GNUCITIZEN has posted information on linksys wireless IP camera hacking. It turns out that some models send the administrator user name and password to the computer when the setup wizard requests a connection. In theory, someone could send the request and harvest your passwords wirelessly. This seems like a pretty careless oversight. We would think that linksys will probably remedy this before too long.
Update: Part 2 has been posted.
Update: Part 3 has been posted.
Fail. Good job Linksys.
There’s no way this was accidental. You don’t send uname/pwd unencrypted over a network. This is nothing more than laziness on the developers part, knowing that they’re working on a “consumer” product.
Is there a way to shut off the response to this wizard?
Someone will come out with an aftermarket firmware for them like DD-Wrt. It’s tops. I run it on all my equipment. Even at work I talked our I.T. guys into using it.
one word: fail
And that update will only help people who are security minded enough to look for and install updates.
Well his initial fear wasn’t based on logic – the camera could have been simply sending the password hash. Not a very good idea, but not inherently insecure.
Of course if the wizard has the password in memory before you’ve even entered it then that’s another matter!
In my experience, it takes a higher-caliber programmer to think security. Coders (that I’ve worked with) *generally* don’t have security on the top of their list of things to be concerned with – to them, as long as the application works it’s golden. That’s why guys like me still have a job ;)
@Clay
I used to have one, they suck anyway. I think the dd-wrt guys looked into it and there’s just not enough openness in the hardware to get it to work.
Oh my lord. We have these at college. LOL
The developers probably just ‘got it working’ for a deadline and didn’t get the time, or forgot about the security part by the end.
I actually have Linksys wireless at home, i heard they are safe, but i am kind of being cautious now.
Used to be if your neighbor was a perv he had to break into your house to plant a camera, Now all he needs is some minor hacking skills.
This reminds me of the first version of windows 2000, where you could easily and remotely access a person’s user information via the reedit.
I have this camera and it is not a very solid linksys product. The motion detection can only be fine tuned using Active X with IE.
Also there is no way to turn off the auto light adjustment, so it gives about 20 false positives for motion detection in a day (if it’s in a room that allows any sunlight)
i was only laughing at hollywood the other day as well… but they were switching between just about everybodys… and for some reason they all had controllable directioning as well!
life >= art ? /s
hackers (good/bad) look for stuff like this. The bad guys love glitches and use to advantage. This most certainly will be exploitable by the moderate or maybe some inexperirnced hackers.
At least it’s not a cell with a broadcasting bluetooth that sends out a hashed SS #.
thanks admin
sex
sex
Ha complete fail !
part 6 has just been posted http://www.gnucitizen.org/blog/hacking-linksys-ip-cameras-pt-6/
IP-camera sofa-sex on firefox + chrome: 109.90.153.129 has login admin1 password: 123 on port 80 enjoy!!!
IP-camera sofa on firefox + chrome: 109.90.155.106 has login admin1 password: 123 on port 80 enjoy!!!
IP-camera sofa-sex on firefox + chrome: 109.90.155.106 has login admin1 password: 123 !!!
hot house-IP-camera 109.91.101.8 admin1 pass: 123
New 109.91.100.109 admin admin
thanks for this tutorial :D
IP-Cam 178.201.91.5 admin admin