RE: Owning Big Brother: How to Crack into Axis IP cameras

["Brooks, Shane" <SBrooks () orangelake com>]

XSS, CSRF - You don't even have to be that fancy, at least on the 2130 we're running.  Maybe it's simply that Earth Cam 
got a hold of it and added their own interface on top of the default Axis one... But they were nice enough to give us a 
webpage where we can edit any file on the camera and submit back your changes:

http://ip.of.webcam/admin-bin/editcgi.cgi




-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Adrian P.
Sent: Thursday, September 27, 2007 4:23 PM
To: webappsec () securityfocus com
Subject: Owning Big Brother: How to Crack into Axis IP cameras

We found multiple vulnerabilities on Axis 2100 IP cameras affecting both 
old firmware versions and the latest firmware (2.43).

The research is made of two components: a purple paper and a video. The 
research doesn't just cover boring PoCs, but actual Hollywood-style 
exploits :-) . Yes, this includes the classic attack in which the 
legitimate video stream gets replaced by another stream that keeps 
looping forever!

Why am I posting this to the webappsec mail list? Because the exploits 
covered attack the web interface of these IP cameras.

More info can be found on:

http://www.procheckup.com/Vulnerability_2007.php

Regards,
AP. 

-------------------------------------------------------------------------
Sponsored by: Watchfire

The Twelve Most Common Application-level Hack Attacks
Hackers continue to add billions to the cost of doing business online 
despite security executives' efforts to prevent malicious attacks. This 
whitepaper identifies the most common methods of attacks that we have seen, 
and outlines a guideline for developing secure web applications. 
Download today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008rSe
--------------------------------------------------------------------------


No virus found in this incoming message.
Checked by AVG Free Edition. 
Version: 7.5.488 / Virus Database: 269.13.32/1032 - Release Date: 9/26/2007 8:20 PM
 

No virus found in this outgoing message.
Checked by AVG Free Edition. 
Version: 7.5.488 / Virus Database: 269.13.32/1032 - Release Date: 9/26/2007 8:20 PM
 


DISCLAIMER:
The Family of Orange Lake Resorts does not accept legal responsibility for the contents of this message. The Family of 
Orange Lake Resorts reserves the right to monitor the transmission of this message and to take corrective action 
against any misuse or abuse of its e-mail system or other components of its network. The information contained in this 
e-mail is confidential and may be legally privileged.  It is intended solely for the addressee. If you are not the 
intended recipient, any disclosure, copying, distribution, or any action or act of forbearance taken in reliance on it, 
is prohibited and may be unlawful. Any views expressed in this e-mail are those of the individual sender, except where 
the sender has been duly authorized to specifically state the content of the e-mail on behalf of The Family of Orange 
Lake Resorts.  The recipient should check this e-mail and any attachments for the presence of viruses. The Family of 
Orange Lake Resorts accepts no liability for any damage caused by any viruses transmitted by this e-mail.

-------------------------------------------------------------------------
Sponsored by: Watchfire

Cross-Site Scripting (XSS) is one of the most common application-level
attacks that hackers use to sneak into web applications today. This
whitepaper will discuss how traditional XSS attacks are performed, how to
secure your site against these attacks and check if your site is protected.
Cross-Site Scripting Explained - Download this whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701700000009405
-------------------------------------------------------------------------