Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home > News > Security > Advisories

October 8th, 2007, 14:35 GMT · By Alexandru Dumitru

How to Crack Into Security Cameras

SHARE:

Adjust text size:



Enlarge picture
Security experts are always trying to make other people see that their systems are vulnerable, fact which means they need improvement! This is just another one of those cases - white hatters at ProCheckUp have given a proof of concept in an earlier paper on how easy it is to make a total mockery of Axis 2100 IP cameras. These are quite common and you can see one in the picture to the
left.

I guess that you were all curios to find out how or if it was possible for those hackers on TV to actually make a mockery of security cameras. Well, the guys at ProCheckUp discovered that they can redirect what video file is played back by an AXIS 2100 IP camera. The paper on this is very tech savvy and I doubt that simple users could do it.

The strength of the IP camera is actually its own vulnerability - it's part of a network, fact which means it has routing capabilities, it can run commands and sometimes even allow outsiders to upload and run their own applications! I think that some of you may already see where all this is heading towards.

There are several vulnerabilities that can be exploited by malicious users, such System-wide Cross-site Request Forgeries (CSRF) (any admin action can be forged by design) non-persistent Cross-site Scripting (XSS) on 404 error pages, persistent cross-site Scripting (XSS) on the network settings page, persistent cross-site Scripting (XSS) on the video viewing page, persistent cross-site Scripting (XSS) on the logs viewing facility. There are more that could get exploited, but these are just a few that the researchers mentioned. Abusing these could make a security guard watch an endless loop of nothing, while there could be a lot going on!

The method in which these vulnerabilities could get exploited is far too tech-savvy for normal readers, so if you really want to find out more, click on the link I posted above. However, keep in mind that this information is just for your knowledge, and should not be used for malicious purposes. Hacking cameras is illegal and will get you arrested!

TELL US WHAT YOU THINK:

3,001 hits · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:


The Future of Video Surveillance
Apple iPhone Shipments Begin Arriving in U.S.
Spooky! Talking CCTV Cameras Will Tell Hoboes And Bullies How to Behave
Happy Security Cameras
Computer Software Will Recognize Suspicious Behavior in the Streets!

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2012 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use