In many situations private investigators and security cameras go hand-in-hand. On the 8 Feb 2012 episode of Security Now with Steve Gibson, he talked about a security flaw discovered by person(s) from Console Cowboys involving TrendNet web cameras. Allegedly, there are approximately 26 different models vulnerable to an exploit allowing anyone with an Internet connection to log into the cameras and watch you live.
What happened here is a savvy individual (hacker) that owned one of the cameras decided to take it apart and probe the software contained inside. What he found was an anonymous directory /anony/ with a CGI script “mjpg.cgi” that allowed you to go directly to the camera’s live shot. He simply put his camera’s IP address in his web browser along with the direct path /anony/mjpg.cgi and was able to view his live web cam without a prompt for a user name/password.
If that wasn’t bad enough, the hacker went to the website ShodanHQ with his info. Shodan is a newer search engine that logs all of the web servers connected to the Internet by reading their header data. See, webservers including the small one contained in the Trendnet cameras broadcast a small descriptive title letting the recipient know what type of server it is (web, email, nfs, etc). The Trendnet camera’s web server sends out the term “netcam” when prompted. So, if you enter the term netcam into the ShodanHQ search engine, the result is a list of IP addresses that have this type of camera connected to the net. All he did then was add the path behind the resulting listed IP addresses and he was looking in on people’s private webcam shots all over the world.
Here is clip from the Security Now Show where Steve Gibson talks about the webcam exploit:
So, if you or any of your clients are using any Trendnet cameras, it may be a good idea to disconnect them until you or they are able to correct the problem. Trendnet has issued an update with links for downloads/firmware updates.
Thanks to Steve Gibson (@SGgrc) and Leo Laporte (@leolaporte) for a great report on this.
Leave a comment below and let us know what you think or what your experiences are with this type of exploit.