Hello, so basically in this thread I am gonna show you how break in to ip cams, brute forcing the rtsp protocol. Lets talk about what is RTSP
TSP routes
Very important thing here, to connect to the rtsp of a ip cameras, you also have to specify the route of the login, for example, 127.8.6.3/steam1
So you have also to brute force the routues, so then you are able to use the credentials to login. But dont worry, this is really easy, with a tool that I am gonna show you, you gonna do it all automatically
INSTALLING RTSPBRUTE
First of all, lets start installing the tool, called rtspbrute from: https:// pypi. org/project/rtspbrute/
You have to run this command: pip install rtspbrute on your console
Also, these requirements:
RTSP is a protocol used really common on ip cams, to be able to connect them and watch the content, for example, you can use VLC and add a rtsp route from a ip cam, and watch the videos saved from it.
This protocol, most of the time, is used on the port 554, so we will brute force it to try to get the credentials.
This is most effective than do it on the web configuration page, because this one, most of the time, have a login attemps limitation, and the RTSP one not.
Also, the rtsp and web configuration login, uses same credentials, so, if the rtsp credentials are admin:admin on the login of the web configuration, will be the same admin:adminThis protocol, most of the time, is used on the port 554, so we will brute force it to try to get the credentials.
This is most effective than do it on the web configuration page, because this one, most of the time, have a login attemps limitation, and the RTSP one not.
TSP routes
Very important thing here, to connect to the rtsp of a ip cameras, you also have to specify the route of the login, for example, 127.8.6.3/steam1
So you have also to brute force the routues, so then you are able to use the credentials to login. But dont worry, this is really easy, with a tool that I am gonna show you, you gonna do it all automatically
INSTALLING RTSPBRUTE
First of all, lets start installing the tool, called rtspbrute from: https:// pypi. org/project/rtspbrute/
You have to run this command: pip install rtspbrute on your console
Also, these requirements:
[ Hidden Content! ]
av
Pillow
Rich
After this, you have succesfully installed the tool.
Now, you have to get some ips to target, you can get them with shodan.
You have to use this dork, "rtsp" , and with this one, you gonna find all devices exposed with this banner.
So, knowing this, you are able to target specific countrys, like usa for example, with country:USA "rtsp"
Grab some ips, and convert them to a ip range, like 82.43.0.0-82.43.24, make a file and paste them on it.
And you are done, you only have to edit the credentials file, if you want to specify customs credentials, if not, you can leave them as default.
Now, you have to run the folowing command: rtspbrute -p 554 ips.txt
And YES, you are starting hacking the ip cameras, when the tool hacks one, it gonna save a snapchot on a folder.
Pillow
Rich
After this, you have succesfully installed the tool.
Now, you have to get some ips to target, you can get them with shodan.
You have to use this dork, "rtsp" , and with this one, you gonna find all devices exposed with this banner.
So, knowing this, you are able to target specific countrys, like usa for example, with country:USA "rtsp"
Grab some ips, and convert them to a ip range, like 82.43.0.0-82.43.24, make a file and paste them on it.
And you are done, you only have to edit the credentials file, if you want to specify customs credentials, if not, you can leave them as default.
Now, you have to run the folowing command: rtspbrute -p 554 ips.txt
And YES, you are starting hacking the ip cameras, when the tool hacks one, it gonna save a snapchot on a folder.
Enjoy, the article is intended for educational purposes or authorized use only
Likes 💓 +Reps are always appreciated and will motivate me to do more of these