Security camera hacking at the Holberton School
Default Passwords are a Hacker's Friend
Now that the cameras were located on the network. The next problem was access. A default user and password come already configured on the device . The new owner is expected to change the password, but often they don't. The first thing I did was check the default user and password that I obtained via Google. The default logins were not changed. Once logged in to each camera, I had access to all streams. As a note, I hacked the cameras while the school was relatively empty since I usually am the first to arrive. Accessing the streams is a hack in itself. However, I wanted to affect the image streaming from a camera. To do this I needed to get inside the camera, so I turned to the "nmap" tool to identify others services running on the camera...