Hello vose!
Ini ndinogadzira firmware yevhidhiyo yekutarisa kamera yeb2b uye b2c masevhisi, pamwe neaya ari kutora chikamu mumubatanidzwa vhidhiyo yekuongorora mapurojekiti.
Ndakanyora nezve matangiro atakaita mukati .
Kubva ipapo, zvakawanda zvachinja - takatanga kutsigira mamwe chipsets, semuenzaniso, senge mstar uye fullhan, takasangana tikaita shamwari nenhamba huru yevatorwa uye vepamba IP kamera vagadziri.
Kazhinji, vanogadzira kamera vanowanzouya kwatiri kuzoratidza michina mitsva, kukurukura tekinoroji maficha eiyo firmware kana maitiro ekugadzira.
Asi, senguva dzose, dzimwe nguva vakomana vasinganzwisisike vanouya - vanounza pachena zvigadzirwa zveChinese zvemhando isingagamuchirwe ine firmware izere nemakomba, uye nekukurumidza yakavharwa chiratidzo chechitatu-redhi fekitori, asi panguva imwecheteyo vachiti ivo vakagadzira zvese ivo pachavo: zvese zviri zviviri. iyo yedunhu neiyo firmware, uye yakazova yakazara Russian.
Nhasi ndichakuudza nezvevamwe vevakomana ava. Kutaura chokwadi, ini handisi mutsigiri wekurova pachena kwevasina hanya "vanotsiva kunze kwenyika" - ini ndinowanzo funga kuti hatifarire hukama nemakambani akadaro, uye panguva ino tinoparadzana navo.
Asi, zvisinei, nhasi, ndichiverenga nhau paFacebook uye kunwa kofi yangu yemangwanani, ndakapotsa ndadurura mushure mekuverenga kuti iyo inotsigira yeRusnano, kambani ELVIS-NeoTek, pamwe neRostec, ichapa makumi ezviuru zvemakamera kuzvikoro.
Pazasi pekuchekwa pane ruzivo rwekuti takavaedza sei.
Ehe, hongu - ava ndivo vakomana vamwe chete vakandiunzira zvakachipa uye yakaipa China, pasi pechiratidziro chebudiriro yavo.
Saka, ngatitarisei chokwadi: Vakatiunzira "VisorJet Smart Bullet" kamera, kubva kune yekumba - yaive nebhokisi uye QC yekugamuchira pepa (:-D), mukati maive neyakajairwa yeChinese modular kamera yakavakirwa pane. Hisilicon 3516 chipset.
Mushure mekugadzira firmware dump, zvakakurumidza kuve pachena kuti mugadziri chaiye wekamera uye firmware yaive imwe kambani "Brovotech", iyo inonyanya kugovera yakagadzirirwa IP makamera. Takaparadzana, ndakashatirwa nezita rechipiri rehofisi iyi "» manyepo emanyepo ezita rekambani Ezviz, b2c mwanasikana wemumwe wevatungamiriri venyika Hikvision. Hmm, zvese zviri mutsika dzakanakisa dzeAbibas naNokla.
Zvese zviri muiyo firmware zvakazove zvakajairwa, zvisina kuzvikudza muChinese:
Mafaira ari mu firmware
├── alarm.pcm
├── bvipcam
├── cmdserv
├── daemonserv
├── inoona
├── font
├── lib
...
│ └── libsony_imx326.so
├── reset
├── start_ipcam.sh
├── sysconf
│ ├── 600106000-BV-H0600.conf
│ ├── 600106001-BV-H0601.conf
...
│ └── 600108014-BV-H0814.conf
├── system.conf -> /mnt/nand/system.conf
├── version.conf
└── www
...
├── logo
│ ├── elvis.jpg
│ └── qrcode.png
Kubva kumugadziri wepamba tinoona faira elvis.jpg - kwete yakaipa, asi nekukanganisa muzita rekambani - kutonga nesaiti iyo inonzi "elvees".
bvipcam ine basa rekushanda kwekamera - iyo huru application inoshanda neA/V hova uye iri network server.
Iye zvino nezve maburi uye backdoors:
1. Iyo yekuseri mubvipcam iri nyore kwazvo: strcmp (password,"20140808") && strcmp (zita rekushandisa,"bvtech"). Iyo haina kuremara, uye inomhanya pane isina-yakaremara port 6000
2. Mu /etc/shadow pane static root password uye yakavhurika telnet port. Haisi iyo yakanyanya simba MacBook brute-inomanikidza iyi password mukati isingasviki awa.
3. Iyo kamera inogona kutumira ese akachengetwa mapassword kuburikidza neiyo control interface mune yakajeka mavara. Ndokunge, nekuwana kamera uchishandisa yekumashure log pass kubva (1), unogona kuwana nyore mapassword evashandisi vese.
Ndakaita zvese izvi manipulations pachangu - mutongo uri pachena. Chechitatu-chiyero Chinese firmware, iyo isingatombo shandiswa mumapurojekiti akakomba.
Nenzira, ndakaiwana gare gare - mairi vakaita basa rakadzama pakudzidza makomba mumakamera kubva kubrovotech. Hmmm.
Kubva pane zvakabuda pabvunzo, takanyora mhedziso kuELVIS-NeoTek nezvose zvakawanikwa. Mukupindura, takagamuchira mhinduro huru kubva kuELVIS-NeoTek: "Iyo firmware yemakamera edu yakavakirwa paLinux SDK kubva kumugadziri anogadzira HiSilicon. Nokuti ma controller aya anoshandiswa mumakamera edu. Panguva imwecheteyo, yedu pachedu software yakagadziridzwa pamusoro peiyi SDK, iyo ine basa rekudyidzana kwekamera uchishandisa data exchange protocol. Zvakanga zvakaoma kuti nyanzvi dzekuongorora dzizive, sezvo isu hatina kupa midzi yekuwana kumakamera.
Uye kana ikaongororwa kubva kunze, pfungwa isina kururama inogona kuumbwa. Kana zvichidikanwa, isu takagadzirira kuratidza kune nyanzvi dzako maitiro ese ekugadzira uye firmware yemamera mukugadzira kwedu. Kusanganisira kuratidza chikamu cheiyo firmware source codes. "
Nomuzvarirwo, hapana munhu akaratidza kodhi kodhi.
Ndakasarudza kusashanda navo zvakare. Uye zvino, makore maviri gare gare, zvirongwa zvekambani yeElvees kugadzira yakachipa maChinese makamera ane yakachipa Chinese firmware pasi pechiratidziro chekusimudzira kweRussia vakawana application yavo.
Zvino ndaenda kuwebhusaiti yavo ndikaona kuti vakagadziridza mutsara wavo wemakamera uye haicharatidzike seBrovotech. Wow, pamwe vakomana vakazviona uye vakazvigadzirisa - ivo vakaita zvese ivo pachavo, panguva ino nekutendeseka, pasina leaky firmware.
Asi, nhamo, kuenzanisa kwakapfava "Russian" kamera akapa mhinduro.
Saka, sangana neyekutanga: makamera kubva kune isingazivikanwe mutengesi mamaira.
Iyi mirefu iri nani sei pane brovotech? Kubva pakuchengetedza maonero, zvichida, hapana - mhinduro yakachipa yekutenga.
Ingotarisa iyo skrini yewebhu interface yemirairi uye ELVIS-NeoTek makamera - hapazovi nekupokana: iyo "Russian" VisorJet makamera ari clone yemamera akareba makamera. Kwete chete mifananidzo yewebhu interfaces inofanana, asiwo iyo default IP 192.168.5.190 uye mifananidzo yekamera. Kunyangwe iyo default password yakafanana: ms1234 vs en123456 yeiyo clone.
Mukupedzisa, ndinogona kutaura kuti ini ndiri baba, ndine vana kuchikoro uye ndinopesana nekushandiswa kwemakamera eChinese ane leaky Chinese firmware, neTrojans uye backdoors mudzidzo yavo.
Source: www.habr.com