camera

567 Articles

Hacking An IoT Camera Reveals Hard-Coded Root Password

July 24, 2024 by 24 Comments

Hacking — at least the kind where you’re breaking into stuff — is very much a learn-by-doing skill. There’s simply no substitute for getting your hands dirty and just trying something. But that doesn’t mean you can’t learn something by watching, with this root password exploit on a cheap IP video camera being a good look at the basics.

By way of background on this project, [Matt Brown] had previously torn into a VStarcam CB73 security camera, a more or less generic IP camera that he picked up on the cheap, and identified a flash memory chip from which he extracted the firmware. His initial goal was to see if the camera was contacting sketchy servers, and while searching the strings for the expected unsavory items, he found hard-coded IP addresses plus confirmation that the camera was running some Linux variant.

With evidence of sloppy coding practices, [Matt] set off on a search for a hard-coded root password. The second video covers this effort, which started with finding UART pins and getting a console session. Luckily, the bootloader wasn’t locked, which allowed [Matt] to force the camera to boot into a shell session and find the root password hash. With no luck brute-forcing the hash, he turned to Ghidra to understand the structure of a suspicious program in the firmware called encoder. After a little bit of poking and some endian twiddling, he was able to identify the hard-coded root password for every camera made by this outfit, and likely others as well.

Granted, the camera manufacturer made this a lot easier than it should have been, but with a lot of IoT stuff similarly afflicted by security as an afterthought, the skills on display here are probably broadly applicable. Kudos to [Matt] for the effort and the clear, concise presentation that makes us want to dig into the junk bin and get hacking.

Continue reading “Hacking An IoT Camera Reveals Hard-Coded Root Password”

Hacking An IP Camera To Run Your Own Software

July 17, 2024 by 18 Comments

Ah, generic unbranded IP cameras. Safe, secure? Probably not. [Alex] has been hacking around with one of his very own, and he’s recently busted the thing wide open.

Determining that the camera had a software update function built in, [Alex] saw an opening for hijinks. The first issue was that the camera only accepts encrypted update packages, which complicates things somewhat. However, through some smart reverse engineering, the format of the updates and their encryption method became obvious to [Alex]. Oh, and partly because there was a GitHub repository online featuring the source code used by the manufacturer to encrypt their updates. That definitely helped. It also led [Alex] to suspect the manufacturer may not have properly respected the open source license of some of the routines involved.

In the demo of the exploit, [Alex] has the camera reach out to www.pudim.com.br instead of the servers of the original manufacturer. That’s a pretty clear way to show that the camera has been owned.

We first featured [Alex]’s work in this space all the way back in 2019. It’s come a long way since then!

Continue reading “Hacking An IP Camera To Run Your Own Software”

Improved 3D Scanning Rig Adds Full-Sized Camera Support

May 17, 2024 by 3 Comments

There are plenty of reasons to pick up or build a 3D scanner. Modeling for animation or special effects, reverse engineering or designing various devices or products, and working with fabrics and clothing are all well within the wide range of uses for these tools. [Vojislav] built one a few years ago which used an array of cameras to capture 3D information but the Pi camera modules used in this build limited the capabilities of the scanner in some ways. [Vojislav]’s latest 3D scanner takes a completely different approach by using a single high-quality camera instead.

The new 3D scanner is built to carry a full-size DSLR camera, its lens, and a light. Much more similarly to how a 3D printer works, the platform moves the camera around the object in programmable steps for the desired 3D scan. The object being scanned sits on a rotating plate as well, allowing for the entire object to be scanned without needing to move the camera through a full 180° in two axes. The scanner can also be used for scanning more 2D objects while capturing information about texture, such as various textiles.

For anyone looking to reproduce something like this, [Vojislav] has made all of the plans for this build available on the project’s GitHub page including some sample gcode to demonstrate the intended use for the scanner. On the other hand, if you’re short the often large amount of funding required to get a DSLR camera, his older 3D scanner is still worth taking a look at as well.

Continue reading “Improved 3D Scanning Rig Adds Full-Sized Camera Support”

Broken Lens Provides Deep Dive Into Camera Repair

May 13, 2024 by 18 Comments

While most of us are probably willing to pick up the tools and void the warranty on just about anything, often just to see what’s inside, many of us draw the line at camera gear. The tiny screws, the complex mechanisms, and the easily destroyed optical elements are all enough to scare off the average hacker. Not so for [Anthony Kouttron], who tore into a broken eBay Sigma lens and got it working again.

Now, to be fair, modern lenses tend to have a lot more in them that’s amenable to repair than back in the old days. And it seemed from the get-go that [Anthony]’s repair was going to be more electronic than optical or mechanical. The 45-mm lens was in fantastic shape physically, but wouldn’t respond to any controls when mounted to a camera body. Removing the lens bayonet mount exposed the main controller PCB, which is tightly packed with SMD components and connectors for the flex cables that burrow further into the lens to its many sensors and actuators. By probing traces with his multimeter, [Anthony] found a DC-DC converter on the main PCB with an unknown component nearby. This turned out to be an SMD fuse, and as luck would have it, it was open. Replacing the fuse got the lens working again, and while there’s always the nagging suspicion that whatever blew the fuse the first time could happen again, the repair seems to have worked.

Despite the simplicity of the fix, [Anthony] continued the teardown and shared a lot of tips and tricks for lens repairs, including where he would have looked next if the fuse had been good. One tip we loved was the use of double-sided tape to organize parts as they’re removed; this is particularly important with camera gear where screws or different lengths can make for a really bad day on reassembly.

Feeling the need to dive deeper into lens repair? This step-by-step repair should keep you satisfied.

RepTrap Keeps Watch Over Our Cold-Blooded Friends

May 7, 2024 by 1 Comment

Wait a second, read that title again. This isn’t a throwback 3D printing project at all. That’s “RepTrap” as in reptile trap, and it’s a pretty clever way to study our cold-blooded friends in their natural habitat.

Now, game cameras — or trail cameras, if you’re less interested in eating what you see — are pretty much reduced to practice. For not that much money you can pick up one of these battery-powered devices, strap it to a tree, and have it automatically snap high-quality pictures of whatever wildlife happens to wander past. But nearly all of the commercially available game cameras have pyroelectric infrared sensors, which trigger on the temperature difference between a warm-blooded animal and the ambient temperature of the background. But what to do when you’re more interested in cold-blooded critters?

Enter [Mirko], who stumbled upon this problem while working with a conservation group in Peru. The group wanted to study snakes, insects, and other ectothermic animals, which are traditionally studied by trapping with pitfalls and other invasive techniques. Unable to rely on PIR, [Mirko] rigged up what amounts to a battery-powered light curtain using a VL53L4CD laser time-of-flight sensor. Mounted above the likely path of an animal, the sensor monitors the height of everything in its field of view. When an animal comes along, cold-blooded or otherwise, RepTrap triggers a remote camera and snaps a picture. Based on the brief video below, it’s pretty sensitive, too.

[Mirko] started out this project using an RP2040 but switched to an ESP32 to take advantage of Bluetooth camera triggering. The need for weatherproofing was also a big driver for the build; [Mirko] is shooting for an IP68 rating, which led to his interesting use of a Hall sensor and external magnet as a power switch.

Continue reading “RepTrap Keeps Watch Over Our Cold-Blooded Friends”

A pair of hands holds a digital camera. "NUCA" is written in the hood above the lens and a black grip is on the right hand side of the device (left side of image). The camera body is off-white 3D printed plastic. The background is a pastel yellow.

AI Camera Only Takes Nudes

April 22, 2024 by 52 Comments

One of the cringier aspects of AI as we know it today has been the proliferation of deepfake technology to make nude photos of anyone you want. What if you took away the abstraction and put the faker and subject in the same space? That’s the question the NUCA camera was designed to explore. [via 404 Media]

[Mathias Vef] and [Benedikt Groß] designed the NUCA camera “with the intention of critiquing the current trajectory of AI image generation.” The camera itself is a fairly unassuming device, a 3D-printed digital camera (19.5 × 6 × 1.5 cm) with a 37 mm lens. When the camera shutter button is pressed, a nude image is generated of the subject.

The final image is generated using a mixture of the picture taken of the subject, pose data, and facial landmarks. The photo is run through a classifier which identifies features such as age, gender, body type, etc. and then uses those to generate a text prompt for Stable Diffusion. The original face of the subject is then stitched onto the nude image and aligned with the estimated pose. Many of the sample images on the project’s website show the bias toward certain beauty ideals from AI datasets.

Looking for more ways to use AI with cameras? How about this one that uses GPS to imagine a scene instead. Prefer to keep AI out of your endeavors to invade personal space? How about building your own TSA body scanner?

 

Dodge, The Weird Tripod Robot

March 25, 2024 by 13 Comments

[hannu_hell] created Dodge as a “novel design of tripod.” It’s a small robotic device quite unlike anything else we’ve seen of late. It’s intended to be a self-mobile camera platform that can move itself around to capture footage as needed.

Dodge is essentially a two-legged robot with a large flat “foot” in the center. When stationary, it rests on this flat foot. When it needs to move, it can raise this center foot and rest on its two outside legs. If Dodge needs to move, it can crab back and forth in a line with these two legs. If it wants to turn, it can return to resting on its center foot, and pivot about its central axis. It can thus rotate itself and use its two outer legs to move further as needed.

Dodge does all this while carrying an ESP32 Cam module. The idea is that it’s a small mobile tripod platform with a live camera feed. It reminds us of various small monitoring robots from cartoons and anime.

Ultimately, it’s an interesting take on robot locomotion. Rather than walking with two legs or four legs and dynamic stability, it takes full advantage of static stability instead.

We’ve seen some wild roboticized camera rigs over the years. Video after the break.

Continue reading “Dodge, The Weird Tripod Robot”