cameradar

package module
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 10, 2022 License: MIT Imports: 12 Imported by: 0

README

cameradar

Documentation

Overview

Package cameradar provides methods to be able to discover and attack RTSP streams easily. RTSP streams are used by most IP Cameras, often for surveillance.

A simple example usage of the library can be found in https://github.com/Ullaakut/cameradar/tree/master/cameradar

The example usage is complete enough for most users to ignore the library, but for users with specific needs such as creating their own bruteforcing dictionary to access cameras, or running their own network scan, this library allows to use simple and performant methods to attack streams.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetCameraAdminPanelURL 

func GetCameraAdminPanelURL(stream Stream) string

GetCameraAdminPanelURL returns the URL to the camera's admin panel.

func GetCameraRTSPURL 

func GetCameraRTSPURL(stream Stream) string

GetCameraRTSPURL generates a stream's RTSP URL.

func WithAttackInterval 

func WithAttackInterval(interval time.Duration) func(s *Scanner)

WithAttackInterval specifies the interval of time during which Cameradar should wait between each attack attempt during bruteforcing. Setting a high value for this obviously makes attacks much slower.

func WithCustomCredentials 

func WithCustomCredentials(dictionaryPath string) func(s *Scanner)

WithCustomCredentials specifies a custom credential dictionary to use for the attacks.

func WithCustomRoutes 

func WithCustomRoutes(dictionaryPath string) func(s *Scanner)

WithCustomRoutes specifies a custom route dictionary to use for the attacks.

func WithDebug 

func WithDebug(debug bool) func(s *Scanner)

WithDebug specifies whether or not to enable debug logs.

func WithPorts 

func WithPorts(ports []string) func(s *Scanner)

WithPorts specifies the ports to scan and attack.

func WithScanSpeed 

func WithScanSpeed(speed int) func(s *Scanner)

WithScanSpeed specifies the speed at which the scan should be executed. Faster means easier to detect, slower has bigger timeout values and is more silent.

func WithTargets 

func WithTargets(targets []string) func(s *Scanner)

WithTargets specifies the targets to scan and attack.

func WithTimeout 

func WithTimeout(timeout time.Duration) func(s *Scanner)

WithTimeout specifies the amount of time after which attack requests should timeout. This should be high if the network you are attacking has a poor connectivity or that you are located far away from it.

func WithVerbose 

func WithVerbose(verbose bool) func(s *Scanner)

WithVerbose specifies whether or not to enable verbose logs.

Types

type Credentials 

type Credentials struct {
	Usernames []string `json:"usernames"`
	Passwords []string `json:"passwords"`
}

Credentials is a map of credentials usernames are keys and passwords are values creds['admin'] -> 'secure_password'

func ParseCredentialsFromString 

func ParseCredentialsFromString(content string) (Credentials, error)

ParseCredentialsFromString parses a dictionary string and returns its contents as a Credentials structure.

type Curl 

type Curl struct {
	*curl.CURL
}

Curl is a libcurl wrapper used to make the Curler interface work even though golang currently does not support covariance (see https://github.com/golang/go/issues/7512)

func (*Curl) Duphandle 

func (c *Curl) Duphandle() Curler

Duphandle wraps curl.Duphandle

type Curler 

type Curler interface {
	Setopt(opt int, param interface{}) error
	Perform() error
	Getinfo(info curl.CurlInfo) (interface{}, error)
	Duphandle() Curler
}

Curler is an interface that implements the CURL interface of the go-curl library Used for mocking

type Options 

type Options struct {
	Targets     []string      `json:"target" validate:"required"`
	Ports       []string      `json:"ports"`
	Routes      Routes        `json:"routes"`
	Credentials Credentials   `json:"credentials"`
	Speed       int           `json:"speed"`
	Timeout     time.Duration `json:"timeout"`
}

Options contains all options needed to launch a complete cameradar scan

type Routes 

type Routes []string

Routes is a slice of Routes ['/live.sdp', '/media.amp', ...]

func ParseRoutesFromString 

func ParseRoutesFromString(content string) Routes

ParseRoutesFromString parses a dictionary string and returns its contents as a Routes structure.

type Scanner 

type Scanner struct {
	// contains filtered or unexported fields
}

Scanner represents a cameradar scanner. It scans a network and attacks all streams found to get their RTSP credentials.

func New 

func New(options ...func(*Scanner)) (*Scanner, error)

New creates a new Cameradar Scanner and applies the given options.

func (*Scanner) Attack 

func (s *Scanner) Attack(targets []Stream) ([]Stream, error)

Attack attacks the given targets and returns the accessed streams.

func (*Scanner) AttackCredentials 

func (s *Scanner) AttackCredentials(targets []Stream) []Stream

AttackCredentials attempts to guess the provided targets' credentials using the given dictionary or the default dictionary if none was provided by the user.

func (*Scanner) AttackRoute 

func (s *Scanner) AttackRoute(targets []Stream) []Stream

AttackRoute attempts to guess the provided targets' streaming routes using the given dictionary or the default dictionary if none was provided by the user.

func (*Scanner) DetectAuthMethods 

func (s *Scanner) DetectAuthMethods(targets []Stream) []Stream

DetectAuthMethods attempts to guess the provided targets' authentication types, between digest, basic auth or none at all.

func (*Scanner) LoadCredentials 

func (s *Scanner) LoadCredentials() error

LoadCredentials opens a dictionary file and returns its contents as a Credentials structure.

func (*Scanner) LoadRoutes 

func (s *Scanner) LoadRoutes() error

LoadRoutes opens a dictionary file and returns its contents as a Routes structure.

func (*Scanner) LoadTargets 

func (s *Scanner) LoadTargets() error

LoadTargets parses the file containing hosts to targets, if the targets are just set to a file name.

func (*Scanner) PrintStreams 

func (s *Scanner) PrintStreams(streams []Stream)

PrintStreams prints information on each stream.

func (*Scanner) Scan 

func (s *Scanner) Scan() ([]Stream, error)

Scan scans the target networks and tries to find RTSP streams within them.

targets can be:

  • a subnet (e.g.: 172.16.100.0/24)
  • an IP (e.g.: 172.16.100.10)
  • a hostname (e.g.: localhost)
  • a range of IPs (e.g.: 172.16.100.10-20)

ports can be:

  • one or multiple ports and port ranges separated by commas (e.g.: 554,8554-8560,18554-28554)

func (*Scanner) ValidateStreams 

func (s *Scanner) ValidateStreams(targets []Stream) []Stream

ValidateStreams tries to setup the stream to validate whether or not it is available.

type Stream 

type Stream struct {
	Device   string   `json:"device"`
	Username string   `json:"username"`
	Password string   `json:"password"`
	Routes   []string `json:"route"`
	Address  string   `json:"address" validate:"required"`
	Port     uint16   `json:"port" validate:"required"`

	CredentialsFound bool `json:"credentials_found"`
	RouteFound       bool `json:"route_found"`
	Available        bool `json:"available"`

	AuthenticationType int `json:"authentication_type"`
}

Stream represents a camera's RTSP stream

func (Stream) Route 

func (s Stream) Route() string

Route returns this stream's route if there is one.

Source Files

View all Source files

Directories

Path Synopsis
cmd
cameradar
tools
dictionary_updater

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.