-
RE: https://mas.to/@PrivacyDigest/116206811518592253
the best part about it is that from my experience, cameras are often embedded devices, and they have abysmal security. Most of the time, you can just point to their RTSP streams and get a video feed without auth. and technically that's "hacking" it, I guess.
and if you want code execution, many have hardcoded backdoors, or if you manage to get in with default creds, many sources for command injection, and other fun things.
-
RE: https://mas.to/@PrivacyDigest/116206811518592253
the best part about it is that from my experience, cameras are often embedded devices, and they have abysmal security. Most of the time, you can just point to their RTSP streams and get a video feed without auth. and technically that's "hacking" it, I guess.
and if you want code execution, many have hardcoded backdoors, or if you manage to get in with default creds, many sources for command injection, and other fun things.
many will have the ability to communicate via SMB or maybe NFS. I remember a story from two years ago where a ransomware group got exec on a camera, mounted an SMB share, and just... encrypted everything from the camera.
-
RE: https://mas.to/@PrivacyDigest/116206811518592253
the best part about it is that from my experience, cameras are often embedded devices, and they have abysmal security. Most of the time, you can just point to their RTSP streams and get a video feed without auth. and technically that's "hacking" it, I guess.
and if you want code execution, many have hardcoded backdoors, or if you manage to get in with default creds, many sources for command injection, and other fun things.
- YouTube
Auf YouTube findest du die angesagtesten Videos und Tracks. Außerdem kannst du eigene Inhalte hochladen und mit Freunden oder gleich der ganzen Welt teilen.
(www.youtube.com)
- YouTube
Auf YouTube findest du die angesagtesten Videos und Tracks. Außerdem kannst du eigene Inhalte hochladen und mit Freunden oder gleich der ganzen Welt teilen.
(www.youtube.com)
-
many will have the ability to communicate via SMB or maybe NFS. I remember a story from two years ago where a ransomware group got exec on a camera, mounted an SMB share, and just... encrypted everything from the camera.
@da_667 for uh, no reason in particular also turn off SMB and RDP on your printers. Please.
-
@da_667 for uh, no reason in particular also turn off SMB and RDP on your printers. Please.
@winterknight1337 @da_667 mmmm rdp into the printer
-
@winterknight1337 @da_667 mmmm rdp into the printer
@Viss @winterknight1337 @da_667
teenage hijinks - "wardriving" but it was early 2000s and bestbuy sold default-open linksys APs. Driving by, connecting to the printer and printing
haha pwn3dbefore speeding off... -
- YouTube
Auf YouTube findest du die angesagtesten Videos und Tracks. Außerdem kannst du eigene Inhalte hochladen und mit Freunden oder gleich der ganzen Welt teilen.
(www.youtube.com)
- YouTube
Auf YouTube findest du die angesagtesten Videos und Tracks. Außerdem kannst du eigene Inhalte hochladen und mit Freunden oder gleich der ganzen Welt teilen.
(www.youtube.com)
-
@Viss @winterknight1337 @da_667
teenage hijinks - "wardriving" but it was early 2000s and bestbuy sold default-open linksys APs. Driving by, connecting to the printer and printing
haha pwn3dbefore speeding off...@kajer @winterknight1337 @da_667 you can still do that now, haha - i see printer wifi networks from home, and also in nearly every office building i go to, some restaurants etc - that shit is still everywhere
-
@thepacketrat @da_667 same. ive seen infosec bullshit turn over like, four maybe five times now. last go-around i tried to warn people of the frauds and grifters, but they turned on me, because HOLY SHIT THERES A LOT OF EM. twitter burning down seemed to mark another 'churn', and this time around they can fend for themselves. im done trying to help 'the community'.
-
@thepacketrat @da_667 same. ive seen infosec bullshit turn over like, four maybe five times now. last go-around i tried to warn people of the frauds and grifters, but they turned on me, because HOLY SHIT THERES A LOT OF EM. twitter burning down seemed to mark another 'churn', and this time around they can fend for themselves. im done trying to help 'the community'.
-
R relay@relay.infosec.exchange shared this topic
