And if anyone has any advice on how I can find the cameras route ip that'd be great, I suspect its running from Camera -> PC -> stream and I can't use any packet sniffers because they'll only make it to the PC.
Well I mean, don't tell the Internet your plan user
Isaiah Lewis
I'm not worried.
imbehind7proxies.png
Cameron Evans
You've caught my interest.
This is Sup Forums.
Hudson Garcia
In what way?
All I'm trying to achieve is finding a method of snatching a cameras IP from a stream of said camera.
I feel I'll need to bypass the stream because it's probably covered by the stream websites backend.
but CCTV always have a web panel for the security guy or the user to operate the cameras speakers/rotation/pitch, so accessing that is what I need.
Sniffers wont work because they detect the stream IP not the CCTV IP, but the stream has to be hosted on the same PC as the camera if not on the same network, so it's that I need.
but the potential for hilarity it limitless.
Leo Richardson
checked you're a big guy good luck
Hudson Parker
>In what way? >the potential for hilarity it limitless. For the lols. When has it ever been about anything else?
Chase Walker
insecam.org this site has a ton of cameras, some still have the default password set on their configs lmao havent found any that play sound yet though
Carson Campbell
Not what I'm talking about.
this is just using shit someone else already found, I'm talking about targeting individual cameras, not just random clicking and fuckery.
Levi Mitchell
this one still has the little message i set about a week ago so i guess the owners really do a great job of checking their camera insecam.org/en/view/424596/
Hudson Diaz
retard here, how does one ping a camera for its IP to begin with
Nathan Perez
you scan the entire internet for IPs that appear to be cameras
Dylan Collins
Generally all their information is online.
the most effective method is to find camera manufacturer hardware patches and in it shows the ranges their cameras operate on, then you find the network sniff out what ranges its connected to and viola, you have the camera.
that's of course the complicated method.
but in this instance, they have the camera connected to a live stream which kind of does that work for us, it's just about finding the cameras IP communicating with either us or the livestream.
if its protected from the livestreams back end then it's even more difficult and might require someone going to the camera site it self and sniffing for it.
I'm discussing targeting specific IPs for specific cameras, not blanket random searches.
The point here is to get into a specific stream and fuck with it.
Juan Campbell
sorry
Henry Watson
don't be, normies will appreciate being introduced to shodan.
Adrian Russell
It still amazes me people are this stupid. Same as WiFi routers running admin/admin logins
Brayden Phillips
If that camera is presumably connected to the art venue's network, would it be possible to find out the venue's IP and go from there?
Leo Perry
You wouldn't believe it.
I've found cameras located in nuclear testing facilities in Russia. as well as some DoD facilities.
They do not think for a second any will exploit that vulnerability, and by the way, you access the camera, you can access printers.
I remember printing a shit load of pepe images at MIT through one of their printers that was unprotected.
yes, in theory. if you connect to the art venues wifi you can just packet sniff it (if you're on site) if not, wellll I don't know.
I'm thinking if we can get a list of all the online cameras in that area (of the gallery) from SHODAN it might be listed there.
Michael Wood
>I've been working on the Shia LeBouf camera ok so tell us what you've done...? unless you've done nothing and want someone else to do the work for you
Juan Mitchell
Have some user on Sup Forums figure out the model number of the camera. It would be pretty easy to find it after that if it's exposed to the internet. All you have to do is scan NewYork IPs or maybe even put it into shodan if you are lucky.
Isaac Torres
Alright.
Downloaded the site "hewillnotdivide.us" to search the embed file for the swf, flash or any other embedding player info, to try isolate the stream.
Sniffed the site with the chrome dev tools (as expected, nothing of use came from that) I did find the site isn't passprotected and it does accept donations, good job shia, really protecting your users.
I checked the livestream with Fiddler and it only detected livestream incoming traffic. which raised the hypothesis that the camera is streaming to a PC which is then uploading that to the livestream site.
I'm posting for other Sup Forums people to point out something I might be missing or offer valid suggestions, in no way is this a request thread for someone to skriptkid for me.
it's the camera in the OP.
they're pretty standard, only a few companies make them like that, it was probably bought locally (NY) area.
Luke Powell
>it was probably bought locally (NY) area. Maybe it was /ourguy/ Louis? His shop does security cam stuff, and if they got it from there, then you're probably fucked.
Dylan Watson
Does louis change cam passwords?
'cause it's literally a pro-active step you need to be aware of when setting up these cameras.
if it is louis then homeboy can help us out lol
Nathaniel Bennett
if it was an ONVIF or RTSP stream then maybe you could use wireshark for further info. If it's streaming through your browser that shit will more than likely be locked down.
Jack Allen
someone suggested wireshark, but it's likely it'll yield the same result, only detecting the stream IP.
Andrew Parker
that's how it works you idiots he uses livestream to broadcast
Brayden Evans
I went to my city, some poor woman under surveillance at her job, creeps me out. Makes me wonder how many people are being surveilled at work and their boss isn't an idiot with default admin/admin
Wyatt Murphy
This is true, but thats the best you will do. UDP packet headers . . .
Isaiah Cook
ah this again, was fucking hilarious the cams that were open
Bentley Morris
There are a few with little kids and stuff, I wish there was a way to make the stupid parents realise that they were broadcasting to the world.
John James
By gaining access and exploiting it, certainly makes them aware, but it's the fault of sysadmins and camera installers not properly advising their customers.
...we know..
Jordan Evans
final bump
David Nguyen
Wouldn't you have to be in close physical proximity to the network and crack the wifi ? Once there use IP sniffing software to list all IPs on network then URL search each individual IP until you find the one that belongs to the camera. Brute force if authentication is required. I mean at the end of the day you have to enter the network somehow.
Brandon Davis
some cameras have an api that faces out to the web and if it is facing out to the web you can almost be certain that the owner did not change the defaults
