CCTV Hack - Google Dork - Surun Infocore Systems

Hackers Tantra
Surun Infocore Systems
Naked Truth of
CCTV Hacks
(or so-called Google Dorks)
How Half Knowledge
Can Lead To Various
Misunderstandings
Exposing
Google Dork For Hacking CCTV
Google following query -
: inurl:"viewerframe?mode=motion
•
•
As per description of this Google HACKING DORK, above query will give
results of LIVE CCTV / ONLINE CCTV Footages
(which is also infamous as CCTV Hacking Using Google)
Result of this query is posted on next page •
Note- Results are as available of first page of Google Query and as on 23/02/2012 (1:47AM)
Get Involved In Depth With The Results
For Better Analysis Of This Hack
1.
Open each results available and observe the website GUI
2.
As a sample, results of few pages are posted on next slides
First Result
Second Result
Third Result
Fourth Result*
•*Please note – At this moment results no. 4 is not working (may be site is temporary down) so I have posted screen print of result 5
• It really doesn’t matter
Get Involved In Depth With The Results
For Better Analysis Of This Hack
3.
Small Observations (which really matters) –
•
Close observation indicates the Control buttons of all most all website
have same GUI / Appearance, so are they all following same protocol
for a single product development company?
4.
Let us check –
•
To know more about this company/ product, we can use “Support” Link
available in top frame of web pages resulted in our research
•
To start with an example, we are demonstrating the support link
available over first result (please check the next subsequent screen
prints)
Observation – Support Information indicates Name of Product
(Panasonic = Netwkcam i.e. Network Camera)
Get Involved In Depth With The Results
For Better Analysis Of This Hack
5. Study of support URL
http://panasonic.biz/netsys/netwkcam/support
URL Indicates –
•
Company : Panasonic
•
Product Type : Network Camera
Feature Of Panasonic Network Camera
(as per results available on official webpage of Panasonic company
http://www.panasonic.com/business/security/products/network-cameras.asp)
Features
Hybrid digital / analog cameras
To bridge the gap between analog and digital worlds, Panasonic also offers hybrid cameras that
can be connected to conventional coax networks or Ethernet IP networks. The cameras include
built-in coax connections, as well as a 10Base-T/100Base-TX Ethernet connection.
For LANs, WANs, Virtual Private Networks, or Internet
All Panasonic IP cameras allow you to monitor and control the units via an IP-protocol
network from a networked PC. The cameras can operate on multiple protocols, including
TCP/IP, HTTP, FTP, SMTP, DHCP, and others, depending on model.
This flexibility allows you to utilize existing LANs, WANs, or Virtual Private Networks - and
even the public Internet - to monitor remote locations without installing standalone video
networks.
Get Involved In Depth With The Results
For Better Analysis Of This Hack
6. To know more about configuration of this Network Camera, download its
Manual
Manual file –
NEW_Camera_CGI_Interface_v4.30.pdf
(Note – you can Google this file and download it to cross check the next
findings)
7. In this Manual file, search for (so called Google Dork) partial string –
Mode=Motion
It will land on the page number 138 which is titled as Source Code of Sample Web page <sample1.html>
This page is having description on – How to configure and access this
Network camera over the Internet (because it’s the basic purpose of this
camera – Its network camera.. Not any regular CCTV camera)
Conclusion
•
Is it really Google dork or CCTV Hack? Or its feature of Network CCTV?
(One of my most favorite sentence)