Help with the README.md #4
Comments
|
It looks like those are just the files the camera has written to the SD card - they won't be useful for trying to hack the camera to use it as a local device. Unfortunately, my camera got knocked off its ceiling mount some time ago, and was broken beyond repair, so I can't compare what you're getting to what I had. What I recommend you do is start over at Wagner's issue on how to hack the camera using files you can create on the SD card, then boot the camera with it inserted. I see in your nmap that port 80 doesn't appear to be open, so take some time to read his notes on v4.0.x firmware. I can see port 9080 appears to have a http server running on it on your camera, so that may be the admin interface you need to use with the various URLs to access information about your device. You should definitely start by reading through that linked issue. There's a lot of detail in there about discovering more about your device, which will help you determine next steps in hacking it. Good luck, and have fun! |
|
Thanks! I'll give that a go.
…On Thu, 5 Jan 2023 at 19:49, Dan L ***@***.***> wrote:
It looks like those are just the files the camera has written to the SD
card - they won't be useful for trying to hack the camera to use it as a
local device.
Unfortunately, my camera got knocked off its ceiling mount some time ago,
and was broken beyond repair, so I can't compare what you're getting to
what I had.
What I recommend you do is start over at Wagner's issue
<guino/BazzDoorbell#2> on how to hack the
camera using files you can create on the SD card, then boot the camera with
it inserted.
I see in your nmap that port 80 doesn't appear to be open, so take some
time to read his notes on v4.0.x firmware. I can see port 9080 appears to
have a http server running on it on your camera, so that may be the admin
interface you need to use with the various URLs to access information about
your device.
You should definitely start by reading through that linked issue. There's
a lot of detail in there about discovering more about your device, which
will help you determine next steps in hacking it.
Good luck, and have fun!
—
Reply to this email directly, view it on GitHub
<#4 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABSEONKOC6W6D3UDN26XGPDWQ2YMLANCNFSM6AAAAAATRVAQ5Q>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
Hello,
I was looking for some help following your tutorial. I can't identify where the files and folders you suggest.
I have the same model as mentioned in your github, but the directory generated by plugging in an SD card doesn't reflect your description.
Any help would be greatly appreciated.
Here is my boot from the SD card:
bcm2708-rpi-0-w.dtb config.txt LICENCE.broadcom
bcm2708-rpi-b.dtb COPYING.linux LICENSE.oracle
bcm2708-rpi-b-plus.dtb os_config.json
bcm2708-rpi-cm.dtb fixup_cd.dat overlays
bcm2709-rpi-2-b.dtb fixup.dat bcm2710-rpi-3-b.dtb
fixup_db.dat start_cd.elf bcm2710-rpi-3-b-plus.dtb fixup_x.dat start_db.elf
bcm2710-rpi-cm3.dtb issue.txt start.elf
bootcode.bin kernel7.img start_x.elf
cmdline.txt kernel.img 'System Volume Information'
And here is my nmap:
Completed NSE at 08:01, 0.15s elapsed
Initiating NSE at 08:01
Completed NSE at 08:01, 0.00s elapsed
Nmap scan report for 192.168.1.99
Host is up (0.0060s latency).
Not shown: 990 closed tcp ports (reset)
PORT STATE SERVICE VERSION
7676/tcp open upnp Samsung AllShare upnpd 1.0 (UPnP 1.1)
8001/tcp open nagios-nsca Nagios NSCA
8002/tcp open ssl/nagios-nsca Nagios NSCA
|_ssl-date: TLS randomness does not represent time
| ssl-cert: Subject: commonName=SmartViewSDK/organizationName=SmartViewSDK/countryName=KR
| Subject Alternative Name: IP Address:127.0.0.1
| Issuer: commonName=SmartViewSDK Root Ceritificate Authority/organizationName=SmartViewSDK/countryName=KR
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2016-09-21T08:36:31
| Not valid after: 2036-09-21T08:36:31
8080/tcp open http lighttpd
|_http-server-header: WebServer
|http-title: 404 - Not Found
| http-methods:
| Supported Methods: OPTIONS GET HEAD POST
9080/tcp open http Mongoose httpd
|http-title: Site doesn't have a title (application/json).
| http-methods:
| Supported Methods: GET HEAD POST OPTIONS
9999/tcp open abyss?
32768/tcp open nagios-nsca Nagios NSCA
32769/tcp open nagios-nsca Nagios NSCA
32770/tcp open nagios-nsca Nagios NSCA
32771/tcp open nagios-nsca Nagios NSCA
MAC Address: 68:27:37:0A:79:C0 (Samsung Electronics)
Device type: general purpose
Running: Linux 3.X|4.X
OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4
OS details: Linux 3.2 - 4.9
Uptime guess: 4.806 days (since Sat Dec 31 12:40:18 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=260 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE
HOP RTT ADDRESS
1 6.02 ms 192.168.1.99
NSE: Script Post-scanning.
Initiating NSE at 08:01
Completed NSE at 08:01, 0.00s elapsed
Initiating NSE at 08:01
Completed NSE at 08:01, 0.00s elapsed
Initiating NSE at 08:01
Completed NSE at 08:01, 0.00s elapsed
Read data files from: C:\Program Files (x86)\Nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 65.29 seconds
Raw packets sent: 1023 (45.806KB) | Rcvd: 1020 (41.598KB)
The text was updated successfully, but these errors were encountered: