Compare commits
4 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 Brendan Le Glaunec
|
9a6c030a74 | ||
|
Brendan Le Glaunec
|
afe2caddd6 | ||
|
Brendan Le Glaunec
|
8349bc7c3a | ||
|
Brendan Le Glaunec
|
04ab1cfc8d |
+5
-1
@@ -19,10 +19,14 @@ RUN go build -o cameradar
|
||||
# Final stage
|
||||
FROM alpine
|
||||
|
||||
# Necessary to install curl v7.64.0-r3.
|
||||
# Fix for https://github.com/Ullaakut/cameradar/issues/247
|
||||
RUN echo 'http://dl-cdn.alpinelinux.org/alpine/v3.9/main' >> /etc/apk/repositories
|
||||
|
||||
RUN apk --update add --no-cache nmap \
|
||||
nmap-nselibs \
|
||||
nmap-scripts \
|
||||
curl-dev
|
||||
curl-dev==7.64.0-r3
|
||||
|
||||
WORKDIR /app/cameradar
|
||||
COPY --from=build-env /go/src/github.com/Ullaakut/cameradar/dictionaries/ /app/dictionaries/
|
||||
|
||||
@@ -79,7 +79,7 @@ Only use this solution if for some reason using docker is not an option for you
|
||||
### Dependencies
|
||||
|
||||
* `go` (> `1.10`)
|
||||
* `libcurl` development library
|
||||
* `libcurl` development library (**[version has to be <7.66.0](https://github.com/Ullaakut/cameradar/issues/247)**)
|
||||
* For apt users: `apt install libcurl4-openssl-dev`
|
||||
|
||||
### Steps to install
|
||||
|
||||
@@ -195,13 +195,12 @@ func (s *Scanner) detectAuthMethod(stream Stream) int {
|
||||
_ = c.Setopt(curl.OPT_URL, attackURL)
|
||||
// Set the RTSP STREAM URI as the stream URL.
|
||||
_ = c.Setopt(curl.OPT_RTSP_STREAM_URI, attackURL)
|
||||
// 2 is CURL_RTSPREQ_DESCRIBE.
|
||||
_ = c.Setopt(curl.OPT_RTSP_REQUEST, 2)
|
||||
_ = c.Setopt(curl.OPT_RTSP_REQUEST, rtspDescribe)
|
||||
|
||||
// Perform the request.
|
||||
err := c.Perform()
|
||||
if err != nil {
|
||||
s.term.Errorf("Perform failed: %v", err)
|
||||
s.term.Errorf("Perform failed for %q (auth %d): %v", attackURL, stream.AuthenticationType, err)
|
||||
return -1
|
||||
}
|
||||
|
||||
@@ -240,13 +239,12 @@ func (s *Scanner) routeAttack(stream Stream, route string) bool {
|
||||
_ = c.Setopt(curl.OPT_URL, attackURL)
|
||||
// Set the RTSP STREAM URI as the stream URL.
|
||||
_ = c.Setopt(curl.OPT_RTSP_STREAM_URI, attackURL)
|
||||
// 2 is CURL_RTSPREQ_DESCRIBE.
|
||||
_ = c.Setopt(curl.OPT_RTSP_REQUEST, rtspDescribe)
|
||||
|
||||
// Perform the request.
|
||||
err := c.Perform()
|
||||
if err != nil {
|
||||
s.term.Errorf("Perform failed: %v", err)
|
||||
s.term.Errorf("Perform failed for %q (auth %d): %v", attackURL, stream.AuthenticationType, err)
|
||||
return false
|
||||
}
|
||||
|
||||
@@ -290,13 +288,12 @@ func (s *Scanner) credAttack(stream Stream, username string, password string) bo
|
||||
_ = c.Setopt(curl.OPT_URL, attackURL)
|
||||
// Set the RTSP STREAM URI as the stream URL.
|
||||
_ = c.Setopt(curl.OPT_RTSP_STREAM_URI, attackURL)
|
||||
// 2 is CURL_RTSPREQ_DESCRIBE.
|
||||
_ = c.Setopt(curl.OPT_RTSP_REQUEST, 2)
|
||||
_ = c.Setopt(curl.OPT_RTSP_REQUEST, rtspDescribe)
|
||||
|
||||
// Perform the request.
|
||||
err := c.Perform()
|
||||
if err != nil {
|
||||
s.term.Errorf("Perform failed: %v", err)
|
||||
s.term.Errorf("Perform failed for %q (auth %d): %v", attackURL, stream.AuthenticationType, err)
|
||||
return false
|
||||
}
|
||||
|
||||
@@ -341,7 +338,6 @@ func (s *Scanner) validateStream(stream Stream) bool {
|
||||
_ = c.Setopt(curl.OPT_URL, attackURL)
|
||||
// Set the RTSP STREAM URI as the stream URL.
|
||||
_ = c.Setopt(curl.OPT_RTSP_STREAM_URI, attackURL)
|
||||
// 2 is CURL_RTSPREQ_SETUP.
|
||||
_ = c.Setopt(curl.OPT_RTSP_REQUEST, rtspSetup)
|
||||
|
||||
_ = c.Setopt(curl.OPT_RTSP_TRANSPORT, "RTP/AVP;unicast;client_port=33332-33333")
|
||||
@@ -349,7 +345,7 @@ func (s *Scanner) validateStream(stream Stream) bool {
|
||||
// Perform the request.
|
||||
err := c.Perform()
|
||||
if err != nil {
|
||||
s.term.Errorf("Perform failed: %v", err)
|
||||
s.term.Errorf("Perform failed for %q (auth %d): %v", attackURL, stream.AuthenticationType, err)
|
||||
return false
|
||||
}
|
||||
|
||||
|
||||
@@ -25,6 +25,7 @@
|
||||
"12345678",
|
||||
"4321",
|
||||
"666666",
|
||||
"6fJjMKYx",
|
||||
"888888",
|
||||
"9999",
|
||||
"admin",
|
||||
@@ -32,21 +33,26 @@
|
||||
"aiphone",
|
||||
"camera",
|
||||
"fliradmin",
|
||||
"GRwvcj8j",
|
||||
"hikvision",
|
||||
"hikadmin",
|
||||
"ikwd",
|
||||
"jvc",
|
||||
"kj3TqCWv",
|
||||
"meinsm",
|
||||
"pass",
|
||||
"password",
|
||||
"password123",
|
||||
"reolink",
|
||||
"root",
|
||||
"service",
|
||||
"supervisor",
|
||||
"system",
|
||||
"tlJwpbo6",
|
||||
"toor",
|
||||
"tp-link",
|
||||
"ubnt",
|
||||
"wbox123"
|
||||
"wbox123",
|
||||
"Y5eIMz3C"
|
||||
]
|
||||
}
|
||||
|
||||
@@ -79,6 +79,7 @@ h264/media.amp
|
||||
h264Preview_01_main
|
||||
h264Preview_01_sub
|
||||
h264_vga.sdp
|
||||
h264_stream
|
||||
image.mpg
|
||||
img/media.sav
|
||||
img/media.sav?channel=1
|
||||
@@ -140,6 +141,7 @@ rtsp_live2
|
||||
rtsp_tunnel
|
||||
rtsph264
|
||||
rtsph2641080p
|
||||
snap.jpg
|
||||
stream
|
||||
stream/0
|
||||
stream/1
|
||||
@@ -151,6 +153,7 @@ streaming/channels/1
|
||||
streaming/channels/101
|
||||
tcp/av0_0
|
||||
test
|
||||
tmpfs/auto.jpg
|
||||
trackID=1
|
||||
ucast/11
|
||||
udp/av0_0
|
||||
@@ -178,5 +181,6 @@ video1.sdp
|
||||
video1+audio1
|
||||
videoMain
|
||||
videoinput_1/h264_1/media.stm
|
||||
videostream.asf
|
||||
vis
|
||||
wfov
|
||||
|
||||
+12
-10
@@ -17,13 +17,13 @@ type nmapMock struct {
|
||||
mock.Mock
|
||||
}
|
||||
|
||||
func (m *nmapMock) Run() (*nmap.Run, error) {
|
||||
func (m *nmapMock) Run() (*nmap.Run, []string, error) {
|
||||
args := m.Called()
|
||||
|
||||
if args.Get(0) != nil {
|
||||
return args.Get(0).(*nmap.Run), args.Error(1)
|
||||
if args.Get(0) != nil && args.Get(1) != nil {
|
||||
return args.Get(0).(*nmap.Run), args.Get(1).([]string), args.Error(2)
|
||||
}
|
||||
return nil, args.Error(1)
|
||||
return nil, nil, args.Error(2)
|
||||
}
|
||||
|
||||
var (
|
||||
@@ -77,7 +77,7 @@ func TestScan(t *testing.T) {
|
||||
removePath: true,
|
||||
ports: []string{"80"},
|
||||
|
||||
expectedErr: errors.New("unable to create network scanner: 'nmap' binary was not found"),
|
||||
expectedErr: errors.New("unable to create network scanner: nmap binary was not found"),
|
||||
},
|
||||
}
|
||||
|
||||
@@ -107,8 +107,9 @@ func TestInternalScan(t *testing.T) {
|
||||
tests := []struct {
|
||||
description string
|
||||
|
||||
nmapResult *nmap.Run
|
||||
nmapError error
|
||||
nmapResult *nmap.Run
|
||||
nmapWarnings []string
|
||||
nmapError error
|
||||
|
||||
expectedStreams []Stream
|
||||
expectedErr error
|
||||
@@ -294,8 +295,9 @@ func TestInternalScan(t *testing.T) {
|
||||
{
|
||||
description: "scan failed",
|
||||
|
||||
nmapError: errors.New("scan failed"),
|
||||
expectedErr: errors.New("error while scanning network: scan failed"),
|
||||
nmapError: errors.New("scan failed"),
|
||||
nmapWarnings: []string{"invalid host"},
|
||||
expectedErr: errors.New("error while scanning network: scan failed"),
|
||||
},
|
||||
}
|
||||
|
||||
@@ -303,7 +305,7 @@ func TestInternalScan(t *testing.T) {
|
||||
t.Run(test.description, func(t *testing.T) {
|
||||
nmapMock := &nmapMock{}
|
||||
|
||||
nmapMock.On("Run").Return(test.nmapResult, test.nmapError)
|
||||
nmapMock.On("Run").Return(test.nmapResult, test.nmapWarnings, test.nmapError)
|
||||
|
||||
scanner := &Scanner{
|
||||
term: disgo.NewTerminal(disgo.WithDefaultOutput(ioutil.Discard)),
|
||||
|
||||
Reference in New Issue
Block a user