Security Cameras – To See Or Not To See?!

These days, security is going digital.
From live and automatic event log analysis up to personal “on-key” tokens and remotely controlled security cameras.
These technologies should be used carefully. For example if the token generates 6 digits and there is no password complexity enforcement, users can set their password to “1″ and then we’ll get a 7 character length password. If the data from the log will not be filtered and will be in html format, it may execute code. Even worse, if it is viewed at the command line console, it may execute code using the console color control characters.
When talking about security cameras, a security flaw in the camera’s simple application server may cause the entire video stream to be accessible to an intruder.

While consulting to a big financial customer, I discovered the security cameras installed are easily accessible to anyone thanks to a very simple logical flaw. Not to mention default user accounts, empty password sets, the ability to brute force, directory traversal and some classic authorization bypass vulnerabilities.

Most of the security cameras in my country are bought from Korea, some of the software is written by the vendor and some by the distributer. Both of them should pay much more attention to security so we won’t have the same classic vulnerabilities over and over again.
Attached are a few screen captures:
another white night at work
another white night at work
Clothing Shop
Clothing Shop
Coffee Shop
Coffee Shop
Eyes on the ball!!!
Eyes on the ball!!!
How's that shirt?
How’s that shirt?”
Anyone knows a Safe-Cracker?!
Anyone knows a Safe-Cracker?!
Share
  • http://www.BeyondSecurity.com Aviram

    Nice find! I wonder what are the implication beyond physical criminal activities. For example, is the coffee shop camera resolution good enough to read credit card details remotely?

  • Gabriel

    “Even worse, if it is viewed at the command line console, it may execute code using the console color control characters.”

    How would injecting console color control chars into a log file allow for code execution?

  • Gabriel

    “Even worse, if it is viewed at the command line console, it may execute code using the console color control characters.”

    How would injecting console control chars allow for code execution?

  • http://www.skullsecurity.org Ron

    Nice! I found the same thing on our network one time. The authentication on the security camera was done on the client side, in an ActiveX control. I bypassed the check pretty easily and had full access to everything.

    We contacted the vendor and they refused to fix it, so we put network controls in front of it and went on our way :-/

  • http://www.hipotecasplan.com Tom

    Security cams are elementary in many places nowadays. But it is not necessary that the recordings will get public.

  • http://housealarmsecurity.com/ Sam

    You bring up a good point in this post. Great stuff!

  • http://www.buytiresonlineshop.com/ kandy

    I really enjoyed this post, especially the “examples in this post” portion which made it really easy for me to SEE what you were talking about without even having to leave the article. Thanks

  • http://www.cosmeticfranchiseopportunities.com/pages/107/master-franchise.html Master Franchise Opportunities

    Security cameras are working great all around, specially in shopping malls 

  • http://www.ballmillgrinders.com/ Ball Mill Grinder

    it is good for strong security