import "github.com/Ullaakut/cameradar"
Package cameradar provides methods to be able to discover and attack RTSP streams easily. RTSP streams are used by most IP Cameras, often for surveillance.
A simple example usage of the library can be found in https://github.com/Ullaakut/cameradar/tree/master/cameradar
The example usage is complete enough for most users to ignore the library, but for users with specific needs such as creating their own bruteforcing dictionary to access cameras, or running their own network scan, this library allows to use simple and performant methods to attack streams.
attack.go cameradar.go curl.go helpers.go loaders.go models.go scan.go scanner.go summary.go
GetCameraAdminPanelURL returns the URL to the camera's admin panel.
GetCameraRTSPURL generates a stream's RTSP URL.
WithAttackInterval specifies the interval of time during which Cameradar should wait between each attack attempt during bruteforcing. Setting a high value for this obviously makes attacks much slower.
WithCustomCredentials specifies a custom credential dictionary to use for the attacks.
WithCustomRoutes specifies a custom route dictionary to use for the attacks.
WithDebug specifies whether or not to enable debug logs.
WithPorts specifies the ports to scan and attack.
WithScanSpeed specifies the speed at which the scan should be executed. Faster means easier to detect, slower has bigger timeout values and is more silent.
WithTargets specifies the targets to scan and attack.
WithTimeout specifies the amount of time after which attack requests should timeout. This should be high if the network you are attacking has a poor connectivity or that you are located far away from it.
WithVerbose specifies whether or not to enable verbose logs.
type Credentials struct { Usernames []string `json:"usernames"` Passwords []string `json:"passwords"` }
Credentials is a map of credentials usernames are keys and passwords are values creds['admin'] -> 'secure_password'
func ParseCredentialsFromString(content string) (Credentials, error)
ParseCredentialsFromString parses a dictionary string and returns its contents as a Credentials structure.
Curl is a libcurl wrapper used to make the Curler interface work even though golang currently does not support covariance (see https://github.com/golang/go/issues/7512)
Duphandle wraps curl.Duphandle
type Curler interface { Setopt(opt int, param interface{}) error Perform() error Getinfo(info curl.CurlInfo) (interface{}, error) Duphandle() Curler }
Curler is an interface that implements the CURL interface of the go-curl library Used for mocking
type Options struct { Targets []string `json:"target" validate:"required"` Ports []string `json:"ports"` Routes Routes `json:"routes"` Credentials Credentials `json:"credentials"` Speed int `json:"speed"` Timeout time.Duration `json:"timeout"` }
Options contains all options needed to launch a complete cameradar scan
Routes is a slice of Routes ['/live.sdp', '/media.amp', ...]
ParseRoutesFromString parses a dictionary string and returns its contents as a Routes structure.
type Scanner struct {
// contains filtered or unexported fields
}
Scanner represents a cameradar scanner. It scans a network and attacks all streams found to get their RTSP credentials.
New creates a new Cameradar Scanner and applies the given options.
Attack attacks the given targets and returns the accessed streams.
AttackCredentials attempts to guess the provided targets' credentials using the given dictionary or the default dictionary if none was provided by the user.
AttackRoute attempts to guess the provided targets' streaming routes using the given dictionary or the default dictionary if none was provided by the user.
DetectAuthMethods attempts to guess the provided targets' authentication types, between digest, basic auth or none at all.
LoadCredentials opens a dictionary file and returns its contents as a Credentials structure.
LoadRoutes opens a dictionary file and returns its contents as a Routes structure.
LoadTargets parses the file containing hosts to targets, if the targets are just set to a file name.
PrintStreams prints information on each stream.
Scan scans the target networks and tries to find RTSP streams within them.
targets can be:
- a subnet (e.g.: 172.16.100.0/24) - an IP (e.g.: 172.16.100.10) - a hostname (e.g.: localhost) - a range of IPs (e.g.: 172.16.100.10-20)
ports can be:
- one or multiple ports and port ranges separated by commas (e.g.: 554,8554-8560,18554-28554)
ValidateStreams tries to setup the stream to validate whether or not it is available.
type Stream struct { Device string `json:"device"` Username string `json:"username"` Password string `json:"password"` Routes []string `json:"route"` Address string `json:"address" validate:"required"` Port uint16 `json:"port" validate:"required"` CredentialsFound bool `json:"credentials_found"` RouteFound bool `json:"route_found"` Available bool `json:"available"` AuthenticationType int `json:"authentication_type"` }
Stream represents a camera's RTSP stream
Route returns this stream's route if there is one.
Package cameradar imports 12 packages (graph). Updated 2020-08-14. Refresh now. Tools for package owners.