Sunday, June 12, 2016

IoT/embedded device remote management apps and more Grandstream stuff

Since the last post was research from 2015, I didn't include the new things I learned.

Grandstream and some other embedded devices or IoT devices come with client or management applications. These applications directly communicate with the device to do things like, assign IP address or get model information, and etc.

Traffic from these applications can be useful to look at.

Here's an application to search for Grandstream camera on your network:




It sends out UDP probes and waits for the camera to respond with information.

Also notice that it lets me change the camera IP address and Wifi Configuration. The camera model I have (GXV3611IR_HD) doesn't have a Wifi module.

I know that IP modification is done via UDP and I don't care too much about that right now. I am interested in the wifi config feature.

I was running Wireshark to capture the data and I clicked Scan.



Red part is what the management application is sending to the camera. Blue is the reply.

Notice the basic auth. It's admin/admin. I know that isn't the correct combination because I changed it.
Another thing you should notice is the user agent. It's GSurf/4.0.

When I visit /goform/wireless or /Pages/wifi.html, via my browser, I'm given a login prompt.

But after changing my user-agent to GSurf/4.0, I'm a able to browse the authenticated pages freely.




But sadly, I can't really do much with it.
Below you can see that I tried to add a user and failed.




Anyways, remote management applications or client applications are some of the things you may want to examine if you're already not doing it.

2 comments:

  1. Hello Everyone !

    USA Fresh & Verified SSN Leads along with Driving License/ ID Number, AVAILABLE with 99.9% connectivity
    All Leads have genuine & valid information.

    **DETAILS IN LEADS**
    First Name | Last Name | SSN | Dob | Driving License Number | Address | City | State | Zip | Phone Number | Account Number | Payday | Bank Name | Employee Details | IP Address

    *Price for SSN lead $2
    *You can ask for sample before any deal
    *If anyone buy in bulk, we can negotiate
    *Sampling is just for serious buyers

    ==>ACTIVE, FRESH CC & CVV FULLZ AVAILABLE<==
    ->$5 PER EACH

    ->Hope for the long term Business
    ->Interested buyers will be welcome

    **Contact 24/7**
    Whatsapp > +923172721122
    Email > leads.sellers1212@gmail.com
    Telegram > @leadsupplier
    ICQ > 752822040

    ReplyDelete
    Replies
    1. Hello all
      am looking few years that some guys comes into the market
      they called themselves hacker, carder or spammer they rip the
      peoples with different ways and it’s a badly impact to real hacker
      now situation is that peoples doesn’t believe that real hackers and carder scammer exists.
      Anyone want to make deal with me any type am available but first
      I‘ll show the proof that am real then make a deal like

      Available Services

      ..Wire Bank Transfer all over the world

      ..Western Union Transfer all over the world

      ..Credit Cards (USA, UK, AUS, CAN, NZ)

      ..School Grade upgrade / remove Records

      ..Spamming Tool

      ..keyloggers / rats

      ..Social Media recovery

      .. Teaching Hacking / spamming / carding (1/2 hours course)

      discount for re-seller

      Contact: 24/7

      fixitrogers@gmail.com

      Delete