Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
pentestitBlackPENTESTIT:19B9D857C5C11F05AACFE7C6E3F3298A
HistoryJan 30, 2019 - 1:07 a.m.

UPDATE: Cameradar v3.0.1

2019-01-3001:07:23
Black
pentestit.com
79
JSON

PenTestIT RSS Feed

My initial post covering this open source Real Time Streaming Protocol (RTSP) surveillance camera access multi-tool was about an older version. A lot has happened since then and an update – Cameradar v3.0.1 was recently made available by the author. In actuality, this post summarizes changes made to another Cameradar v3.0.0 too.

Cameradar v3.0.1

What is Cameradar?

Cameradar is an RTSP stream access tool that comes with its library. It allows you to:

  • Detect open RTSP hosts on any accessible target host
  • Detect which device model is streaming
  • Launch automated dictionary attacks to get their stream route (e.g.: /live.sdp)
  • Launch automated dictionary attacks to get the username and password of the cameras
  • Retrieve a complete and user-friendly report of the results

Cameradar v3.0.1 Change Log:

  • Fixes a bug where the CAMERADAR_CUSTOM_CREDENTIALS and CAMERADAR_CUSTOM_ROUTES environment variables were no longer used, in favor of CAMERADAR_CUSTOM-CREDENTIALS and CAMERADAR_CUSTOM-ROUTES because of a regression introduced in v3.0.0. (#189)
  • Fixes a bug where it was impossible to override the default dictionaries using the docker image. (#189)

Cameradar v3.0.0 Change Log:

Enhancements

  • The cameradar library is now more intuitive and easier to use by removing useless arguments from the Discover method
  • Added more routes and credentials to the dictionaries #185
  • Cameradar scans one more port by default (5554) #186
  • Cameradar uses nmap to improve error handling, make cameradar faster and easier to read #187
  • Removed legacy code #187
  • Finally reached 100% test coverage by completely mocking nmap #187

To summarize these changes, scanning is now done using nmap and TCP port 5554 has been added as a default as some IP cameras were found using it. Additional routes like h264major & h264minor were also added. The default password list was also updated with 888888 & 666666.

Download Cameradar v3.0.1:

The latest version of Cameradar v3.0.1 (cameradar-3.0.1.zip/cameradar-3.0.1.tar.gz) can be downloaded here. You can also check out it’s official GIT repository for older versions.

The post UPDATE: Cameradar v3.0.1 appeared first on PenTestIT.

JSON