From f3eb09812bad76d910a917340b51c7f82954d426 Mon Sep 17 00:00:00 2001 From: Jake Daynes Date: Fri, 13 Mar 2026 03:58:00 -0700 Subject: [PATCH] fix: update probeDescribeHeaders to support tls dialer & continue if bad credentials in attack --- internal/attack/attacker.go | 3 ++- internal/attack/rtsp.go | 11 ++++++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/internal/attack/attacker.go b/internal/attack/attacker.go index e78f302..0e641b4 100644 --- a/internal/attack/attacker.go +++ b/internal/attack/attacker.go @@ -224,7 +224,7 @@ func (a Attacker) attackCredentialsForStream(ctx context.Context, target camerad msg := fmt.Sprintf("credential attempt failed for %s:%d (%s:%s): %v", target.Address.String(), target.Port, username, password, err) a.reporter.Debug(cameradar.StepAttackCredentials, msg) - return target, nil + continue } if ok { @@ -328,6 +328,7 @@ func (a Attacker) credAttack(ctx context.Context, stream cameradar.Stream, usern code, err := a.describeStatus(u) if err != nil { + a.reporter.Debug(cameradar.StepAttackCredentials, fmt.Sprintf("Error testing %s:%s -> %v", username, password, err)) return false, fmt.Errorf("performing describe request at %q: %w", urlStr, err) } diff --git a/internal/attack/rtsp.go b/internal/attack/rtsp.go index f1383b1..83c4b11 100644 --- a/internal/attack/rtsp.go +++ b/internal/attack/rtsp.go @@ -66,7 +66,16 @@ func (a Attacker) describeStatus(u *base.URL) (base.StatusCode, error) { // which is exactly what we need in order to detect authentication methods. func (a Attacker) probeDescribeHeaders(ctx context.Context, u *base.URL, urlStr string) (base.StatusCode, base.Header, error) { dialer := &net.Dialer{Timeout: a.timeout} - conn, err := dialer.DialContext(ctx, "tcp", u.Host) + var conn net.Conn + var err error + + if u.Scheme == "rtsps" { + tlsDialer := &tls.Dialer{NetDialer: dialer, Config: &tls.Config{InsecureSkipVerify: true}} + conn, err = tlsDialer.DialContext(ctx, "tcp", u.Host) + } else { + conn, err = dialer.DialContext(ctx, "tcp", u.Host) + } + if err != nil { return 0, nil, err }