Who can solve this spooky hack (SSID changes randomly)
- Thread starter craigs
- Start date
alastairstevenson
Staff member
Firmware bug.
Meaning the firmware ITSELF is somehow modifying the entered SSID value on its own, interrupting the connection this way?
Basically writing into its own settings and wiping out the valid WLAN credentials?
I considered this once before but do not understand why the firmware WRITES to settings at all. USERS must enter all data in the settings menus.
Thanks for this idea though!
Anyone else?
Basically writing into its own settings and wiping out the valid WLAN credentials?
I considered this once before but do not understand why the firmware WRITES to settings at all. USERS must enter all data in the settings menus.
Thanks for this idea though!
Anyone else?
The camera does not have any name tag, but is sold under various names by different vendors:
HD E6810 (that was the name mine was sold to me)
Sunluxy SL-701 MemTeq
SriCam ZC-0012 (SHILIPAI)
iSmart C8001DN2
Alsoas a model from anjiel.com and from WansCam
The Windows based control software is called 'NetCam'.
Attached a screen shot of the device properties and FW used in my camera.
It is currently running; I am looking to replace the 5V DC power cable by a combined RJ45 + DC line, adding a LAN repeater nearby.
Tired of climbing ladders all the time when its SSID entry is altered by someone/something.
Thanks for looking into this!
HD E6810 (that was the name mine was sold to me)
Sunluxy SL-701 MemTeq
SriCam ZC-0012 (SHILIPAI)
iSmart C8001DN2
Alsoas a model from anjiel.com and from WansCam
The Windows based control software is called 'NetCam'.
Attached a screen shot of the device properties and FW used in my camera.
It is currently running; I am looking to replace the 5V DC power cable by a combined RJ45 + DC line, adding a LAN repeater nearby.
Tired of climbing ladders all the time when its SSID entry is altered by someone/something.
Thanks for looking into this!
Attachments
alastairstevenson
Staff member
Suggestion:
Check there is no inbound internet access to the camera by using the full ports scan from ShieldsUp! - GRC | ShieldsUP! — Internet Vulnerability Profiling
Secondly - block any outbound internet access by the camera itself.
Thirdly - check that your router does not have UPnP enabled. If so - disable it.
Thanks for the hints!
The GRC test turned out negative, meaning the UPnP port is not open. This also addresses the third suggestion.
As to blocking incoming data TO the suspicious camera: I do not think that the firewall of my AVM (FRITZ!Box) router allows for dedicated network IP data filtering. I will study the possibilities. I probably cannot see 'traffic' between the camera and outside from another network device like my PC, laptop or tablet. This is a router related data flow.
I agree that the camera ideally should never been 'talked to' from the outside (which I suspect). On the other hand I WANT to access my security system from remote when on the road... But the SSID flip issue remained after I decoupled my network from any remote port access altogether..
The GRC test turned out negative, meaning the UPnP port is not open. This also addresses the third suggestion.
As to blocking incoming data TO the suspicious camera: I do not think that the firewall of my AVM (FRITZ!Box) router allows for dedicated network IP data filtering. I will study the possibilities. I probably cannot see 'traffic' between the camera and outside from another network device like my PC, laptop or tablet. This is a router related data flow.
I agree that the camera ideally should never been 'talked to' from the outside (which I suspect). On the other hand I WANT to access my security system from remote when on the road... But the SSID flip issue remained after I decoupled my network from any remote port access altogether..
Update: I studied the settings of my router and its (pretty tight) firewall functionality.
Based on the settings shown below (sorry, German) I do not see any fat chance, that intruders can access this IPcamera to cause havoc to its settings? I am no real expert as to all these port and filter features, but they appear to be reasonable and useful, based on Help info I read about them.
Maybe it IS a memory overrun as indicated before , the Firmware writing into the WLAN settings page by accident and wiping the data/connection? It would explain the random SSID name entry (varying number of silly characters). Not sure how these settings could be 'activated' without the user confirming the changes by clicking a 'SET' button?
Still waiting for the new LAN repeater to string some copper wires to this stupid camera.
Based on the settings shown below (sorry, German) I do not see any fat chance, that intruders can access this IPcamera to cause havoc to its settings? I am no real expert as to all these port and filter features, but they appear to be reasonable and useful, based on Help info I read about them.
Maybe it IS a memory overrun as indicated before , the Firmware writing into the WLAN settings page by accident and wiping the data/connection? It would explain the random SSID name entry (varying number of silly characters). Not sure how these settings could be 'activated' without the user confirming the changes by clicking a 'SET' button?
Still waiting for the new LAN repeater to string some copper wires to this stupid camera.
Attachments
58chev
Pulling my weight
Do you access your camera from outside your network?
VPN or UPnP
VPN or UPnP