Initial commit

.clang-format

@@ -0,0 +1,61 @@
+---
+Language:        Cpp
+# BasedOnStyle:  Mozilla
+AccessModifierOffset: -4
+ConstructorInitializerIndentWidth: 0
+AlignEscapedNewlinesLeft: false
+AlignTrailingComments: true
+AllowAllParametersOfDeclarationOnNextLine: true
+AllowShortBlocksOnASingleLine: true
+AllowShortCaseLabelsOnASingleLine: true
+AllowShortIfStatementsOnASingleLine: true
+AllowShortLoopsOnASingleLine: true
+AllowShortFunctionsOnASingleLine: All
+AlwaysBreakAfterDefinitionReturnType: true
+AlwaysBreakTemplateDeclarations: true
+AlwaysBreakBeforeMultilineStrings: true
+BreakBeforeBinaryOperators: None
+BreakBeforeTernaryOperators: true
+BreakConstructorInitializersBeforeComma: true
+BinPackParameters: false
+BinPackArguments: false
+ColumnLimit:     100
+ConstructorInitializerAllOnOneLineOrOnePerLine: true
+DerivePointerAlignment: false
+ExperimentalAutoDetectBinPacking: false
+IndentCaseLabels: false
+IndentWrappedFunctionNames: false
+IndentFunctionDeclarationAfterType: false
+MaxEmptyLinesToKeep: 1
+KeepEmptyLinesAtTheStartOfBlocks: false
+NamespaceIndentation: None
+ObjCSpaceAfterProperty: false
+ObjCSpaceBeforeProtocolList: true
+PenaltyBreakBeforeFirstCallParameter: 19
+PenaltyBreakComment: 300
+PenaltyBreakString: 1000
+PenaltyBreakFirstLessLess: 120
+PenaltyExcessCharacter: 1000000
+PenaltyReturnTypeOnItsOwnLine: 60
+PointerAlignment: Left
+SpacesBeforeTrailingComments: 1
+Cpp11BracedListStyle: false
+Standard:        Cpp11
+IndentWidth:     4
+TabWidth:        8
+UseTab:          Never
+BreakBeforeBraces: Attach
+SpacesInParentheses: false
+SpacesInSquareBrackets: false
+SpacesInAngles:  false
+SpaceInEmptyParentheses: false
+SpacesInCStyleCastParentheses: false
+SpaceAfterCStyleCast: false
+SpacesInContainerLiterals: true
+SpaceBeforeAssignmentOperators: true
+ContinuationIndentWidth: 4
+CommentPragmas:  '^ IWYU pragma:'
+ForEachMacros:   [ foreach, Q_FOREACH, BOOST_FOREACH ]
+SpaceBeforeParens: ControlStatements
+DisableFormat:   false
+...

CMakeLists.txt

@@ -0,0 +1,48 @@
+## Copyright 2016 Etix Labs
+##
+## Licensed under the Apache License, Version 2.0 (the "License");
+## you may not use this file except in compliance with the License.
+## You may obtain a copy of the License at
+##
+##     http://www.apache.org/licenses/LICENSE-2.0
+##
+## Unless required by applicable law or agreed to in writing, software
+## distributed under the License is distributed on an "AS IS" BASIS,
+## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+## See the License for the specific language governing permissions and
+## limitations under the License.
+
+cmake_minimum_required (VERSION 2.8.1)
+cmake_policy(SET CMP0042 NEW)
+
+# compiler flags
+set (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++14") #enable C++14
+set (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -W -Wall -Wextra -Wno-unused-function") # extra warnings
+set (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fdiagnostics-color") #enable error coloration on gcc
+
+# release specific flags
+set (CMAKE_CXX_FLAGS_RELEASE "${CMAKE_CXX_FLAGS_RELEASE} -O2") #enable error coloration on gcc
+
+#debug specific flags
+set (CMAKE_CXX_FLAGS_DEBUG "${CMAKE_CXX_FLAGS_DEBUG} -g -fprofile-arcs -ftest-coverage")
+
+# rpath enable osx
+set(CMAKE_MACOSX_RPATH 1)
+
+# list of all cache managers
+set (CAMERADAR_CACHE_MANAGERS "")
+
+# output path for cache managers
+set (CCTV_CACHE_MANAGER_OUTPUT_FOLDER cache_managers)
+set (CCTV_CACHE_MANAGER_OUTPUT_PATH ${CMAKE_BINARY_DIR}/${CCTV_CACHE_MANAGER_OUTPUT_FOLDER})
+
+set(CMAKE_MODULE_PATH ${PROJECT_SOURCE_DIR}/cmake)
+
+include_directories (
+        "cameradar_standalone/include"
+        "../cctv_server2/deps/jsoncpp/src/deps.jsoncpp/include"
+)
+
+#build cache managers
+add_subdirectory (cameradar_standalone)
+add_subdirectory (cache_managers)

README.md

@@ -0,0 +1,169 @@
+# Cameradar
+
+## An RTSP surveillance camera access multitool.
+
+#### Cameradar allows you to:
+
+* **Detect open RTSP hosts** on any accessible subnetwork
+* Get their public info (hostname, port, camera model, etc.)
+* Bruteforce your way into them to get their **stream route** (for example /live.sdp)
+* Bruteforce your way into them to get the **username and password** of the cameras
+* **Generate thumbnails** from them to check if the streams are valid and to have a quick preview of their content
+* Try to create a Gstreamer pipeline to check if they are **properly encoded**
+* Print a summary of all the informations Cameradar could get
+
+#### And all of this in a _single command-line_.
+
+Of course, you can also call for individual tasks if you plug in a Database to Cameradar, but for now this repo only contains a basic cache manager. You can however create your own by following the simple example of the **dumb cache manager**.
+
+## Table of content
+
+- [Installation](#installation)
+- [Configuration](#configuration)
+- [Output](#output)
+- [Check camera access](#check-camera-access)
+- [Command line options](#command-line-options)
+- [Under the hood](#under-the-hood)
+- [Contribution](#contribution)
+- [Next improvements](#next-improvements)
+- [License](#license)
+
+## Installation
+
+The simplest way would be to follow these steps :
+
+1. `git clone [email protected]:EtixLabs/cameradar.git`
+2. Go into the Cameradar repository, create a directory named `build`
+3. In the build directory, run `cmake ..` This will generate the Makefiles you need to build Cameradar
+4. Run the command `make`
+5. This should compile Cameradar. Go into the `cameradar_standalone` directory
+6. You can now customize the `conf/cameradar.conf.json` file to set the subnetworks and specific ports you want to scan, as well as the thumbnail generation path. More information will be given about the configuration file in another part of this document.
+7. You are now ready to launch Cameradar by launching `./cameradar` in the cameradar_standalone directory.
+
+### Configuration
+
+Here is the basic content of the configuration file with simple placeholders :
+```json
+{
+  "subnets" : "SUBNET1,SUBNET2,SUBNET3,[...]",
+  "ports" : "PORT1,PORT2,[...]",
+  "rtsp_url_file" : "conf/url.json",
+  "rtsp_ids_file" : "conf/ids.json",
+  "thumbnail_storage_path" : "/valid/path/to/a/storage/directory",
+  "cache_manager_path" : "../cache_managers/dumb_cache_manager",
+  "cache_manager_name" : "dumb"
+}
+```
+
+The subnetworks should be passed separated by commas only, and their subnet format should be the same as used in nmap.
+```json
+"subnets" : "172.100.16.0/24,172.100.17.0/24,localhost,192.168.1.13"
+```
+
+The **RTSP ports for most cameras are 554**, so you should probably specify 554 as one of the ports you scan. Not giving any ports in the configuration will scan every port of every host found on the subnetworks..How is formatted Cameradar's result
+You **can use your own files for the ids and routes dictionaries** used to bruteforce the cameras, but the Cameradar repo already gives you a good base that works with most cameras.
+
+The thumbnail storage path should be a **valid and accessible directory** in which the thumbnails will be stored.
+
+The cache manager path and name variables are used to change the cache manager you want to load into Cameradar. If you want to, you can code your own cache manager using a database, a file, a remote server, [...]. Feel free to share it by creating a merge request on this repo if you developed a generic manager (It must not be specific to your company's infrastructure).
+
+## Output
+
+Here you go :
+
+```json
+{
+   "address" : "173.16.100.45",
+   "ids_found" : true,
+   "password" : "123456",
+   "path_found" : true,
+   "port" : 554,
+   "product" : "Vivotek FD9381-HTV",
+   "protocol" : "tcp",
+   "route" : "/live.sdp",
+   "service_name" : "rtsp",
+   "state" : "open",
+   "thumbnail_path" : "/tmp/127.0.0.1/1463735257.jpg",
+   "username" : "admin"
+}
+```
+
+## Check camera access
+
+If you have vlc, you should be able to use the GUI to connect to the RTSP stream using this format : `username:password@address:port/route`
+
+With the above result, the RTSP URL would be `admin:[email protected]:554/live.sdp`
+
+If you're still in your console however, you can go even faster by using **vlc in commmand-line** and just run `vlc username:password@address:port/route` with the camera's info instead of the placeholders.
+
+## Command line options
+
+* **"-c"** : Set a custom path to the configuration file (-c /path/to/conf)
+* **"-l"** : Set log level
+  * **"-l 1"** : Log level DEBUG
+    * _Will print everything including debugging logs_
+  * **"-l 2"** : Log level INFO
+    * _Prints every normal information_
+  * **"-l 4"** : Log level WARNING
+    * _Only prints warning and errors_
+  * **"-l 5"** : Log level ERROR
+    * _Only prints errors_
+  * **"-l 6"** : Log level CRITICAL
+    * _Doesn't print anything since Cameradar can't have critical failures right now, however you can use this level to debug your own code easily or if you add new critical layers_
+* **"-d"** : Launch the discovery tool
+* **"-b"** : Launch the bruteforce tool on all discovered devices
+  * Needs either to be launched with the -d option or to use an advanced cache manager (DB, file, ...) with data already present
+* **"-t"** : Generate thumbnails from detected cameras
+  * Needs either to be launched with the -d option or to use an advanced cache manager (DB, file, ...) with data already present
+* **"-g"** : Check if the stream can be opened with GStreamer
+  * Needs either to be launched with the -d option or to use an advanced cache manager (DB, file, ...) with data already present
+* **"-v"** : Display Cameradar's version
+* **"-h"** : Display this help
+
+## Under the hood
+
+Cameradar uses **nmap** to map all of the subnetworks you specified in the configuration file (_cameradar.conf.json_), then parses its result to get all of the open RTSP streams that were detected.
+
+After that, it uses **cURL** to send requests to the cameras and to try routes and ids for each camera until it is accessed or until all of the most used routes/ids (that you can modify in _conf/ids.json_ and _conf/url.json_) were tried
+
+Then, it uses **FFMPEG** to generate a lightweight thumbnail from the stream, which you could use to get a quick preview of the camera's view.
+
+Finally, it tries to access the stream using a simple **Gstreamer pipeline** to check for the stream's encoding.
+
+The output of Cameradar will be printed on the standard output and will also be accessible in the result.json file.
+
+Cameradar uses **nmap** to map all of the subnetworks you specified in the configuration file (_cameradar.conf.json_), then parses its result to get all of the open RTSP streams that were detected.
+
+After that, it uses **cURL** to send requests to the cameras and to try routes and ids for each camera until it is accessed or until all of the most used routes/ids (that you can modify in _conf/ids.json_ and _conf/url.json_) were tried
+
+Then, it uses **FFMPEG** to generate a lightweight thumbnail from the stream, which you could use to get a quick preview of the camera's view.
+
+Finally, it tries to access the stream using a simple **Gstreamer pipeline** to check for the stream's encoding.
+
+The output of Cameradar will be printed on the standard output and will also be accessible in the result.json file.
+
+## Contribution
+
+Well there are many things we could code in order to add features to Cameradar. Adding other protocols than RTSP would be really cool, as well as making generic cache managers. Creating an HTTP server with an API that would launch cameradar upon recieving requests ans answer with Cameradar's result would also be potentially really useful.
+
+If you're not into software development or not into C++, even updating the dictionaries would be a really cool contribution! Just make sure the ids and routes you add are **default constructor credentials** and not custom credentials.
+
+If you have other cool ideas, feel free to share them with me at [email protected] !
+
+## Next improvements
+
+- [ ] Development of a MySQL cache manager
+- [ ] Development of a JSON file cache manager
+- [ ] Development of an XML file cache manager
+
+## License
+
+Copyright 2016 Etix Labs
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+
+See the License for the specific language governing permissions and limitations under the License.

cache_managers/CMakeLists.txt

@@ -0,0 +1,23 @@
+## Copyright 2016 Etix Labs
+##
+## Licensed under the Apache License, Version 2.0 (the "License");
+## you may not use this file except in compliance with the License.
+## You may obtain a copy of the License at
+##
+##     http://www.apache.org/licenses/LICENSE-2.0
+##
+## Unless required by applicable law or agreed to in writing, software
+## distributed under the License is distributed on an "AS IS" BASIS,
+## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+## See the License for the specific language governing permissions and
+## limitations under the License.
+
+cmake_minimum_required (VERSION 2.8.1)
+cmake_policy(SET CMP0042 NEW)
+
+# set temporarly the ouput path for all server plugins
+set (LIBRARY_OUTPUT_PATH ${CCTV_CAMERA_MANAGER_OUTPUT_PATH})
+
+add_subdirectory(dumb_cache_manager)
+
+set (CCTV_CACHE_MANAGERS ${CCTV_CACHE_MANAGERS} PARENT_SCOPE)

cache_managers/dumb_cache_manager/CMakeLists.txt

@@ -0,0 +1,34 @@
+## Copyright 2016 Etix Labs
+##
+## Licensed under the Apache License, Version 2.0 (the "License");
+## you may not use this file except in compliance with the License.
+## You may obtain a copy of the License at
+##
+##     http://www.apache.org/licenses/LICENSE-2.0
+##
+## Unless required by applicable law or agreed to in writing, software
+## distributed under the License is distributed on an "AS IS" BASIS,
+## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+## See the License for the specific language governing permissions and
+## limitations under the License.
+
+cmake_minimum_required (VERSION 2.8.1)
+cmake_policy(SET CMP0042 NEW)
+
+project(dumb_cache_manager CXX)
+
+find_package(PkgConfig)
+
+include_directories (${PROJECT_SOURCE_DIR}/include ${CAMERADAR_INCLUDES})
+message("${CAMERADAR_INCLUDES}")
+
+include (find_sources)
+find_sources ("src" "include")
+
+add_library (dumb_cache_manager SHARED ${SOURCES})
+set(CMAKE_SHARED_LINKER_FLAGS "-Wl,--no-undefined")
+target_link_libraries (dumb_cache_manager)
+
+set (CACHE_MANAGER_NAME ${CAMERADAR_CACHE_MANAGER_OUTPUT_PATH}/${CMAKE_SHARED_LIBRARY_PREFIX}dumb_cache_manager{CMAKE_SHARED_LIBRARY_SUFFIX})
+list (APPEND CAMERADAR_CACHE_MANAGERS ${CACHE_MANAGER_NAME})
+set (CAMERADAR_CACHE_MANAGERS ${CAMERADAR_CACHE_MANAGERS} PARENT_SCOPE)

cache_managers/dumb_cache_manager/include/dumb_cache_manager.h

@@ -0,0 +1,50 @@
+// Copyright 2016 Etix Labs
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#pragma once
+
+#include <vector>
+#include <cachemanager.h>
+#include <stream_model.h>
+#include <configuration.h>
+#include <logger.h>
+
+namespace etix {
+namespace cameradar {
+
+class dumb_cache_manager : public cache_manager_base {
+private:
+    static const std::string name;
+    std::vector<etix::cameradar::stream_model> streams;
+    std::shared_ptr<etix::cameradar::configuration> configuration;
+
+public:
+    using cache_manager_base::cache_manager_base;
+    ~dumb_cache_manager();
+
+    const std::string& get_name() const override;
+    static const std::string& static_get_name();
+    bool load_dumb_conf(std::shared_ptr<etix::cameradar::configuration> configuration);
+    bool configure(std::shared_ptr<etix::cameradar::configuration> configuration) override;
+
+    void set_streams(std::vector<etix::cameradar::stream_model> model);
+
+    void update_stream(const etix::cameradar::stream_model& newmodel);
+
+    std::vector<etix::cameradar::stream_model> get_streams() const;
+
+    std::vector<etix::cameradar::stream_model> get_valid_streams() const;
+};
+}
+}