Entropy Exploit是IP网络摄像头利用,也称为Netwave和GoAhead IP Camera利用。entropy是用于网络摄像头渗透测试的强大开发工具。
安装
cd entropy
chmod x install.sh
./install.sh
卸载
cd entropy
chmod x uninstall.sh
./uninstall.sh运行
entropy -h
usage: entropy [-h] [-b {1,2}] [-o OUTPUTFILE] [-T TIMEOUT] [-t TASKS]
[-c COUNT] [-q | -v]
[-i IP | -l INPUTFILE | --shodan SHODAN | --zoomeye ZOOMEYE]
[-u]
optional arguments:
-h, --help show this help message and exit
-b {1,2}, --brand {1,2}
Choose the brand of IP Camera. 1 - represents Netwave,
2 - represents GoAhead.
-o OUTPUTFILE, --output OUTPUTFILE
Output into path you input. The default path in dir
/tmp
-T TIMEOUT, --timeout TIMEOUT
The default timeout for netwave is 300s.
-t TASKS, --task TASKS
Run TASKS number of connects in parallel, default is
10.
-c COUNT, --count COUNT
The number of IP you want to get from ZoomEye. The
maximum is 2000. Default is 100.
-q, --quiet Quiet mode.
-v, --verbose Show more informations.
-i IP, --ip IP The camera's IP and port. Example: 192.168.1.100:80
-l INPUTFILE, --list INPUTFILE
The camera's IP:port address file. The file's format
like this 192.168.1.100:80 in a line.
--shodan SHODAN Your Shodan API Key. You can get help from
https://www.shodan.io/
--zoomeye ZOOMEYE Your ZoomEye API Key. You can get help from
https://www.zoomeye.org/api
-u, --update Update Entropy Exploit.
示例
利用单个摄像机的示例
entropy -b 1 -i 192.168.1.100:80 -v
从文件中利用摄像机的示例
entropy -b 2 -l iplist.txt -v
使用shodan开发相机的示例
entropy -b 2 -v --shodan PSKINdQe1GyxGgecYz2191H2JoS9qvgD
文章来源及下载:
https://github.com/entynetproject/entropy
你可能喜欢