Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
IP Camera Security Analysis focused on Firmware Reverse Engineering
University West, Department of Engineering Science, Division of Industrial Engineering and Management, Electrical- and Mechanical Engineering.
2019 (English)Independent thesis Basic level (professional degree), 5 credits / 7,5 HE creditsStudent thesis
Abstract [en]

This project is focused on the security of IP cameras. The project provides an in-depth approach to conducting firmware reverse engineering as a means of finding potential vulnerabilities that can in turn be used to extract sensitive information (video feed, accounts, passwords and more) from the IP camera or be used as launching point for further attacks into the infrastructure that the IP camera belongs to.

The project looks at 4 different firmware's from 3 manufacturers; the A and B versions of the D-Link DCS-932L Cloud Camera, the TP-Link NC200 300Mbps Cloud Camera and the Tenvis TH692 Outdoor HD camera. During the reverse engineering of the firmware's belonging to previously mentioned devices a vulnerability checklist is applied to the process in order to provide a structured approach while searching through the firmware. Every firmware looked at during this project was based on an old Kernel with the same potential exploitable vulnerability.

Wi-Fi default passwords were found for the D-Link firmware versions along with plenty of information in regarding to the wireless parameters such as DHCP and DNS addresses. Tenvis TH692 contained 2 hard-coded passwords that were cracked within 80 minutes with the use of John the Ripper. TP-Link NC200 contained 1 hard-coded password that was almost instantaneously cracked.

Place, publisher, year, edition, pages
2019. , p. 19
Keywords [en]
IP Cameras, Firmware, Reverse Engineering, VMWare, John the Ripper, Hard-coded Passwords
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
URN: urn:nbn:se:hv:diva-13946Local ID: EXN300OAI: oai:DiVA.org:hv-13946DiVA, id: diva2:1322612
Subject / course
Electrotechnology
Educational program
Nätverksteknik med IT-säkerhet
Supervisors
Examiners
Available from: 2019-06-11 Created: 2019-06-11 Last updated: 2019-06-11Bibliographically approved

Open Access in DiVA

No full text in DiVA

By organisation
Division of Industrial Engineering and Management, Electrical- and Mechanical Engineering
Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric score

urn-nbn
Total: 1790 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf