"Hack" eBay camera to get access to videostream?
Moderator: leecollings
Re: "Hack" eBay camera to get access to videostream?
good work, i actually have ipcam viewer pro for Android on my phone will give it a shot, cheers
Re: "Hack" eBay camera to get access to videostream?
using IPcam viewer and ARC welder, a deskop emulator for android/chrome, i managed to get it running on desktop too.
https://developer.chrome.com/apps/getstarted_arc
https://developer.chrome.com/apps/getstarted_arc
Re: "Hack" eBay camera to get access to videostream?
I found this topic via google while searching for the password, found that nobody has it so i started hacking it.
Found the telnet password:
Username: root
Password: noty
Found it by hacking into the camera via a path traversal exploit in the web server and running the password hash trough john the ripper.
Some more info so more people find this when searching for it:
passwd:
telnet prompt + login:
Found the telnet password:
Username: root
Password: noty
Found it by hacking into the camera via a path traversal exploit in the web server and running the password hash trough john the ripper.
Some more info so more people find this when searching for it:
passwd:
Code: Select all
root:$6$msTRRedr$e7Fw3JVflNlRZrIbR1f0qlKLpDnbvd4OuyEJEKBIYs04vylb9IrSKUO4Ldg56tdR1Qk5YPUeV/8PjFLiUFRVM1:0:0::/root:/bin/sh
Code: Select all
# telnet 192.168.x.x
Trying 192.168.x.x...
Connected to 192.168.x.x.
Escape character is '^]'.
IPC365 login: root
Password:
login: can't chdir to home directory '/root'
Welcome to
_____ __ ___ __ ___ _ _ _
| ___| / \ / __ \ / \ | _ \ / \ \ \ / /
| |___ / /\ \ | /__\ \ / /\ \ | | \ | / /\ \ \ V /
| ___|| |__| | | _ / | |__| | | | | | | |__| | \ /
| | | __ | | | \ \ | __ | | |_/ / | __ | | |
|_| |_| |_| |_| \_\|_| |_| |___ / |_| |_| |_|
For further information check:
http://www.faraday.com/
BusyBox v1.19.4 (2014-12-19 12:49:44 CST) built-in shell (ash)
Enter 'help' for a list of built-in commands.
[root@GM]#
-
- Posts: 85
- Joined: Monday 17 August 2015 21:25
- Target OS: Raspberry Pi / ODroid
- Domoticz version:
- Contact:
Re: "Hack" eBay camera to get access to videostream?
Great, maybe this cameramodel could be useful anyway. I am just hoping that someone is able to enable rtsp or similar. And I guess it would be good to be able to disable all default Chinese "Spyware" that always seams to be present on this kind of devices.
-
- Posts: 2
- Joined: Tuesday 20 March 2018 17:49
- Target OS: OS X
- Domoticz version:
- Contact:
Re: "Hack" eBay camera to get access to videostream?
What I really need is to change the default username and/or password. There is no way I'm going to expose port 34567 to my WAN with the default admin:123456 still set. How can I change it? I've tried using the CMS and I cannot delete or modify either the admin or guest accounts. I'm guessing I could probably do something via the telnet login but I don't really know where to go.
Thanks!
Thanks!
-
- Posts: 2
- Joined: Tuesday 20 March 2018 17:49
- Target OS: OS X
- Domoticz version:
- Contact:
Re: "Hack" eBay camera to get access to videostream?
Also, I'm trying to figure out what kind of video stream is coming down on port 34567. I can't imagine it would be of a type that VLC couldn't handle. If we could figure out what the endpoints are and the stream type I imagine we could get VLC handling it. What are these iOS apps doing under the hood to show the stream?
-
- Posts: 1
- Joined: Monday 07 January 2019 13:42
- Target OS: NAS (Synology & others)
- Domoticz version:
- Contact:
Re: "Hack" eBay camera to get access to videostream?
Hi i also have your same camera and thanks to your tips i could telnet with root/noty
Could you achieve any target? I would like at least to enable some streaming (RTSP... ONVIF) because my camera doesn't even have a web interface! I can just use it with SHOWMO app... and this is really frustrating!
I checked all files on the device but i couldnt find any trace of configuration to enable RTSP or web or something... web folder is there but is empty
Thank you!!
Could you achieve any target? I would like at least to enable some streaming (RTSP... ONVIF) because my camera doesn't even have a web interface! I can just use it with SHOWMO app... and this is really frustrating!
I checked all files on the device but i couldnt find any trace of configuration to enable RTSP or web or something... web folder is there but is empty
Thank you!!
Re: "Hack" eBay camera to get access to videostream?
I am interested too in this solution. So just posting this if anyone replies:)
-
- Posts: 1601
- Joined: Friday 18 October 2013 23:33
- Target OS: Raspberry Pi / ODroid
- Domoticz version: BETA
- Location: Arnhem/Nijmegen Nederland
- Contact:
Re: "Hack" eBay camera to get access to videostream?
perhaps a list of supported camera's?
In to the wiki?
In to the wiki?
Xu4: Beta Extreme antenna RFXcomE,WU Fi Ping ip P1 Gen5 PVOutput Harmony HUE SolarmanPv OTG Winddelen Alive ESP Buienradar MySensors WOL Winddelen counting RPi: Beta SMAspot RFlinkTest Domoticz ...Different backups
Re: "Hack" eBay camera to get access to videostream?
For anyone still interested in this. I was able to get an HTTP streaming out of this device. Both audio and video work. I don't know if my device was easier to access but it's really simple. I arrived at this solution randomly but here's what I think:
This camera uses a protocol called dvrip. I've used WebRTC from AlexxIT that you can found on GitHub
This Home Assistant integration uses WebRTC + go2rtc which is able to talk to this protocol I presume
If you are confused from what this "Home Assistant integration" is, look into Home Assistant first.
I'll explain what I did from after the GitHub guide ends
After the configuration (of the 'basic' version) of go2rtc. It gets its own port, 1984.
Write <homeassistant-ip>:1984 in a browser just like you do with :8123 to access Home Assistant
Here click "Add", then open "temponary stream"
Remember that the IP address should be static or this configuration will get broken later on, you can likely do that from your router
Go back to Home Assistant, click on the kebab (3 dots) in the top right to access "Edit dashboard", then on the bottom right "+ Add cards", scroll to the bottom to find "Manual". Paste all of this
As you can see here "url:" is the name I have given it before in the go2rtc interface
Sorry for bad english but it isn't my first language
Remove the three "?" I've had to put because I put them there because I wansn't able to submit this post because the site thought those were links
This camera uses a protocol called dvrip. I've used WebRTC from AlexxIT that you can found on GitHub
This Home Assistant integration uses WebRTC + go2rtc which is able to talk to this protocol I presume
If you are confused from what this "Home Assistant integration" is, look into Home Assistant first.
I'll explain what I did from after the GitHub guide ends
After the configuration (of the 'basic' version) of go2rtc. It gets its own port, 1984.
Write <homeassistant-ip>:1984 in a browser just like you do with :8123 to access Home Assistant
Here click "Add", then open "temponary stream"
Code: Select all
Name: (What you want, you'll need it later, I put IPC365)
url: dvrip://admin:123456@<IP Address of the camera>?channel=0&subtype=0
Go back to Home Assistant, click on the kebab (3 dots) in the top right to access "Edit dashboard", then on the bottom right "+ Add cards", scroll to the bottom to find "Manual". Paste all of this
Code: Select all
type: custom:webrtc-camera
url: IPC365 <---- The name you had to put in before
ui: true
digital_ptz:
mouse_drag_pan: true
mouse_wheel_zoom: true
mouse_double_click_zoom: true
touch_drag_pan: true
touch_pinch_zoom: true
touch_tap_drag_zoom: true
persist: true
title: What you want
muted: true
intersection: 0."?"75
background: false
shortcuts:
- name: Record
icon: mdi:record-circle-outline
service: switch."?"toggle
service_data:
entity_id: switch."?"camera_record
mode: webrtc,mse,hls,mjpeg
Sorry for bad english but it isn't my first language
Remove the three "?" I've had to put because I put them there because I wansn't able to submit this post because the site thought those were links
- waltervl
- Posts: 5148
- Joined: Monday 28 January 2019 18:48
- Target OS: Linux
- Domoticz version: 2024.7
- Location: NL
- Contact:
Re: "Hack" eBay camera to get access to videostream?
Thanks.
And how did you connect this to Domoticz after the WebRTC conversion? Domoticz needs a screenshot link to a picture, not a stream.
And how did you connect this to Domoticz after the WebRTC conversion? Domoticz needs a screenshot link to a picture, not a stream.
Domoticz running on Udoo X86 (on Ubuntu)
Devices/plugins: ZigbeeforDomoticz (with Xiaomi, Ikea, Tuya devices), Nefit Easy, Midea Airco, Omnik Solar, Goodwe Solar
Devices/plugins: ZigbeeforDomoticz (with Xiaomi, Ikea, Tuya devices), Nefit Easy, Midea Airco, Omnik Solar, Goodwe Solar
Who is online
Users browsing this forum: No registered users and 0 guests