Hi! Please read first my first article about SpyCam hacking before going into this article.
By the way, thanks to console cowboy. Here we go again, another information of a camera named TrendNet cameras which are vulnerable for network hacking. Yes, it was just the same scenario in which a camera’s firmware is intentionally left by the manufacturer unupdated so as people around the world could access it online.
Okay, so much for the introduction. This TrendNet camera’s root access for viewing has the URL path “/anony/mjpg.cgi”. And with this information, we just use google again by keying in the keyword inurl: “/anony/mjpg.cgi”. Now, look for the result w/ a static IP address instead of a domain. Be patient on looking of all the searches. Here’s some on the list:
Are you having hard time looking for such results? Maybe it’s time to visit Shodan and search there “netcam” and you’ll have dozens of results. Enjoy! Until next time for hacking. 😉 You may try the IP addresses as shown above the screenshot.
It was a question in my mind “how can I access my mobile phone’s camera in any computer with internet connection”. Until such time I got bored again, I came up with the idea of tickling a network IP camera. That is, I figured out that accessing the live stream of your camera in your local machine, gives you an unsecured URL path which can be viewed in any computer via the internet.
Let’s have an example:
A Network Camera which brand name I preferred not to tell you for my personal reason has a stream URL path containing “/viewerframe?mode=”. I don’t know if other network cams has the same content URL.
Now, we can look for an establishment, organization, public places where they also use this kind of IP cam. Let us visit google.com and browse the internet for any public IPs using the phrase inurl:”viewerframe?mode=”.
From the search results as shown above, just look and take note those links with the public IP address as highlighted in the figure. Let’s look into the first link which has a public IP in its URL. We have accessed now the camera live in our personal computer as shown in the picture below. The good feature of this netcam brand is you can control the viewing by turning the camera position left, right, up, and down to view the whole place.
You are not aware that because of this vulnerability, others can view and watch you. For the establishments who are using this kind of network camera, it is advised that you should update the firmware by going to the manufacturer/vendor’s website of this kind of product for blocking them from accessing your network camera. Another solution is to change the username and password of your device. Please follow instructions in your device manual.
I’ll get back to you again and post additional hacking tips on network cameras.