Dear all,
Cheers! For a security research, I wish to fake login page of particular (probably easier -low end models) IP camera.
Using exploring Appache and .htaccess method... but not sure how to create service banners information..so it would like a real camera for a search engine or IP scanner? Let me know, if i miss something.
Any old/new trick? Any suggestion highly welcome.
Many thanks,
Chandra
"For a security research, I wish to fake login page.."
What is the goal of your security research?
Are you attempting to create some kind of honeypot?
Tell me what camera you want to fake
>>What is the goal of your security research?
yes. it is a kind of low interaction honeypot.
>>Tell me what camera you want to fake
Nothing in particular. but D-link will be one the aim.
Any thoughts?
Thanks.
So do you have a working .htaccess a file doing basic or digest authentication:
Authtype Basic
AuthName Name
AuthUserFile points to your .htpasswd file
Require valid-user
As for banners, http doesn't have banners per se. FTP or SSH or SMTP, things like that have banners. Because you get a shell.
But, http is not like that. Http always has a requested page, or a default page; whatever you put in the http headers and html body of that page is what the engines will search for. If you really want banners you can add a ftpd daemon with banners.
Once you get your auth going, just go and steal the source html from the camera that you want to imitate. To make it easy, try to find one that doesn't use JavaScript redirection.
Then just deliver that page statically.
Thanks for useful input. I have limited on the web technology side. will look into it...
-Cheers!
chandra
Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.