hackers tantra - index-of.co.uk/index-of.co.uk/google/cctv hack.pdf · exposing google dork for...

Hackers Tantra

Surun Infocore Systems

Naked Truth of CCTV Hacks

(or so-called Google Dorks)

How Half Knowledge Can Lead To VariousMisunderstandings

Exposing Google Dork For Hacking CCTV

Google following query -

: inurl:"viewerframe?mode=motion

• As per description of this Google HACKING DORK, above query will give results of LIVE CCTV / ONLINE CCTV Footages

• (which is also infamous as CCTV Hacking Using Google)

Result of this query is posted on next page -• Note- Results are as available of first page of Google Query and as on 23/02/2012 (1:47AM)

Get Involved In Depth With The Results For Better Analysis Of This Hack

1. Open each results available and observe the website GUI

2. As a sample, results of few pages are posted on next slides

First Result

Second Result

Third Result

Fourth Result*

•*Please note – At this moment results no. 4 is not working (may be site is temporary down) so I have posted screen print of result 5 • It really doesn’t matter

Get Involved In Depth With The Results For Better Analysis Of This Hack

3. Small Observations (which really matters) –• Close observation indicates the Control buttons of all most all website

have same GUI / Appearance, so are they all following same protocol for a single product development company?

4. Let us check –• To know more about this company/ product, we can use “Support” Link

available in top frame of web pages resulted in our research • To start with an example, we are demonstrating the support link

available over first result (please check the next subsequent screen prints)

Observation – Support Information indicates Name of Product (Panasonic = Netwkcam i.e. Network Camera)

Get Involved In Depth With The Results For Better Analysis Of This Hack

5. Study of support URL

http://panasonic.biz/netsys/netwkcam/support

URL Indicates –• Company : Panasonic• Product Type : Network Camera

Feature Of Panasonic Network Camera

(as per results available on official webpage of Panasonic company http://www.panasonic.com/business/security/products/network-cameras.asp)

Features

Hybrid digital / analog camerasTo bridge the gap between analog and digital worlds, Panasonic also offers hybrid cameras that can be connected to conventional coax networks or Ethernet IP networks. The cameras include built-in coax connections, as well as a 10Base-T/100Base-TX Ethernet connection.

For LANs, WANs, Virtual Private Networks, or Internet

All Panasonic IP cameras allow you to monitor and control the units via an IP-protocol network from a networked PC. The cameras can operate on multiple protocols, including TCP/IP, HTTP, FTP, SMTP, DHCP, and others, depending on model.

This flexibility allows you to utilize existing LANs, WANs, or Virtual Private Networks - and even the public Internet - to monitor remote locations without installing standalone video networks.

Get Involved In Depth With The Results For Better Analysis Of This Hack

6. To know more about configuration of this Network Camera, download its Manual

Manual file –NEW_Camera_CGI_Interface_v4.30.pdf

(Note – you can Google this file and download it to cross check the next findings)

7. In this Manual file, search for (so called Google Dork) partial string –

Mode=MotionIt will land on the page number 138 which is titled as -Source Code of Sample Web page <sample1.html>

This page is having description on – How to configure and access this Network camera over the Internet (because it’s the basic purpose of this camera – Its network camera.. Not any regular CCTV camera)

Conclusion

• Is it really Google dork or CCTV Hack? Or its feature of Network CCTV?

(One of my most favorite sentence)