Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

ironkey and AXIS 211 Network Camera

  1. Home
  2. Forum
  3. General
  4. ironkey and AXIS 211 Network Camera

ghost's Avatar

ghost

0 0

I have two questions.

1.) What do you guys think of the Iron key flash drive. i looked throught the search function and only got to hits and they where both just a mention and no discussion on it.

2.) I was playing around with google and did the whole view/shtml thing and got alot of hits on AXIS cameras but they all require you to log in via a username and password in order to see through them or to control them. I also noticed that the urls look like this

ip.ad.dr.ess/view/view.shtml?id=116&imagePath=/mjpg/quad/video.mjpg&size=1

Well i was playing around i hit one that allowed me to take a snapshot even though i had no rights to the camera so i click snapshot and i see the pic. well if i keep clicking refresh it will be pretty much like an video since the timestamp says its live. but the url for that is

ip.ad.dr.ess/view/snapshot.shtml?picturepath=/jpg/image.jpg

so i switched it up and made this

ip.ad.dr.ess/view/snapshot.shtml?picturepath=/jpg/image.jpg&id=116&imagePath=/mjpg/video.mjpg

Well now there are two pics but one is moving since i guess its the actual live feed and i could control them with the controls in the little window. Also on two of them i was able to do ../../../../../../etc/passwd and i got a file with a load of gibberish in it.

Heres the question. I know the dir transversal is a vuln but is the camera thing a vuln since i cant turn them off or anything. only move them around.

Thanks in advance for your time.