Slashdot Mirror

← Back to Stories (view on slashdot.org)

Push To Hack: Reverse Engineering an IP Camera (contextis.com)

Posted by timothy on from the well-lookie-here dept.

New submitter tetraverse writes: For our most recent IoT adventure, we've examined an outdoor cloud security camera [the Motorola Focus 73] which like many devices of its generation a) has an associated mobile app b) is quick to setup and c) presents new security threats to your network. From the article: This blog describes in detail how we were able to exploit the camera without access to the local network, steal secrets including the home networkâ(TM)s Wi-Fi password, obtain full control of the PTZ (Pan-Tilt-Zoom) controls and redirect the video feed and movement alerts to our own server; effectively watching the watchers.

35 comments

  1. It's another Foscam brander by Anonymous Coward · · Score: 0

    And that's all that need be said.

  2. So, if one actually wanted to RTFA... by bbsguru · · Score: 4, Informative

    Where would one look?

    1. Re:So, if one actually wanted to RTFA... by Sinister+Stairs · · Score: 2

      Probably this:
      http://www.contextis.com/resou...

    2. Re:So, if one actually wanted to RTFA... by Anonymous Coward · · Score: 1

      http://www.contextis.com/resources/blog/push-hack-reverse-engineering-ip-camera/

    3. Re:So, if one actually wanted to RTFA... by Frederic54 · · Score: 4, Informative

      It's at the right of the title
      http://www.contextis.com/resou...

      --
      "Science will win because it works." - Stephen Hawking
    4. Re:So, if one actually wanted to RTFA... by Anonymous Coward · · Score: 0

      Editors?! on Slashdot?!

    5. Re:So, if one actually wanted to RTFA... by antdude · · Score: 1

      Why did they put that there? Sheesh.

      --
      Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
  3. Content by josiahgould · · Score: 1

    Well, in case anyone was interested - http://www.contextis.com/resou...

  4. Why people do not fight back... by martiniturbide · · Score: 3, Insightful

    ..cloud exclusive hardware? It is not only about security but also as control of the hardware you paid for. http://martin.iturbide.com/201...

    1. Re:Why people do not fight back... by gstoddart · · Score: 1

      Because all people give a shit about these days is "ZOMG, I can get an app for my phone!!".

      Things like security or having the device become obsolete at the whim of the company are meaningless.

      Welcome to the world, now with 150% more cloud. This way you can keep paying for the same stuff over and over until we decide to take it away.

      --
      Lost at C:>. Found at C.
    2. Re:Why people do not fight back... by NotInHere · · Score: 1

      "Cloud only hardware". Must remember this phrase, really sums up the current trend.

    3. Re:Why people do not fight back... by Obfuscant · · Score: 1

      "Cloud only hardware". Must remember this phrase, really sums up the current trend.

      Yeah. I just bought a Cisco MS220 switch. I get thirty days of free access to the cloud web management to set it up, then I'm supposed to pay for a license on a yearly basis. The local management options are limited, including the wonderful fact that it will not change it's interface from 1.1.1.100 to the IP address I configure it for, nor will it stop reporting details of my internal network to Cisco unless I block it at the router. Which I did.

      It's a damn switch -- a piece of hardware. Why does Cisco think they need to know how many other hosts are on my network and on which ports they appear?

    4. Re:Why people do not fight back... by Mr.+Haplo · · Score: 1

      Inquiring minds want to know. You know all of this about your switch and you've not returned it yet? What compels you to keep it? Does it whip up a tasty mocha latte on the side?

      --
      -- You have moved your mouse. Windows will now reboot.
    5. Re:Why people do not fight back... by Obfuscant · · Score: 1

      What compels you to keep it?

      1. Once it gets over the fact that Momma isn't going to respond to it, it does work as a switch.

      2. It has a healthy PoE capability, which is the only reason I bought it instead of another HP managed switch.

    6. Re:Why people do not fight back... by Anonymous Coward · · Score: 0

      You sure about 1? The primary reason I've not even considered Meraki devices is that my understanding was if you did not keep the license up-to-date, you wound up with an expensive brick.

      As per https://docs.meraki.com/display/kb/Meraki+Licensing+FAQ:

      Q: What happens when my license runs out?
      A: You can purchase a renewal through an authorized Meraki partner. If you chose not to renew, you will no longer be able to manage your devices via the Meraki cloud, and your Meraki network devices will cease to function. This means that you will no longer be able to configure or make changes to your Meraki network equipment, and your Meraki network products will no longer allow traffic to pass to the Internet. With Systems Manager networks, you will no longer be able to enroll devices or change settings for currently enrolled devices.

      At the time I was considering a device with routing capability and I see you're referring to a switch, so perhaps it keeps working (although the tone of the above would certainly lead me to think that they would disable it in some way that would "incent" you to relicense it).

      I just didn't appreciate the whole "forced license" Meraki attitude. Seemed a bit excessive for a device to be used in the home - perhaps they can get away with that in the small business / enterprise world.

  5. Behind the shield by Okian+Warrior · · Score: 2

    On the right hand side of the title text, behind the thing that looks like a shield and the thing that looks like a dashpot connected to a screen door, is a link. It's there.

    http://www.contextis.com/resou...

    (On my terminal the link is actually behind those two icons. I'm sure the icons are useful for something, but I'm not exactly sure what. The icons also partially obscure the "from the whatchamacallit dept" text, and I'm not exactly sure what that's good for, either.)

    Slashdot is a classy site!

  6. Need at least basic M&M security by silas_moeckel · · Score: 3, Interesting

    M&M security is not great (hard candy shell soft middle) but it's at least something. I've got plenty of CCTV IoT etc etc but they can not access the internet with a singular exception and thats pretty much an application specific firewall. The rest is all easily accessible via a VPN.

    We keep getting gear that wants to up upnp to open up ports to the world. Only is useful while talking to cloud control gear. Meaning it's not very useful at all.

    --
    No sir I dont like it.
  7. logic by Anonymous Coward · · Score: 0

    The problem of being a programmer with a mild case of OCD is that wrong logic statements become really unnerving.

    "Watching what the watchers are watching" you stupid fucks.

  8. Re:dimothy continues to fail by bobbied · · Score: 0

    "Yesterday I couldn't spell Engineer, today I are one!"

    The E in STEM stands for "Engineering" not "English" you know..

    --
    "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
  9. Re: Where? by slazzy · · Score: 1

    Possibly while sitting on the toilet.

    --
    Website Just Down For Me? Find out
  10. Re:dimothy continues to fail by rlh100 · · Score: 2, Insightful

    Mr asshole, please keep your spell checking fascism comments to yourself. As someone who has struggled all my 50+ years of my life with spelling and writing, I know how shaming your "helpful" comments are. Rather than helping they are more likely to shut the writer down. Silencing their voice. To include profanity in your "helpful" comment you double down on silencing their voice. So next time keep your unhelpful comments to yourself. If you really can't control your impulses, then please leave the profanity out. Your "Not fucking hard, is it?" turned a questionable "helpful" comment into a shaming insult.

    RLH

  11. Re: dimothy continues to fail by Anonymous Coward · · Score: 0

    Yes, Grammar Nazis demonstrate they have a very deep inferiority complex combined with a great deal of unresolved internalized anger that they redirect to the only group of people they can feel superior to, by only in an environment where they can strike from a great distance because they would be too cowardly to ever do so in person.

  12. Re:dimothy continues to fail by Anonymous Coward · · Score: 0

    Gee whiz, the account name is 'edittard'. Why are you silencing someone who is clearly helplessly at the effect of THE RULES ?

  13. You didn't hear it from me, but... by Anonymous Coward · · Score: 0

    Try username: admin, password: 12345

    Works on just about every Panasonic "security" camera ever made.

    1. Re: You didn't hear it from me, but... by Anonymous Coward · · Score: 0

      Isn't that the password for the plantary shield in spaceballs

  14. You need to put the U back into URL! by dsmatthews9379 · · Score: 1

    How hard is it to have an story submission process that checks the integrity of inputs? Missing or hard to find story links seems to be a regular problem of late.

  15. Threat?! by Anonymous Coward · · Score: 0

    Personally, I don't see the camera as threatening. Sure, it may host vulnerabilities, but I have yet to see a camera actively try to attack my network. It has the potential to be an attack vector due to its vulnerabilities, but a threat? This tells me that tetra verse and timothy need to learn a bit more about their terminology.

  16. Re:dimothy continues to fail by Anonymous Coward · · Score: 0

    The primary purpose of this website, like so many others, is communication. Someone who is employed to create the lines and story summaries needs to be skilled in communication. Part of those skills include a knowledge of English spelling and grammar, as well as good communication principles. If someone doesn't have those skills, they are not suitable for this position. This is not an assessment of them as a person, but an assessment of their skill set and its match for the job.

    edittard is implying that timothy's work is regularly not up to scratch and should perhaps seek a different line of employment.

  17. Lots of work little time for security by Anonymous Coward · · Score: 0

    I worked on a camera that had ssh running with remote root access under a hidden default password... I shudder to think how many routers are out there doing the same sort of thing

  18. Local or Wan exploit? by Zaphoddd · · Score: 1

    Correct me here.. Did the fw portion of the hack happen on the lan or wan? It seems to imply wan, but some statements seem like they used their physical access to the camera.

  19. Re:dimothy continues to fail by Anonymous Coward · · Score: 0

    Spelling and grammar Nazis exist because actual technical contribution to a discussion is too hard for them.

    All the English lit majors out there have to do something to make up for their lack of technical intellect I guess.

  20. Re:dimothy continues to fail by thegarbz · · Score: 1

    Do you get paid to write words? No? Then you get a free pass.

    The "editors" on Slashdot on the other hand don't.