Senin, 01 Oktober 2007

Owning Axis IP Cameras

Over the weekend, i had the time to review a whitepaper written by both Adrian Pastor and Amir Azam. In that article, they displayed certain XSS techniques that allowed an attacker to own the IP cameras and monitor it. Well, i would say that this is not too bad of an article as the PoC included. It is still the same old XSS that is doing the trick and CSRF that allows creation of admin accounts. The firmware for Axis is just crap. They should brush up on their security to avoid more security issues. For those who are interested, do check it out at

http://www.gnucitizen.org/blog/owning-big-brother-hollywood-style-exploits-included


The Hacka Man

0 komentar:

Posting Komentar