Hacks to turn your wireless IP surveillance cameras against you
Regarding Foscam wireless IP cameras, US CERT and NIST listed the vulnerability (CVE-2013-2560). The description states, "Directory traversal vulnerability in the web interface on Foscam devices with firmware before 18.104.22.168 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI, as demonstrated by discovering (1) web credentials or (2) Wi-Fi credentials."
Wireless IP surveillance camera
Shekyan and Harutyunyan said DoS is yet a different attack scenario and it takes only seconds; since the camera only logs authenticated requests, there are no traces on the camera. An attacker can "grab videostream, email, FTP, MSN, Wi-Fi credentials." Malicious hackers could also host malware, or run arbitrary software such as botnets, proxies, and scanners. Another attack involves creating a backdoor by adding a hidden user to the camera and attacking a victim's browser using BeEF. These cameras are also connected to the local network, meaning that an attacker could exploit it to find and remotely hack other devices that wouldn't normally be accessible from the Internet.
The security researchers released a tool called getmecamtool that automates most of the attacks.
They advised that the wireless IP cameras should not be exposed to an outside network, but had a few suggestions for making the cameras less insecure for people who disregard that advice. These include using a firewall/IPS with strict rules, using a reverse proxy, or isolating the camera from the internal network.Đăng bởi Minh Thiện Tags: Features wifi camera, IP cameras, IP sur, security system camera, Smart Camera, smart wifi camera, Surveillance Camera Technology, surveillance cameras, wifi camera, WiFi cameras, WiFi Cameras Work, wifi wireless camera, wireless IP surveillance cameras