Black Hat USA 2013 - Exploiting Network Surveillance Cameras Like a Hollywood Hacker33:37 5534 views 100% Published 8 years ago
By: Craig Heffner
This talk will examine 0-day vulnerabilities that can be trivially exploited by remote attackers to gain administrative and root-level access to consumer and enterprise network surveillance cameras manufactured by D-Link, Trendnet, Cisco, IQInvision, Alinking and 3SVision. Thousands of these cameras are Internet accessible, and known to be deployed in homes, businesses, hotels, casinos, banks and prisons, as well as military and industrial facilities.
Additionally, a proof-of-concept attack will be demonstrated in which a remote attacker can leverage the described vulnerabilities to freeze and modify legitimate video streams from these cameras, in true Hollywood fashion.