CamOver is a camera exploitation tool that allows to disclosure network camera admin password.

Related tags

Security related resourcesiotcameraexploitcamera-controliot-hackingcamera-hackingentysecwebcam-hackingcamera-exploitation
Overview

CamOver

CamOver is a camera exploitation tool that allows to disclosure network camera admin password.

Features

  • Exploits vulnerabilities in most popular camera models such as CCTV, GoAhead and Netwave.
  • Optimized to exploit multiple cameras at one time from list with threading enabled.
  • Simple CLI and API usage.

Installation

pip3 install git+https://github.com/EntySec/CamOver

Basic usage

To use CamOver just type camover in your terminal.

usage: camover [-h] [-t] [-o OUTPUT] [-i INPUT] [-a ADDRESS] [--shodan SHODAN]
               [--zoomeye ZOOMEYE] [-p PAGES]

CamOver is a camera exploitation tool that allows to disclosure network camera
admin password.

optional arguments:
  -h, --help            show this help message and exit
  -t, --threads         Use threads for fastest work.
  -o OUTPUT, --output OUTPUT
                        Output result to file.
  -i INPUT, --input INPUT
                        Input file of addresses.
  -a ADDRESS, --address ADDRESS
                        Single address.
  --shodan SHODAN       Shodan API key for exploiting devices over Internet.
  --zoomeye ZOOMEYE     ZoomEye API key for exploiting devices over Internet.
  -p PAGES, --pages PAGES
                        Number of pages you want to get from ZoomEye.

Examples

Exploiting single camera

Let's hack my camera just for fun.

camover -a 192.168.99.100

Exploiting cameras from Internet

Let's try to use Shodan search engine to exploit cameras over Internet, we will use it with -t for fast exploitation.

camover -t --shodan PSKINdQe1GyxGgecYz2191H2JoS9qvgD

NOTE: Given Shodan API key (PSKINdQe1GyxGgecYz2191H2JoS9qvgD) is my PRO API key, you can use this key or your own, be free to use all our resources for free :)

Exploiting cameras from input file

Let's try to use opened database of cameras with -t for fast exploitation.

camover -t -i cameras.txt -o passwords.txt

NOTE: It will exploit all cameras in cameras.txt list by their addresses and save all obtained passwords to passwords.txt.

API usage

CamOver also has their own Python API that can be invoked by importing CamOver to your code.

from camover import CamOver

Basic functions

There are all CamOver basic functions that can be used to exploit specified camera.

  • exploit(address) - Exploit single camera by given address.

Examples

Exploiting single camera

from camover import CamOver

camover = CamOver()
creds = camover.exploit('192.168.99.100')

print(creds)

Other tools

Comments
  • why creds was none?

    why creds was none?

    Holle! Excuse me.

    Python 3.10.4 (main, Mar 25 2022, 15:08:58) [Clang 12.0.8 (https://android.googlesource.com/toolchain/llvm-project c935d99d7 on linux Type "help", "copyright", "credits" or "license" for more information.

    from camover import CamOver camover = CamOver() creds = camover.exploit('192.168.99.100') print(creds) (None, None) creds = camover.exploit('192.168.10.2') print(creds) (None, None)

    #"192.168.10.2"was my camera address,it was online. why creds was none? thanks, please.

    opened by wr0x00 4
  • No output

    No output

    Not sure what is going on but I got a list of cams and put them inside a txt and ran a command with and without threads and I'm not getting any output file even if I change the outputs name and refresh it doesn't seem to be making the list for some reason. Earlier I ran it for the first time and it got an output with only 1 ip but now i can't even get any output

    camover -t -i test.txt --output newlist.txt

    I run this and I get nothing outputted.

    opened by SinThroughCode 2
  • Confused

    Confused

    I ran my own list of IPs and it returned a result of zero passwords for any of them and so I started trying to use the single brute method on around 30 of them and all said not vulnerable. So i tested it with expcamera and each IP I entered in that list was bruted with zero problem. I'm unsure of what would cause this and I know for a fact this list of 2k ips which is fresh from zoomeye are all mostly vulnerable considering I'm screening the same list on expcam right now and its still getting the passwords fine.

    opened by SinThroughCode 1
  • Directory: : does not exist!

    Directory: : does not exist!

    Why does it prompt that the directory does not exist when I execute the following command? Where to put password.txt in which directory

    :~$ camover --shodan (My API_KEY) -o password.txt [-] Directory: : does not exist!

    opened by ChhR00 1
  • When I install the program, I encounter this problem, how can I solve it?

    When I install the program, I encounter this problem, how can I solve it?

    [email protected]:~# pip3 install git+https://github.com/EntySec/CamOver.git Collecting git+https://github.com/EntySec/CamOver.git Cloning https://github.com/EntySec/CamOver.git to /tmp/pip-req-build-zchrgnp4 Running command git clone -q https://github.com/EntySec/CamOver.git /tmp/pip-req-build-zchrgnp4 fatal: unable to access 'https://github.com/EntySec/CamOver.git/': Could not resolve host: github.com ERROR: Command errored out with exit status 128: git clone -q https://github.com/EntySec/CamOver.git /tmp/pip-req-build-zchrgnp4 Check the logs for full command output.

    opened by ChhR00 1
  • Search Shodan by Country/City

    Search Shodan by Country/City

    Hello!

    Is there any way to search in Shodan by country and/or city?

    In the past, when Entynet Project was alive, I remember editing the source of Entropy to modify the Shodan.query but I can't find a way.

    Any help is welcomed.

    Thanks!

    opened by pispuso 1
  • Failed to Authorize Shodan

    Failed to Authorize Shodan

    Hi,

    When I type this command camover -t --shodan PSKINdQe1GyxGgecYz2191H2JoS9qvgD I get an error [*] Authorizing Shodan by given API key... [-] Failed to authorize Shodan!

    Any ideas ?

    opened by ghost 1
Releases(1.0.0)
Owner
EntySec
EntySec is a group of security professionals and software engineers involved in the development of security tools and services.
EntySec
GitHub Repository http://entysec.netlify.app
Safety checks your installed dependencies for known security vulnerabilities

Safety checks your installed dependencies for known security vulnerabilities. By default it uses the open Python vulnerability database Safety DB, but

pyup.io 1.4k Dec 30, 2022
Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT.

Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT. This repository includes tools and documentation for the Cryptick device.

1 Dec 31, 2021
CVE-2021-44228 log4j 2.x rce漏洞检测工具

#1 使用说明 CVE-2021-44228 log4j 2.x rce漏洞检测工具,对目标链接发起get请求并利用dnslog探测是否有回显 $ python3 log4j-scan.py -h

CoCo ainrm- 4 Jan 13, 2022
Example for the NFT 3D Collectibles using Blender Scripting (Python).

NFT Collectibles using Blender Python What is this? This project is to demonstrate for generating NFT Collectible Avatar-Styled images. For details, p

hideckies 48 Nov 26, 2022
Scans for Log4j versions effected by CVE-2021-44228

check_mkExtension to check for log4j2 CVE-2021-44228 This Plugin wraps around logpresso/CVE-2021-44228-Scanner (Apache License 2.0) How it works Run i

inett GmbH 4 Jun 30, 2022
Uncover the full name of a target on Linkedin.

Revealin Uncover the full name of a target on Linkedin. It's just a little PoC exploiting a design flaw. Useful for OSINT. Screenshot Usage $ git clon

mxrch 129 Dec 21, 2022
Fuzzercorn - Bring libfuzzer to Unicorn

Fuzzercorn libfuzzer bindings for Unicorn. API // The main entry point of the fu

lazymio 23 Nov 17, 2022
Simple script for looping a Denial Of Service (DoS) attack over one single mac address in range

Bluetooth Simple Denial Of Service (DoS) Legal Note This project is made only for educational purposes and for helping in Proofs of Concept. The autho

1 Jan 09, 2022
Spring Cloud Gateway < 3.0.7 & < 3.1.1 Code Injection (RCE)

Spring Cloud Gateway 3.0.7 & 3.1.1 Code Injection (RCE) CVE: CVE-2022-22947 CVSS: 10.0 (Vmware - https://tanzu.vmware.com/security/cve-2022-22947)

Carlos Vieira 35 Dec 28, 2022
CVE-2021-36798 Exp: Cobalt Strike < 4.4 Dos

A denial of service (DoS) vulnerability (CVE-2021-36798) was found in Cobalt Strike. The vulnerability was fixed in the scope of the 4.4 release. More

104 Nov 09, 2022
Python implementation of the diceware password generating algorithm.

Diceware Password Generator - Generate High Entropy Passwords Please Note - This Program Do Not Store Passwords In Any Form And All The Passwords Are

Sameera Madushan 35 Dec 25, 2022
Log4j minecraft with python

Apache-Log4j Apache Log4j 远程代码执行 攻击者可直接构造恶意请求,触发远程代码执行漏洞。漏洞利用无需特殊配置,经阿里云安全团队验证,Apache Struts2、Apache Solr、Apache Druid、Apache Flink等均受影响 Steps 【Import

manmade 57 Oct 03, 2022
Python program that generates secure passwords.

Python program that generates secure passwords. The user has the option to select the length of the password, amount of passwords,

4 Dec 07, 2021
Python directory buster, multiple threads, gobuster-like CLI, web server brute-forcer, URL replace pattern feature.

pybuster v1.1 pybuster is a tool that is used to brute-force URLs of web servers. Features Directory busting (URI) URL replace patterns (put PYBUSTER

Glaukio 1 Jan 05, 2022
AMC- Automatic Media Access Control [MAC] Address Spoofing Tool

AMC (Automatic Media Access Control [MAC] Address Spoofing tool), helps you to protect your real network hardware identity. Each entered time interval your hardware address was changed automatically.

Dipen Chavan 14 Dec 23, 2022
Rapidly enumerate subdomains and domains using rapiddns.io.

Description Simple python module (unofficial) allowing you to access data from rapiddns.io. You can also use it as a module. As mentioned on the rapid

27 Dec 31, 2022
Fuck - Multi Brute Force 🚶‍♂

f-mbf Fuck - Multi Brute Force 🚶‍♂ Install Script $ pkg update && pkg upgrade $ pkg install python2 $ pkg install git $ pip2 install requests $ pip2

Yumasaa 1 Dec 03, 2021
Script Crack Facebook Premium 🚶‍♂

prem Script Crack Facebook Premium 🚶‍♂ Install Script $ pkg update && pkg update $ termux-setup-storage $ pkg install git $ pkg install python $ pip

Yumasaa 1 Dec 03, 2021
A Python application to predict what is cooking

ez-cuisine-classifier A Python application to predict what is cooking Environment Python 3.9 Windows 10 Install python -m venv venv .\venv\Scripts\act

Zeheng Li 1 Jun 21, 2022
CVE 2020-14871 Solaris exploit

CVE 2020-14871 Solaris exploit This is a basic ROP based exploit for CVE 2020-14871. CVE 2020-14871 is a vulnerability in Sun Solaris systems. The act

Robin Massink 2 Oct 25, 2022