Owning Big Brother - Hollywood-style Exploits Included!

Fri, 28 Sep 2007 18:43:14 GMT

I've done some research on Axis IP cameras, which now I am able to disclose to you and reveal some of the magic. Although this is not independent research, I am mentioning it here as it may interest some.

The research is made of two components: a purple paper (one of the traditions we follow in GNUCITIZEN) and a video. I promise you that I won't bore you with PoCs, but actual Hollywood-style exploits. This includes the classic attack in which the legitimate video stream gets replaced by another stream that keeps looping forever (remember Speed)). We even created a demo video of this attack! Blame Major Malfunction (soon to be featured) for this, as he suggested the third-party-video infinite loop technique.

Here are some of the juicy bits, mentioned in the paper:

  • Cross-browser XSS phishing
  • Replacing the legitimate video stream with our own
  • Adding a Backdoor Root Account
  • Stealing the 'passwd' File

Here is an example of an exploit that we've come up with. You don't know what it is doing? Well, read the paper for more details:

Comments Powered ByDisqus