RE: Odd Pen-test: Security Camera

From: Drew Copley (dcopley_at_eeye.com)
Date: 05/06/04

  • Next message: Mark Melonson: "The Ultimate Toolkit..."
    Date: Thu, 6 May 2004 10:33:36 -0700
    To: "R. DuFresne" <dufresne@sysinfo.com>
    
    

    Yeah, got an icom r3... ;)

    http://www.google.com/search?hl=en&lr=&ie=UTF-8&oe=UTF-8&q=icom+r3+priva
    te+detective

    I believe there are better devices for automating
    the scanning and the antenna that comes with it sucks... but,
    it's cheap and sweet.

    > -----Original Message-----
    > From: R. DuFresne [mailto:dufresne@sysinfo.com]
    > Sent: Thursday, May 06, 2004 7:52 AM
    > To: Drew Copley
    > Cc: Yvan Boily; pen-test@securityfocus.com
    > Subject: RE: Odd Pen-test: Security Camera
    >
    >
    > The low end cameras that are not hard wired to the
    > controlling stations
    > and play wireless are keen to allow snooping of the images in a
    > "war-viewing" scenario as well.
    >
    > thanks,
    >
    > Ron DuFresne
    >
    >
    > On Wed, 5 May 2004, Drew Copley wrote:
    >
    > > Make a fuzzer to give it wrong input... go for overflows,
    > > format issues, etc... but also go for genuine randomness.
    > In the code,
    > > first try to find any strings in it. There may be
    > > backdoors left in for maintenance. There should also be a lot
    > > of clues about its' weaknesses.
    > >
    > > See what other features are available within it. Often, embedded
    > > devices have embedded OS's... and they leave completely unnecessary
    > > services left running.
    > >
    > > Cameras are no good if they can be turned off, so you may want
    > > to note any such weakness in this manner. Examine the range of
    > > it, to see if there are blatant blindspots. If it is motion
    > detected,
    > > certain motions may cause it to malfunction.
    > >
    > > They probably wouldn't want that.
    > >
    > > If the camera is more low dollar, then it will have minimal
    > > software on it and everything will be done at the system which
    > > controls it... which would make your task a lot easier as you
    > > can just load it up in IDA. Such software is guaranteed to have
    > > a ton of security holes in it... nobody could afford a large
    > > enough QA to properly check it and the userbase is likely to
    > > be small enough to have not found their own issues with it.
    > >
    > >
    > >
    > > > -----Original Message-----
    > > > From: Yvan Boily [mailto:yboily@seccuris.com]
    > > > Sent: Tuesday, May 04, 2004 5:45 PM
    > > > To: pen-test@securityfocus.com
    > > > Subject: Odd Pen-test: Security Camera
    > > >
    > > >
    > > > I was recently given an odd project. Given a configured
    > > > security camera in
    > > > which the hardware configuration is password protected, break
    > > > the password
    > > > and modify the configuration.
    > > >
    > > > I am completely unfamiliar with this hardware, but am going
    > > > to give it a
    > > > try.
    > > >
    > > > The camera is GVI-BCDNIR, which connects to the monitoring
    > > > station via a
    > > > V+2001 Multi-4 PCI capture card.
    > > >
    > > > The software package is a suite called TotalSecure DVR 2.2
    > > > from Productive
    > > > Consultants Inc.
    > > >
    > > > I am attempting to disassemle the software to identify the
    > > > authentication
    > > > mechanisms as a starting point, but any further suggestions?
    > > >
    > > > Yvan Boily
    > > > Information Security Analyst
    > > > Seccuris
    > > >
    > > >
    > > > --------------------------------------------------------------
    > > > ----------------
    > > > Ethical Hacking at the InfoSec Institute. Mention this ad and
    > > > get $545 off
    > > > any course! All of our class sizes are guaranteed to be 10
    > > > students or less
    > > > to facilitate one-on-one interaction with one of our expert
    > > > instructors.
    > > > Attend a course taught by an expert instructor with years of
    > > > in-the-field
    > > > pen testing experience in our state of the art hacking lab.
    > > > Master the skills
    > > > of an Ethical Hacker to better assess the security of your
    > > > organization.
    > > > Visit us at:
    > > >
    > http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    > > > --------------------------------------------------------------
    > > > -----------------
    > > >
    > > >
    > > >
    > >
    > >
    > --------------------------------------------------------------
    > ----------------
    > > Ethical Hacking at the InfoSec Institute. Mention this ad
    > and get $545 off
    > > any course! All of our class sizes are guaranteed to be 10
    > students or less
    > > to facilitate one-on-one interaction with one of our expert
    > instructors.
    > > Attend a course taught by an expert instructor with years
    > of in-the-field
    > > pen testing experience in our state of the art hacking lab.
    > Master the skills
    > > of an Ethical Hacker to better assess the security of your
    > organization.
    > > Visit us at:
    > >
    > http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    > >
    > --------------------------------------------------------------
    > -----------------
    > >
    >
    > --
    > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    > admin & senior security consultant: sysinfo.com
    > http://sysinfo.com
    >
    > "Cutting the space budget really restores my faith in humanity. It
    > eliminates dreams, goals, and ideals and lets us get straight to the
    > business of hate, debauchery, and self-annihilation."
    > -- Johnny Hart
    >
    > testing, only testing, and damn good at it too!
    >
    >
    >

    ------------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    any course! All of our class sizes are guaranteed to be 10 students or less
    to facilitate one-on-one interaction with one of our expert instructors.
    Attend a course taught by an expert instructor with years of in-the-field
    pen testing experience in our state of the art hacking lab. Master the skills
    of an Ethical Hacker to better assess the security of your organization.
    Visit us at:
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    -------------------------------------------------------------------------------


  • Next message: Mark Melonson: "The Ultimate Toolkit..."

    Relevant Pages

    • RE: restore Administrator password
      ... >> Ethical Hacking at the InfoSec Institute. ... >> Attend a course taught by an expert instructor with years of ... >> pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)
    • RE: XP SP2 and Nessus
      ... > Ethical Hacking at the InfoSec Institute. ... > pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)
    • RE: Removing Local Admin Rights...
      ... >> Ethical Hacking at the InfoSec Institute. ... >> Attend a course taught by an expert instructor with years ... >> pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)
    • RE: Windows SUS
      ... > Ethical Hacking at the InfoSec Institute. ... > Attend a course taught by an expert instructor with years of ... > pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)
    • Re: RE: Windows patch mgmt.
      ... > Ethical Hacking at the InfoSec Institute. ... > pen testing experience in our state of the art hacking lab. ... Attend a course taught by an expert instructor with years of in-the-field ...
      (Security-Basics)