Skip to content
/ 2IC80-Project Public

2IC80 ARP Poisoning Attack on Dahua IP Camera by Maiko Bergman and Guy Puts

0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

GuyPuts/2IC80-Project

BranchesTags

Repository files navigation

Created by Maiko Bergman and Guy Puts

HOW TO RUN

The ATTACKER machine must be running some version of Linux (preferably an Ubuntu-based distribution such as Mint); the VICTIM machine may run any OS.

  1. Open a webbrowser on the victim machine and go to the address 192.168.1.108 (default camera address) on the VICTIM machine, you will see the real camera login page.
    Current username: admin
    Current password: Hackerman
    Install the plugin that is asked for; this is part of regular camera functioning. The plugin is called NACL and can be found after installation by typing in 'NACL' in the start menu.)
    You should now see the real camera feed. Verify that it is working and interactive by playing with the movement controls.

  2. Install XAMPP on the ATTACKER machine. This is an Apache server.
    Download link: https://www.apachefriends.org/download.html
    Go through the installer.

  3. Install Python (3.8.5) and download the packages Scapy and OpenCV.

  4. Navigate to /opt/lampp/htdocs/dashboard
    Select all files in the folder this README is in, and copy them to the dashboard directory.

  5. Run initial_MITM_script.sh using the command ./initial_MITM_script.sh macAttacker ipAttacker macVictim ipVictim interface
    The file can either be run with parameters for macAttacker, ipAttacker, macVictim, ipVictim, and interface, or hard-coded.
    The file is run with parameters by default (meaning they are required), but can be run hard-coded by commenting line 6 and uncommenting line 7 of the script.
    The used network adapter/interface is the default Linux network adapter, enp0s31f6.
    If you want to use a different network adapter, then replace enp0s31f6 by the desired adapter in credentials_entered.sh and in the call to initial_MITM_script.sh.

  6. Open a webbrowser on the victim machine and go to the address 192.168.1.108 (default camera address) on the VICTIM machine. You will now see the spoofed login page.
    Enter an arbitrary (not the real) username and password; you will see a prompt that it is incorrect.
    Enter the correct username and password (username: admin; password: Hackerman).
    You will be redirected to the fake video page, where you will see that the feed is fake.

  7. Go back to the ATTACKER machine. Look at the file credentials.txt; this file will now contain the entered username and password.

About

2IC80 ARP Poisoning Attack on Dahua IP Camera by Maiko Bergman and Guy Puts

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages