Skip to content

curl: Couldn't resolve host name #342

New issue
New issue
Open
Open
curl: Couldn't resolve host name#342
Labels
question
@nguyentrungduc1

Description

@nguyentrungduc1
nguyentrungduc1
opened on Feb 20, 2024

Context

Please select one:

  • I use my own build of the binary

Please select one:

  • I use a specific version: <v5.0.2>

Environment

My operating system:

  • Linux

OS version: <kali linux 2023.4>
OS architecture:

Issue

<curl: Couldn't resolve host name>

What was expected

<escape '@' in curl password>

What happened

<when the password file has the @ character. curl notification: curl: Couldn't resolve host name. That's my camera password.>

Logs

<──(root㉿kali)-[~/go/bin]
└─# ./cameradar -d -c '/root/Desktop/credentials.json' -r '/root/Desktop/routes2' -p 554 -t 192.168.1.7
Loading credentials...ok
  > Loading credentials dictionary from path "/root/Desktop/credentials.json"
  > Loaded 1 usernames and 59 passwords
Loading routes...ok
  > Loading routes dictionary from path "/root/Desktop/routes2"
  > Loaded 3 routes
Scanning the network...ok
  > Found 2 RTSP streams
Attacking routes of 2 streams...ok
  > Perform failed for "rtsp://:@38:AF:29:DA:71:81:554//0x8b6c42" (auth 0): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://:@38:AF:29:DA:71:81:554/cam/realmonitor?channel=0&subtype=0" (auth 0): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://:@38:AF:29:DA:71:81:554/cam/realmonitor?channel=1&subtype=0" (auth 0): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://:@38:AF:29:DA:71:81:554/cam/realmonitor?channel=1&subtype=1" (auth 0): curl: URL using bad/illegal format or missing URL
  > DESCRIBE rtsp://:@192.168.1.7:554//0x8b6c42 RTSP/1.0 > 401
Attempting to detect authentication methods of 2 streams...ok
  > DESCRIBE rtsp://192.168.1.7:554// RTSP/1.0 > 2
  > Stream rtsp://:@192.168.1.7:554// uses digest authentication method
  > Perform failed for "rtsp://38:AF:29:DA:71:81:554/" (auth 0): curl: URL using bad/illegal format or missing URL
  > Stream rtsp://:@38:AF:29:DA:71:81:554/ uses  authentication method
Attacking credentials of 2 streams...ok
  > Perform failed for "rtsp://admin:0000@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:test@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:00000@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:1111@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:111111@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:9phuong@dung@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:1111111@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:123@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:1234@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:12345@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:123456@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:1234567@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:12345678@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:123456789@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:12345678910@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:4321@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:666666@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:6fJjMKYx@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:888888@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:9999@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:admin@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:admin pass@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:Admin@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:admin123@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:administrator@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:Administrator@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:aiphone@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:camera@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:Camera@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:fliradmin@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:GRwvcj8j@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:hikvision@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:hikadmin@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:HuaWei123@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:ikwd@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:jvc@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:kj3TqCWv@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:meinsm@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:pass@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:Pass@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:password@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:password123@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:qwerty@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:qwerty123@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:Recorder@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:reolink@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:root@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:service@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:supervisor@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:support@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:system@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:tlJwpbo6@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:toor@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:tp-link@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:ubnt@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:user@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:wbox@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:wbox123@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:Y5eIMz3C@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > Perform failed for "rtsp://admin:9phuong@[email protected]:554//" (auth 2): curl: Couldn't resolve host name
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:admin [email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:[email protected]:554// RTSP/1.0 > 401
Validating that streams are accessible...ok
  > SETUP rtsp://:@192.168.1.7:554// RTSP/1.0 > 455
  > Perform failed for "rtsp://:@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
Second round of attacks...ok
  > Perform failed for "rtsp://:@38:AF:29:DA:71:81:554//0x8b6c42" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://:@38:AF:29:DA:71:81:554/cam/realmonitor?channel=0&subtype=0" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://:@38:AF:29:DA:71:81:554/cam/realmonitor?channel=1&subtype=0" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://:@38:AF:29:DA:71:81:554/cam/realmonitor?channel=1&subtype=1" (auth -1): curl: URL using bad/illegal format or missing URL
  > DESCRIBE rtsp://:@192.168.1.7:554//0x8b6c42 RTSP/1.0 > 401
Validating that streams are accessible...ok
  > SETUP rtsp://:@192.168.1.7:554// RTSP/1.0 > 455
  > Perform failed for "rtsp://:@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
✖       Admin panel URL:        http://192.168.1.7/ You can use this URL to try attacking the camera's admin panel instead.
        Available:              ✖
        Device model:           Lorex IP camera rtspd

        IP address:             192.168.1.7
        RTSP port:              554
        Auth type:              digest
        Username:               not found
        Password:               not found
        RTSP routes:
                                //
                                //


✖       Admin panel URL:        http://38:AF:29:DA:71:81/ You can use this URL to try attacking the camera's admin panel instead.
        Available:              ✖
        Device model:           Lorex IP camera rtspd

        IP address:             38:AF:29:DA:71:81
        RTSP port:              554
        Username:               not found
        Password:               not found
        RTSP routes:
not found


✖ Streams were found but none were accessed. They are most likely configured with secure credentials and routes. You can try adding entries to the dictionary or generating your own in order to attempt a bruteforce attack on the cameras.>

Metadata

Metadata

Assignees

No one assigned

    Labels

    question

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions