Exploiting Network Surveillance Cameras Like a Hollywood Hacker

by Craig Heffner
Sept. 24, 2017 0 comments www.blackhat.com belen_caty Pen Testing & Audits hacker network vulnerabilities

This talk will examine 0-day vulnerabilities that can be trivially exploited by remote attackers to gain administrative and root-level access to consumer and enterprise network surveillance cameras manufactured by D-Link, Trendnet, Cisco, IQInvision, Alinking and 3SVision. Thousands of these cameras are Internet accessible, and known to be deployed in homes, businesses, hotels, casinos, banks and prisons, as well as military and industrial facilities. Additionally, a proof-of-concept attack will be demonstrated in which a remote attacker can leverage the described vulnerabilities to freeze and modify legitimate video streams from these cameras, in true Hollywood fashion.

https://www.blackhat.com/us-13/archives.html#heffner