Hello,
While looking for ways to test if my IP cams were sufficiently secured i learned a little about NMAP, wireshark/Tshark, angryIPscaner, looked at Kali etc. All looked great from the outside using a remote sever. But then I tried via FF or chrome with webrtc disabled to"arllc.net/findipcam/"it got scary. Holy crap!! found em in minutes and asked for login info (didn't supply of course). I started a couple of VPN's and tried again yet still the cams were identified but from the inside, ie 198.168.0.x etc. . Since it worked even on a vpn, i assume it found some way of using the browser or even the router to run a local scan. Any way to figure out how?
IP cam hack: is this an LM or browser vulnerability?
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
-
- Level 5
- Posts: 564
- Joined: Fri Sep 05, 2014 1:39 am
IP cam hack: is this an LM or browser vulnerability?
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
comadore, pcDOS, hpux, solaris, vms-vax ....blah blah blah..
Yet I'm still a fn nooob
Yet I'm still a fn nooob
-
- Level 5
- Posts: 564
- Joined: Fri Sep 05, 2014 1:39 am
Re: IP cam hack: is this an LM or browser vulnerability?
BTW I suspect this is a neat application of 'social engineering'. Getting the user to divulge. Check it out but with great caution.
comadore, pcDOS, hpux, solaris, vms-vax ....blah blah blah..
Yet I'm still a fn nooob
Yet I'm still a fn nooob
-
- Level 6
- Posts: 1282
- Joined: Mon Nov 24, 2014 9:17 am
- Location: Chrząszczyżewoszyce, powiat Łękołody
Re: IP cam hack: is this an LM or browser vulnerability?
You are in local, cam in local, browser in local. There is Java Script in every browsers. It is a programming language running in where? Right! In local.
Not arllc.net/findipcam found your cam, but your browser (btw: browser always knows exactly everything you type. Don't be fool wits asterics in input fileld - it's just prevent from other's eyes over your shoulder, but browser itself always knows exactly what you type).
Well, and your browser tells them everything, and them just shows you the result. But not only! Congradulation, probably your cam in their database Hacking possible not only outside, but inside and this is really no hacking at all because everithing may be done by own hands. I guess you are already knows that. Be carefull.
Not arllc.net/findipcam found your cam, but your browser (btw: browser always knows exactly everything you type. Don't be fool wits asterics in input fileld - it's just prevent from other's eyes over your shoulder, but browser itself always knows exactly what you type).
Well, and your browser tells them everything, and them just shows you the result. But not only! Congradulation, probably your cam in their database Hacking possible not only outside, but inside and this is really no hacking at all because everithing may be done by own hands. I guess you are already knows that. Be carefull.
Windows assumes I'm stupid but Linux demands proof of it