Sawubona wonke umntu!
Ndiphuhlisa i-firmware yeekhamera zokucupha ividiyo kwiinkonzo ze-b2b kunye ne-b2c, kunye nezo zithatha inxaxheba kwiiprojekthi zokucupha ividiyo ye-federal.
Ndabhala malunga nendlela esiqale ngayo .
Ukususela ngoko, kuninzi okutshintshileyo - saqala ukuxhasa ii-chipsets ezingakumbi, umzekelo, ezifana ne-mstar kunye ne-fullhan, sadibana saza sakha ubuhlobo kunye nenani elikhulu labavelisi beekhamera ze-IP zangaphandle kunye nezasekhaya.
Ngokubanzi, abaphuhlisi bekhamera bahlala beza kuthi ukubonisa izixhobo ezitsha, baxoxe ngemiba yobugcisa be-firmware okanye inkqubo yokuvelisa.
Kodwa, njengesiqhelo, ngamanye amaxesha abantu abangaqhelekanga beza - bazisa ngokungafihlisiyo iimveliso zaseTshayina ezikumgangatho ongamkelekanga kunye ne-firmware egcwele imingxunya, kunye nomfuziselo ogqunywe ngokukhawuleza wefektri yenqanaba lesithathu, kodwa kwangaxeshanye bebanga ukuba baphuhlise yonke into ngokwabo: bobabini. I-circuitry kunye ne-firmware, kwaye yajika yaba sisiRashiya ngokupheleleyo.
Namhlanje ndiza kukuxelela ngabanye baba bafana. Ukunyaniseka, andinguye umxhasi wokubethelwa koluntu lokungakhathali "ababambeleyo" - ndihlala ndithatha isigqibo sokuba asinamdla kubudlelwane neenkampani ezinjalo, kwaye ngeli xesha siyahlukana nabo.
Kodwa, nangona kunjalo, namhlanje, ukufunda iindaba kuFacebook kwaye ndisela ikofu yam yasekuseni, ndiphantse ndayichitha emva kokufunda ukuba i-subsidiary ye-Rusnano, inkampani i-ELVIS-NeoTek, kunye ne-Rostec, iya kunika amashumi amawaka eekhamera ezikolweni.
Apha ngezantsi kukho iinkcukacha zendlela esizivavanye ngayo.
Ewe, ewe - ngaba abafana abafanayo abandizisele ngokungafihlisiyo ngexabiso eliphantsi kunye neChina embi, phantsi kwengubo yophuhliso lwabo.
Ke, makhe sijonge iinyani: Basiphathele ikhamera ye "VisorJet Smart Bullet", evela kweyasekhaya - yayinebhokisi kunye nephepha lokwamkela i-QC (:-D), ngaphakathi bekukho ikhamera yemodyuli yaseTshayina esekwe kwi Hisilicon 3516 chipset.
Emva kokwenza i-firmware yokulahla, ngokukhawuleza kwacaca ukuba umenzi wangempela wekhamera kunye ne-firmware yinkampani ethile "i-Brovotech", ejongene nokubonelela ngeekhamera ze-IP ezenziwe ngokwezifiso. Ngokwahlukileyo, bendicatshukiswa ligama lesibini lale ofisi "» ngumgunyathi ombi wegama lenkampani i-Ezviz, intombi ye-b2c yenye yeenkokeli zehlabathi u-Hikvision. Hmm, yonke into ikwezona zithethe zibalaseleyo zika-Abibas noNokla.
Yonke into kwi-firmware yajika yaba semgangathweni, ayinakuthobeka ngesiTshayina:
Iifayile kwi-firmware
├── alarm.pcm
├── bvipcam
├── cmdserv
├── daemonserv
├── ibhaqa
├── ifonti
├── lib
...
│ └── libsony_imx326.so
├── cwangcisa kwakhona
├── qala_ipcam.sh
├── sysconf
│ ├── 600106000-BV-H0600.conf
│ ├── 600106001-BV-H0601.conf
...
│ └── 600108014-BV-H0814.conf
├── system.conf -> /mnt/nand/system.conf
├── version.conf
└── www
...
├── uphawu
│ ├── elvis.jpg
│ └── qrcode.png
Ukusuka kumenzi wasekhaya sibona ifayile elvis.jpg - kungekhona embi, kodwa ngephutha egameni lenkampani - ukugweba ngendawo ebizwa ngokuba yi "elvees".
I-bvipcam inoxanduva lokusebenza kwekhamera - isicelo esiphambili esisebenza kunye nemijelo ye-A / V kwaye iseva yenethiwekhi.
Ngoku malunga nemingxuma kunye ne-backdoors:
1. Umnyango ongasemva kwi-bvipcam ulula kakhulu: strcmp (password,"20140808") && strcmp (igama lomsebenzisi,"bvtech"). Ayivalwanga, kwaye isebenza kwizibuko elingakhubazekanga 6000
2. Kwi/etc/shadow kukho igama eligqithisiweyo eliyingcambu kunye ne-telnet port evulekileyo. Ayiyiyo eyona inamandla MacBook brute-inyanzeliswe le password ngaphantsi kweyure.
3. Ikhamera inokuthumela onke amagama agqithisiweyo agciniweyo nge-interface yolawulo kwisicatshulwa esicacileyo. Oko kukuthi, ngokufikelela kwikhamera usebenzisa i-backdoor log pass ukusuka (1), unokufumana ngokulula amagama ayimfihlo abo bonke abasebenzisi.
Ndazenza zonke ezi manipulations ngokobuqu - isigwebo sicacile. I-firmware yaseTshayina yenqanaba lesithathu, elingenakuze lisetyenziswe kwiiprojekthi ezinzulu.
Ngendlela, ndiyifumene emva kwexeshana - kuyo benza umsebenzi onzulu ngakumbi ekufundeni imingxuma kwiikhamera ezivela kwi-brovotech. Hmmm.
Ngokusekelwe kwiziphumo zoviwo, sabhala isigqibo kwi-ELVIS-NeoTek kunye nazo zonke iinyani ezifunyenweyo. Ukuphendula, sifumene impendulo entle evela ku-ELVIS-NeoTek: “I-firmware yeekhamera zethu isekwe kwi-Linux SDK evela kumenzi wesilawuli u-HiSilicon. Ngokuba aba balawuli basetyenziswa kwiikhamera zethu. Kwangaxeshanye, eyethu isoftware iye yaphuhliswa ngaphezulu kwale SDK, enoxanduva lokusebenzisana kwekhamera isebenzisa iiprothokholi zotshintshiselwano lwedatha. Kwakunzima kwiingcali zovavanyo ukufumanisa, kuba asizange sinikeze ukufikelela kweengcambu kwiikhamera.
Kwaye xa kuvavanywa ngaphandle, uluvo oluphosakeleyo lusenokwenziwa. Ukuba kuyimfuneko, sikulungele ukubonisa kwiingcali zakho yonke inkqubo yokuvelisa kunye ne-firmware yeekhamera kwimveliso yethu. Kubandakanya ukubonisa ezinye zeekhowudi zomthombo we-firmware. "
Ngokwemvelo, akukho mntu wabonisa ikhowudi yomthombo.
Ndagqiba kwelokuba ndingaphindi ndisebenze nabo. Kwaye ngoku, kwiminyaka emibini kamva, izicwangciso zenkampani ye-Elvees yokuvelisa iikhamera zaseTshayina ezinexabiso eliphantsi le-firmware yaseTshayina phantsi kophuhliso lwaseRussia lufumene isicelo sabo.
Ngoku ndiye kwiwebhusayithi yabo kwaye ndafumanisa ukuba bahlaziyile umgca wabo weekhamera kwaye akusabukeki njengeBrovotech. Wow, mhlawumbi abafana baqonda kwaye bazilungisa - benza yonke into ngokwabo, ngeli xesha ngokunyanisekileyo, ngaphandle kwe-firmware evuzayo.
Kodwa, yeha, uthelekiso olulula "Russian" ikhamera unike iziphumo.
Ke, dibana neyokuqala: iikhamera ezisuka kwindawo engaziwayo yomthengisi.
Ingaba le mayile ingcono njani kune-brovotech? Ukusuka kumbono wokhuseleko, mhlawumbi, akukho nto - isisombululo esincinci sokuthenga.
Jonga nje i-screenshot ye-intanethi ye-intanethi ye-mileight kunye neekhamera ze-ELVIS-NeoTek - akuyi kubakho mathandabuzo: iikhamera ze-VisorJet "zaseRashiya" ziyi-clone yeekhamera ze-mileight. Ayifani kuphela imifanekiso yojongano lwewebhu, kodwa kunye ne-IP engagqibekanga 192.168.5.190 kunye nemizobo yekhamera. Nkqu negama lokugqitha elimiselweyo liyafana: ms1234 vs en123456 yeclone.
Ukuqukumbela, ndingatsho ukuba ndingutata, ndinabantwana esikolweni kwaye ndichasene nokusetyenziswa kweekhamera zaseTshayina ezine-firmware yaseTshayina evuzayo, kunye neTrojans kunye ne-backdoors kwimfundo yabo.
umthombo: www.habr.com