Unfortunately, 18 brands of security cameras with recording functionality are susceptible to an incredibly easy hack thanks to flawed firmware from Chinese company Ray Sharp. ExtremeTech Menu.
A good time-lapse video can be useful visual documentation, and since [Tommy]’s phone is the best camera he owns he created two simple shell scripts to. [Tommy]’s work is just the glue between two other things: an app that turns the phone into an IP camera with a web server on the local network, and the ability to grab a still image from that server on demand. The app he uses for his iPhone normally serves video but has an undocumented feature that allows single frames to be downloaded by adding ‘/photo’ to the end of the URL, but the ability to get a still image is a common feature on IP camera apps for smartphones. His capture script () should therefore need only minor changes to work with just about any IP camera app. Perching a phone over a workspace and using it to create a time-lapse with a couple of shell scripts is a great example of combining simple tools to get better functionality. It could be a good way to get additional use out of an older smartphone, too.
Heck, even older dumbphones can still get some use out of them; Shmoocon 2017 brought us. Posted in, Tagged,,,,,,,,. [TrendMicro] are reporting that is emerging. This new botnet had been dubbed Persirai and targets IP cameras. Most of the victims don’t even realize their camera has access to the Internet 24/7 in the first place. Trend Micro, have found 1,000 IP cameras of different models that have been exploited by Persirai so far. There are at least another 120,000 IP cameras that the botnet could attack using the same method.
The problem starts with the IP cameras exposing themselves by default on TCP Port 81 as a web server — never a great idea. Most IP cameras use Universal Plug and Play, which allows them to open ports from inside the router and start a web server without much in the way of security checks. This paints a giant target in cyber space complete with signs asking to be exploited. After logging into a vulnerable device the attacker can perform a command injection attack which in turn points gets the camera to download further malware. The exploit runs in memory only, so once it has been rebooted it should all be fine again until your next drive by malware download.
Check your devices, because even big named companies make mistakes. IoT is turning into a battlefield. We just hope that with all these attacks, botnets, and hacks the promise of the IoT idea isn’t destroyed because of lazy coders. Elitebook 6930p sim card driver. Part of feature image from, Creative Commons license. Posted in, Tagged,,,,,.
[Filipe] has been playing around with custom firmware for inexpensive IP cameras. Specifically, he has been using cameras based on a common HI3815 chip. When you are playing around with firmware like this, a major concern is that you may end up bricking the device and rendering it useless. [Filipe] has documented a relatively simple way to on these cameras so you can hack to your heart’s content.