CN108833447A - A kind of IP Camera weak passwurd detection method and system - Google Patents
A kind of IP Camera weak passwurd detection method and system Download PDFInfo
- Publication number
- CN108833447A CN108833447A CN201810867467.4A CN201810867467A CN108833447A CN 108833447 A CN108833447 A CN 108833447A CN 201810867467 A CN201810867467 A CN 201810867467A CN 108833447 A CN108833447 A CN 108833447A
- Authority
- CN
- China
- Prior art keywords
- camera
- information
- network
- weak
- proprietary protocol
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/02—Standardisation; Integration
- H04L41/0246—Exchanging or transporting network management information using the Internet; Embedding network management web servers in network elements; Web-services-based protocols
- H04L41/0253—Exchanging or transporting network management information using the Internet; Embedding network management web servers in network elements; Web-services-based protocols using browsers or web-pages for accessing management information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/28—Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
Abstract
The present invention provides a kind of IP Camera weak passwurd detection method and systems, including:Vendor types belonging to the IP Camera in object to be measured network segment are determined by way of port scan;Judged whether that proprietary protocol is needed to communicate according to vendor types;It is communicated if necessary to proprietary protocol, then proprietary protocol and puppy parc is respectively adopted based on target factory default password dictionary and login test is carried out to IP Camera, determine IP Camera with the presence or absence of weak passwurd;If it is determined that obtaining IP Camera, there are weak passwurds, then extract the network information and attribute information of IP Camera.The compatible manufacturer's proprietary protocol of this method and puppy parc, detection process is automatically performed by program, improve detection efficiency, degree of intelligence is good, quickly, accurately, reliably IP Camera can be detected with the presence or absence of the case where weak passwurd, existing IP Camera weak passwurd detection method inefficiency is alleviated, degree of intelligence is poor, the bad technical problem of detection effect.
Description
Technical field
The present invention relates to the technical field of safety detection, more particularly, to a kind of IP Camera weak passwurd detection method and
System.
Background technique
It is universal with IP Camera, camera safety, video private network security problem increasingly cause people concern and
Pay attention to.The instantly popular various Internet of Things corpses virus of research, Botnet discovery, most of viruses for being directed to IP Camera
Main mode of transmission is the system permission that camera device is got by equipment weak passwurd, therefore, it is weak to solve IP Camera
The problem of password distribution situation is a kind of important means for resisting Internet of Things corpse virus.
In the prior art, it when carrying out weak passwurd detection to IP Camera, is carried out generally by artificial mode.Tool
Body, IP Camera administration interface is opened, is logged in, is logined successfully by the factory password of factory default, determine that this is taken the photograph
As there are weak passwurds for head;Login failure then judges the camera, and there is no weak passwurds.
The mode of artificial detection has the following defects:When, there are when multiple network camera, being needed in a network environment
The different account number cipher combination of manual switching goes to verify, and when in network environment there are when high-volume IP Camera, manually
Time and effort consuming is logged in one by one, and inefficiency is also easy to carelessness and falls certain IP Cameras;In addition, manual entry is also possible to meet
The case where to browser-incompatible, leads to not open IP Camera administration interface, and can not verify weak passwurd whether there is.
To sum up, there are inefficiency for existing IP Camera weak passwurd detection method, and degree of intelligence is poor, and detection effect is not
Good technical problem.
Summary of the invention
In view of this, the purpose of the present invention is to provide a kind of IP Camera weak passwurd detection method and system, with slow
Solving existing IP Camera weak passwurd detection method, there are inefficiency, and degree of intelligence is poor, and the bad technology of detection effect is asked
Topic.
In a first aspect, the embodiment of the invention provides a kind of IP Camera weak passwurd detection method, the method includes:
Vendor types belonging to the IP Camera in object to be measured network segment are determined by way of port scan;
According to the vendor types judge whether that proprietary protocol is needed to communicate;
If necessary to proprietary protocol communicate, then based on target factory default password dictionary be respectively adopted the proprietary protocol and
Puppy parc carries out login test to the IP Camera, whether there is weak passwurd with the determination IP Camera, wherein
Comprising factory default password corresponding to the vendor types in the target factory default password dictionary, weak passwurd is preset;
If it is determined that obtaining the IP Camera, there are weak passwurds, then the network is extracted by way of remote access
The network information and attribute information of camera.
With reference to first aspect, the embodiment of the invention provides the first possible embodiments of first aspect, wherein institute
The method of stating further includes:
If you do not need to proprietary protocol communicates, then the puppy parc is used based on the target factory default password dictionary
Login test is carried out to the IP Camera, weak passwurd whether there is with the determination IP Camera;
If it is determined that obtaining the IP Camera, there are weak passwurds, then the network is extracted by way of remote access
The network information and attribute information of camera.
With reference to first aspect, the embodiment of the invention provides second of possible embodiments of first aspect, wherein logical
The mode for crossing port scan determines that vendor types belonging to IP Camera in object to be measured network segment include:
Obtain the object to be measured network segment of user's input;
Port scan is carried out to the IP Camera in the object to be measured network segment, obtains the IP Camera
Finger print information;
According to the finger print information of the IP Camera determine the IP Camera belonging to vendor types.
With reference to first aspect, the embodiment of the invention provides the third possible embodiments of first aspect, wherein such as
Fruit determination obtains the IP Camera, and there are weak passwurds, then the net of the IP Camera is extracted by way of remote access
Network information and attribute information include:
If it is determined that obtaining the IP Camera, there are weak passwurds, then record the network information of the IP Camera,
Wherein, the network information includes at least:IP address information, the information of the vendor types, communication protocol information used, access
Port information;
The IP Camera is remotely accessed based on the network information, is mentioned according to the response message of the IP Camera
Take the attribute information, wherein the attribute information includes at least:Type information, assets id information, device name information, object
Manage location information, firmware version information, software version information, WEB service version information, mac address information, ONVIF version letter
Breath, equipment time-zone information.
With reference to first aspect, the embodiment of the invention provides the 4th kind of possible embodiments of first aspect, wherein institute
Puppy parc is stated to include at least:RTSP agreement, ONVIF agreement, http protocol, HTTPS agreement.
With reference to first aspect, the embodiment of the invention provides the 5th kind of possible embodiments of first aspect, wherein
After the network information and the attribute information that extract the IP Camera, the method also includes:
The network information and the attribute information are saved as into json format, and are stored in MongoDB database.
Second aspect, the embodiment of the invention also provides a kind of IP Camera weak passwurd detection system, the system packet
It includes:
Determining module, for determining factory belonging to the IP Camera in object to be measured network segment by way of port scan
Quotient's type;
Judgment module, for according to the vendor types judging whether that proprietary protocol is needed to communicate;
First logs in test module, communicates if necessary to proprietary protocol, then is distinguished based on target factory default password dictionary
Login test is carried out to the IP Camera using the proprietary protocol and puppy parc, is with the determination IP Camera
No there are weak passwurds, wherein includes factory default corresponding to the vendor types in the target factory default password dictionary
Password presets weak passwurd;
First extraction module, if it is determined that obtaining the IP Camera, there are weak passwurds, then pass through the side of remote access
Formula extracts the network information and attribute information of the IP Camera.
In conjunction with second aspect, the embodiment of the invention provides the first possible embodiments of second aspect, wherein institute
The system of stating further includes:
Second logs in test module, if you do not need to proprietary protocol communicates, is then based on the target factory default cipher word
Allusion quotation carries out login test to the IP Camera using the puppy parc, with the determination IP Camera with the presence or absence of weak
Password;
Second extraction module, if it is determined that obtaining the IP Camera, there are weak passwurds, then pass through the side of remote access
Formula extracts the network information and attribute information of the IP Camera.
In conjunction with second aspect, the embodiment of the invention provides second of possible embodiments of second aspect, wherein institute
Stating determining module includes:
Acquiring unit, for obtaining the object to be measured network segment of user's input;
Port scan unit is obtained for carrying out port scan to the IP Camera in the object to be measured network segment
To the finger print information of the IP Camera;
Determination unit, for according to the finger print information of the IP Camera determine the IP Camera belonging to manufacturer
Type.
In conjunction with second aspect, the embodiment of the invention provides the third possible embodiments of second aspect, wherein institute
Stating the first extraction module includes:
Recording unit, if it is determined that obtaining the IP Camera, there are weak passwurds, then record the IP Camera
The network information, wherein the network information includes at least:IP address information, the information of the vendor types, communication protocol used
Information, access port information;
Extraction unit remotely accesses the IP Camera based on the network information, according to the IP Camera
Response message extracts the attribute information, wherein the attribute information includes at least:Type information, assets id information, implementor name
Title information, physical location information, firmware version information, software version information, WEB service version information, mac address information,
ONVIF version information, equipment time-zone information.
The embodiment of the present invention brings following beneficial effect:
Existing IP Camera weak passwurd detection method generally realized by way of artificial detection, inefficiency, intelligence
Energy degree is poor, and detection effect is bad.Compared with prior art, in IP Camera weak passwurd detection method of the invention, first lead to
The mode for crossing port scan determines vendor types belonging to IP Camera, and then according to vendor types judges whether to need privately owned
Protocol communication is communicated if necessary to proprietary protocol, then proprietary protocol is respectively adopted based on target factory default password dictionary and leads to
Login test is carried out with Protocol Through Network camera, obtains IP Camera with the presence or absence of weak passwurd, finally, if it is determined that obtain
There are weak passwurds for IP Camera, and the network information and category that obtain IP Camera are further extracted by way of remote access
Property information.The compatible manufacturer's proprietary protocol of this method and puppy parc, detection process are automatically performed by program, improve detection effect
Rate, degree of intelligence is good, can quickly, accurately, reliably detect, alleviate with the presence or absence of the case where weak passwurd to IP Camera
Existing IP Camera weak passwurd detection method inefficiency, degree of intelligence is poor, the bad technical problem of detection effect.
Other features and advantages of the present invention will illustrate in the following description, also, partly become from specification
It obtains it is clear that understand through the implementation of the invention.The objectives and other advantages of the invention are in specification, claims
And specifically noted structure is achieved and obtained in attached drawing.
To enable the above objects, features and advantages of the present invention to be clearer and more comprehensible, preferred embodiment is cited below particularly, and cooperate
Appended attached drawing, is described in detail below.
Detailed description of the invention
It, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical solution in the prior art
Embodiment or attached drawing needed to be used in the description of the prior art be briefly described, it should be apparent that, it is described below
Attached drawing is some embodiments of the present invention, for those of ordinary skill in the art, before not making the creative labor
It puts, is also possible to obtain other drawings based on these drawings.
Fig. 1 is a kind of flow chart of IP Camera weak passwurd detection method provided in an embodiment of the present invention;
Fig. 2 is the flow chart of another IP Camera weak passwurd detection method provided in an embodiment of the present invention;
Fig. 3 is the network shooting provided in an embodiment of the present invention determined in object to be measured network segment by way of port scan
The flow chart of vendor types belonging to head;
Fig. 4 is a kind of functional block diagram of IP Camera weak passwurd detection system provided in an embodiment of the present invention.
Icon:
11- determining module;12- judgment module;13- first logs in test module;The first extraction module of 14-.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with attached drawing to the present invention
Technical solution be clearly and completely described, it is clear that described embodiments are some of the embodiments of the present invention, rather than
Whole embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art are not making creative work premise
Under every other embodiment obtained, shall fall within the protection scope of the present invention.
For convenient for understanding the present embodiment, first to the weak mouth of a kind of IP Camera disclosed in the embodiment of the present invention
Detection method is enabled to describe in detail.
Embodiment one:
A kind of IP Camera weak passwurd detection method, with reference to Fig. 1, this method includes:
S102, vendor types belonging to IP Camera in object to be measured network segment are determined by way of port scan;
Generally, it is mounted with that the proprietary protocol of manufacturer itself, especially Haikang prestige regard, are big when IP Camera dispatches from the factory mostly
The equipment of Hua Liangge manufacturer can not be communicated if not carrying out package to proprietary protocol stack with the business interface in equipment.
Therefore, method of the invention passes through the privately owned communication protocol of compatible manufacturer, solves ring that is multi-vendor under complex network and depositing
The problem of weak passwurd detection is carried out to IP Camera under border.
When being detected, the mode for first passing through port scan determines belonging to IP Camera in object to be measured network
Vendor types.Detailed process will hereinafter be described, and details are not described herein.
S104, judged whether that proprietary protocol is needed to communicate according to vendor types;
After obtaining vendor types, judged whether that proprietary protocol is needed to communicate according to vendor types.Specifically, built-in manufacturer
Corresponding relationship between type and communication protocol, after obtaining vendor types, according to above-mentioned corresponding relationship, just can determine that is
It is no to need proprietary protocol communication and specifically used proprietary protocol.
S106, it is communicated if necessary to proprietary protocol, then proprietary protocol is respectively adopted based on target factory default password dictionary
Login test is carried out to IP Camera with puppy parc, to determine IP Camera with the presence or absence of weak passwurd, wherein target factory
Comprising factory default password corresponding to vendor types in quotient's password default dictionary, weak passwurd is preset;
It is communicated if necessary to proprietary protocol, then determines corresponding target factory default password dictionary according to vendor types, and
It is loaded into target factory default password dictionary, and then proprietary protocol and puppy parc is respectively adopted, login survey is carried out to IP Camera
Examination, to determine IP Camera with the presence or absence of weak passwurd.Wherein, right comprising vendor types in target factory default password dictionary
The factory default password answered presets weak passwurd.
Specifically, if carrying out login survey to IP Camera using proprietary protocol based on target factory default password dictionary
Examination, test result are by the password login success in target factory default password dictionary, then the IP Camera is in the private
Have under agreement that there are weak passwurds;Success if not logged in, then weak mouth is not present in the IP Camera under the proprietary protocol
It enables.
In embodiments of the present invention, proprietary protocol refers to the equipment of part manufacturer, since business is needed in communication protocol
On the basis of done the customizations of some privatizations, when carrying out service interaction to test object (i.e. IP Camera) in this case
Communication could must be established using the proprietary protocol of manufacturer.
It should be noted that there is also some by logical for the IP Camera communicated there are proprietary protocol
The business communicated with agreement, so, when carrying out weak passwurd detection to these cameras, in addition to being carried out using proprietary protocol
It is outer to log in test, it is also necessary to login test be carried out using puppy parc, detection is more comprehensively reliable.
S108, if it is determined that obtaining IP Camera, there are weak passwurds, then extract network by way of remote access and take the photograph
As the network information and attribute information of head.
If it is determined that obtaining IP Camera, there are weak passwurds, and network shooting is further extracted by way of remote access
The network information and attribute information of head.Hereinafter the process is described in detail again, details are not described herein.
Existing IP Camera weak passwurd detection method generally realized by way of artificial detection, inefficiency, intelligence
Energy degree is poor, and detection effect is bad.Compared with prior art, in IP Camera weak passwurd detection method of the invention, first lead to
The mode for crossing port scan determines vendor types belonging to IP Camera, and then according to vendor types judges whether to need privately owned
Protocol communication is communicated if necessary to proprietary protocol, then proprietary protocol is respectively adopted based on target factory default password dictionary and leads to
Login test is carried out with Protocol Through Network camera, obtains IP Camera with the presence or absence of weak passwurd, finally, if it is determined that obtain
There are weak passwurds for IP Camera, and the network information and category that obtain IP Camera are further extracted by way of remote access
Property information.The compatible manufacturer's proprietary protocol of this method and puppy parc, detection process are automatically performed by program, improve detection effect
Rate, degree of intelligence is good, can quickly, accurately, reliably detect, alleviate with the presence or absence of the case where weak passwurd to IP Camera
Existing IP Camera weak passwurd detection method inefficiency, degree of intelligence is poor, the bad technical problem of detection effect.
Above content briefly describes IP Camera weak passwurd detection method of the invention, below to other phases
Hold inside the Pass and describes in detail.
In one optionally embodiment, with reference to Fig. 2, this method further includes:
S110, if you do not need to proprietary protocol communicate, then based on target factory default password dictionary use puppy parc pair
IP Camera carries out login test, to determine IP Camera with the presence or absence of weak passwurd;
If you do not need to proprietary protocol communicates, then corresponding target factory default password dictionary is determined according to vendor types,
And it is loaded into target factory default password dictionary, and then login test is carried out to IP Camera using puppy parc, to determine net
Network camera whether there is weak passwurd.Wherein, silent comprising factory corresponding to vendor types in target factory default password dictionary
Recognize password, presets weak passwurd.
Specifically, if being carried out using a certain puppy parc to IP Camera based on target factory default password dictionary
Test is logged in, test result is by the password login success in target factory default password dictionary, then the IP Camera
There are weak passwurds under this kind of puppy parc;Success if not logged in, then the IP Camera is under this kind of puppy parc
There is no weak passwurds.
In embodiments of the present invention, puppy parc includes at least:RTSP agreement, ONVIF agreement, http protocol, HTTPS association
View.
When being detected, these types of puppy parc requires to be tested, and still, is able to carry out when using http protocol
It when test, is no longer tested using HTTPS agreement, only in the case where it cannot be tested using http protocol, then is used
HTTPS agreement is tested.
S112, if it is determined that obtaining IP Camera, there are weak passwurds, then extract network by way of remote access and take the photograph
As the network information and attribute information of head.
Below to vendor types belonging to the IP Camera determined by way of port scan in object to be measured network segment
Process describe in detail.
In one optionally embodiment, with reference to Fig. 3, determined by way of port scan in object to be measured network segment
Vendor types belonging to IP Camera include:
S301, the object to be measured network segment for obtaining user's input;
Before detection, user inputs object to be measured network segment, and program gets the object to be measured network segment of user's input.
S302, port scan is carried out to the IP Camera in target network section to be measured, obtains the fingerprint letter of IP Camera
Breath;
After acquiring object to be measured network segment, port scan is carried out to the IP Camera in target network section to be measured, is obtained
To the finger print information of IP Camera.
Specifically, by port scan, in addition the available open port information for obtaining IP Camera can also obtain
Finger print information, the finger print information include TCP connection fingerprint.
S303, according to the finger print information of IP Camera determine IP Camera belonging to vendor types.
After obtaining the finger print information of IP Camera, further according to TCP connection fingerprint, determine belonging to IP Camera
Vendor types.
Specifically, the mapping relations of built-in TCP connection fingerprint and vendor types, so, in the TCP for obtaining IP Camera
After connecting fingerprint, above-mentioned mapping relations can be based further on and determine vendor types belonging to IP Camera.
Above content describes the process that vendor types belonging to IP Camera are determined by way of port scan, under
It describes in detail in face of the network information of extraction IP Camera and the process of attribute information.
In one optionally embodiment, if it is determined that obtaining IP Camera, there are weak passwurds, then by remotely visiting
The mode asked extracts the network information of IP Camera and attribute information includes:
(1) if it is determined that obtaining IP Camera, there are weak passwurds, then record the network information of IP Camera, wherein
The network information includes at least:IP address information, the information of vendor types, communication protocol information used, access port information;
Specifically, if it is determined that obtaining IP Camera, there are weak passwurds, then recording the network letter of the IP Camera
Breath.
(2) it is based on network information remote access network camera, attribute letter is extracted according to the response message of IP Camera
Breath, wherein attribute information includes at least:Type information, assets id information, device name information, physical location information, firmware version
This information, software version information, WEB service version information, mac address information, ONVIF version information, equipment time-zone information.
Specifically, remote access is realized by API.When access, if detection obtains the network under proprietary protocol
There are weak passwurds for camera, then are remotely accessed by API to the IP Camera using the proprietary protocol, taken the photograph according to network
As the response message extraction attribute information of head, that is, it is based on network information remote access network camera, according to IP Camera
Response message extracts attribute information.
In addition, this method further includes after the network information and attribute information for extracting IP Camera:
The network information and attribute information are saved as into json format, and are stored in MongoDB database.
In addition, judge whether that there are also other object to be measured network segments after the completion of the detection of some object to be measured network segment, if
Have, then carries out being detected;If it is not, detection terminates.
The present invention has the following advantages that:
(1) present invention can be under complex network environment or in video private network, and there are multi-vendor nets in consolidated network environment
In the case where network camera, online IP Camera weak passwurd situation is detected.The present invention is compatible with manufacturer's proprietary protocol
And the agreements such as general RTSP, ONVIF, HTTP, default factory quickly, precisely, reliably can whether there is to IP Camera
The case where password or weak passwurd, is detected, and consumes and minimizes caused by the hardware resource of IP Camera itself, Bu Huiying
It rings and arrives the currently running service conditions of IP Camera;
(2) weak passwurd is carried out specially to inspection, to there are the equipment of weak passwurd to carry out quickly to video private network through the invention
It was found that the threat of IP Camera infection corpse virus is effectively reduced.
Embodiment two:
A kind of IP Camera weak passwurd detection system, with reference to Fig. 4, which includes:
Determining module 11, for being determined by way of port scan belonging to the IP Camera in object to be measured network segment
Vendor types;
Judgment module 12 needs proprietary protocol to communicate for being judged whether according to vendor types;
First logs in test module 13, communicates if necessary to proprietary protocol, then based on target factory default password dictionary point
Not Cai Yong proprietary protocol and puppy parc login test is carried out to IP Camera, to determine IP Camera with the presence or absence of weak mouth
It enables, wherein comprising factory default password corresponding to vendor types in target factory default password dictionary, preset weak passwurd;
First extraction module 14, if it is determined that obtaining IP Camera, there are weak passwurds, then by way of remote access
Extract the network information and attribute information of IP Camera.
In IP Camera weak passwurd detection system of the invention, the mode for first passing through port scan determines IP Camera
Affiliated vendor types, and then judged whether that proprietary protocol is needed to communicate according to vendor types, it is communicated if necessary to proprietary protocol,
Proprietary protocol and puppy parc are then respectively adopted based on target factory default password dictionary, login test are carried out to IP Camera,
Obtain IP Camera with the presence or absence of weak passwurd, finally, if it is determined that obtaining IP Camera, there are weak passwurds, further pass through
The mode of remote access is extracted to obtain the network information of IP Camera and attribute information.The system compatible manufacturer proprietary protocol and
Puppy parc, detection process are automatically performed by program, improve detection efficiency, and degree of intelligence is good, can quickly, accurately, reliably
The case where whether there is weak passwurd to IP Camera detects, and alleviates existing IP Camera weak passwurd detection method
Inefficiency, degree of intelligence is poor, the bad technical problem of detection effect.
Optionally, which further includes:
Second logs in test module, if you do not need to proprietary protocol communicates, is then adopted based on target factory default password dictionary
Login test is carried out to IP Camera with puppy parc, to determine IP Camera with the presence or absence of weak passwurd;
Second extraction module, if it is determined that obtaining IP Camera, there are weak passwurds, then are mentioned by way of remote access
Take the network information and attribute information of IP Camera.
Optionally it is determined that module includes:
Acquiring unit, for obtaining the object to be measured network segment of user's input;
Port scan unit obtains network and takes the photograph for carrying out port scan to the IP Camera in target network section to be measured
As the finger print information of head;
Determination unit determines vendor types belonging to IP Camera for the finger print information according to IP Camera.
Optionally, the first extraction module includes:
Recording unit, if it is determined that obtaining IP Camera, there are weak passwurds, then record the network information of IP Camera,
Wherein, the network information includes at least:IP address information, the information of vendor types, communication protocol information used, access end message
Breath;
Extraction unit is based on network information remote access network camera, is extracted according to the response message of IP Camera
Attribute information, wherein attribute information includes at least:Type information, assets id information, device name information, physical location information,
Firmware version information, software version information, WEB service version information, mac address information, ONVIF version information, equipment time zone
Information.
Optionally, puppy parc includes at least:RTSP agreement, ONVIF agreement, http protocol, HTTPS agreement.
Optionally, after the network information and attribute information for extracting IP Camera, this method further includes:
The network information and attribute information are saved as into json format, and are stored in MongoDB database.
Particular content in the embodiment two can be with reference to the description in above-described embodiment one, and details are not described herein.
The computer program product of IP Camera weak passwurd detection method and system provided by the embodiment of the present invention, packet
The computer readable storage medium for storing program code is included, the instruction that said program code includes can be used for executing previous methods
Method as described in the examples, specific implementation can be found in embodiment of the method, and details are not described herein.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description
It with the specific work process of device, can refer to corresponding processes in the foregoing method embodiment, details are not described herein.
In addition, in the description of the embodiment of the present invention unless specifically defined or limited otherwise, term " installation ", " phase
Even ", " connection " shall be understood in a broad sense, for example, it may be being fixedly connected, may be a detachable connection, or be integrally connected;It can
To be mechanical connection, it is also possible to be electrically connected;It can be directly connected, can also can be indirectly connected through an intermediary
Connection inside two elements.For the ordinary skill in the art, above-mentioned term can be understood at this with concrete condition
Concrete meaning in invention.
It, can be with if the function is realized in the form of SFU software functional unit and when sold or used as an independent product
It is stored in a computer readable storage medium.Based on this understanding, technical solution of the present invention is substantially in other words
The part of the part that contributes to existing technology or the technical solution can be embodied in the form of software products, the meter
Calculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment (can be a
People's computer, server or network equipment etc.) it performs all or part of the steps of the method described in the various embodiments of the present invention.
And storage medium above-mentioned includes:USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), arbitrary access are deposited
The various media that can store program code such as reservoir (RAM, Random Access Memory), magnetic or disk.
In the description of the present invention, it should be noted that term " center ", "upper", "lower", "left", "right", "vertical",
The orientation or positional relationship of the instructions such as "horizontal", "inner", "outside" be based on the orientation or positional relationship shown in the drawings, merely to
Convenient for description the present invention and simplify description, rather than the device or element of indication or suggestion meaning must have a particular orientation,
It is constructed and operated in a specific orientation, therefore is not considered as limiting the invention.In addition, term " first ", " second ",
" third " is used for descriptive purposes only and cannot be understood as indicating or suggesting relative importance.
Finally it should be noted that:Embodiment described above, only a specific embodiment of the invention, to illustrate the present invention
Technical solution, rather than its limitations, scope of protection of the present invention is not limited thereto, although with reference to the foregoing embodiments to this hair
It is bright to be described in detail, those skilled in the art should understand that:Anyone skilled in the art
In the technical scope disclosed by the present invention, it can still modify to technical solution documented by previous embodiment or can be light
It is readily conceivable that variation or equivalent replacement of some of the technical features;And these modifications, variation or replacement, do not make
The essence of corresponding technical solution is detached from the spirit and scope of technical solution of the embodiment of the present invention, should all cover in protection of the invention
Within the scope of.Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. a kind of IP Camera weak passwurd detection method, which is characterized in that the method includes:
Vendor types belonging to the IP Camera in object to be measured network segment are determined by way of port scan;
According to the vendor types judge whether that proprietary protocol is needed to communicate;
It is communicated if necessary to proprietary protocol, then the proprietary protocol and general is respectively adopted based on target factory default password dictionary
Agreement carries out login test to the IP Camera, whether there is weak passwurd with the determination IP Camera, wherein described
Comprising factory default password corresponding to the vendor types in target factory default password dictionary, weak passwurd is preset;
If it is determined that obtaining the IP Camera, there are weak passwurds, then the network shooting is extracted by way of remote access
The network information and attribute information of head.
2. the method according to claim 1, wherein the method also includes:
If you do not need to proprietary protocol communicates, then use the puppy parc to institute based on the target factory default password dictionary
It states IP Camera and carries out login test, weak passwurd whether there is with the determination IP Camera;
If it is determined that obtaining the IP Camera, there are weak passwurds, then the network shooting is extracted by way of remote access
The network information and attribute information of head.
3. the method according to claim 1, wherein being determined by way of port scan in object to be measured network segment
IP Camera belonging to vendor types include:
Obtain the object to be measured network segment of user's input;
Port scan is carried out to the IP Camera in the object to be measured network segment, obtains the fingerprint of the IP Camera
Information;
According to the finger print information of the IP Camera determine the IP Camera belonging to vendor types.
4. method according to claim 1 or 2, which is characterized in that if it is determined that obtaining the IP Camera, there are weak
Password, the then network information and attribute information that the IP Camera is extracted by way of remote access include:
If it is determined that obtaining the IP Camera, there are weak passwurds, then record the network information of the IP Camera, wherein
The network information includes at least:IP address information, the information of the vendor types, communication protocol information used, access port
Information;
The IP Camera is remotely accessed based on the network information, institute is extracted according to the response message of the IP Camera
State attribute information, wherein the attribute information includes at least:Type information, assets id information, device name information, physical bit
Confidence breath, firmware version information, software version information, WEB service version information, mac address information, ONVIF version information, if
Standby time-zone information.
5. method according to claim 1 or 2, which is characterized in that the puppy parc includes at least:RTSP agreement,
ONVIF agreement, http protocol, HTTPS agreement.
6. method according to claim 1 or 2, which is characterized in that in the network information for extracting the IP Camera and
After attribute information, the method also includes:
The network information and the attribute information are saved as into json format, and are stored in MongoDB database.
7. a kind of IP Camera weak passwurd detection system, which is characterized in that the system comprises:
Determining module, for determining manufacturer's class belonging to the IP Camera in object to be measured network segment by way of port scan
Type;
Judgment module, for according to the vendor types judging whether that proprietary protocol is needed to communicate;
First logs in test module, communicates if necessary to proprietary protocol, then is respectively adopted based on target factory default password dictionary
Whether the proprietary protocol and puppy parc carry out login test to the IP Camera, deposited with the determination IP Camera
In weak passwurd, wherein it include factory default password corresponding to the vendor types in the target factory default password dictionary,
Default weak passwurd;
First extraction module, if it is determined that obtaining the IP Camera, there are weak passwurds, then are mentioned by way of remote access
Take the network information and attribute information of the IP Camera.
8. system according to claim 7, which is characterized in that the system also includes:
Second logs in test module, if you do not need to proprietary protocol communicates, is then adopted based on the target factory default password dictionary
Login test is carried out to the IP Camera with the puppy parc, weak mouth whether there is with the determination IP Camera
It enables;
Second extraction module, if it is determined that obtaining the IP Camera, there are weak passwurds, then are mentioned by way of remote access
Take the network information and attribute information of the IP Camera.
9. system according to claim 7, which is characterized in that the determining module includes:
Acquiring unit, for obtaining the object to be measured network segment of user's input;
Port scan unit obtains institute for carrying out port scan to the IP Camera in the object to be measured network segment
State the finger print information of IP Camera;
Determination unit, for according to the finger print information of the IP Camera determine the IP Camera belonging to manufacturer's class
Type.
10. system according to claim 7, which is characterized in that first extraction module includes:
Recording unit, if it is determined that obtaining the IP Camera, there are weak passwurds, then record the network of the IP Camera
Information, wherein the network information includes at least:IP address information, the information of the vendor types, communication protocol letter used
Breath, access port information;
Extraction unit remotely accesses the IP Camera based on the network information, according to the response of the IP Camera
Attribute information described in information extraction, wherein the attribute information includes at least:Type information, assets id information, device name letter
Breath, physical location information, firmware version information, software version information, WEB service version information, mac address information, ONVIF editions
This information, equipment time-zone information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810867467.4A CN108833447B (en) | 2018-08-01 | 2018-08-01 | Network camera weak password detection method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810867467.4A CN108833447B (en) | 2018-08-01 | 2018-08-01 | Network camera weak password detection method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108833447A true CN108833447A (en) | 2018-11-16 |
| CN108833447B CN108833447B (en) | 2021-04-23 |
Family
ID=64153409
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810867467.4A Active CN108833447B (en) | 2018-08-01 | 2018-08-01 | Network camera weak password detection method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108833447B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110505236A (en) * | 2019-09-02 | 2019-11-26 | 杭州安恒信息技术股份有限公司 | The recognition methods and system of digital signage device |
| CN110753027A (en) * | 2019-06-05 | 2020-02-04 | 青岛海信网络科技股份有限公司 | Method and device for verifying weak password of equipment of UPnP protocol |
| CN111641584A (en) * | 2020-04-13 | 2020-09-08 | 国网浙江省电力有限公司杭州供电公司 | Camera weak password monitoring method and device |
| CN112804199A (en) * | 2020-12-30 | 2021-05-14 | 傅昱皓 | Method for discovering weak password of camera based on flow |
| GB2590467A (en) * | 2019-12-19 | 2021-06-30 | Nokia Technologies Oy | Automatic change of password |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100169957A1 (en) * | 2008-12-30 | 2010-07-01 | International Business Machines Corporation | Weak password support in a multi-user environment |
| CN103701629A (en) * | 2013-11-27 | 2014-04-02 | 北京神州泰岳软件股份有限公司 | Weak password analysis method and system |
| CN104580197A (en) * | 2014-12-31 | 2015-04-29 | 北京奇虎科技有限公司 | Code detection method and code detection system |
| CN105184146A (en) * | 2015-06-05 | 2015-12-23 | 北京北信源软件股份有限公司 | Method and system for checking weak password of operating system |
| CN105406976A (en) * | 2014-08-29 | 2016-03-16 | 中国电信股份有限公司 | Weak password checking method and system |
| US9405890B1 (en) * | 2015-11-19 | 2016-08-02 | International Business Machines Corporation | Easy login on wearable device and wearable device applications |
| CN106911665A (en) * | 2016-12-27 | 2017-06-30 | 深圳市安之天信息技术有限公司 | A kind of method and system for recognizing malicious code weak passwurd intrusion behavior |
| CN106934274A (en) * | 2015-12-31 | 2017-07-07 | 中国移动通信集团黑龙江有限公司 | A kind of weak passwurd detection method, apparatus and system |
-
2018
- 2018-08-01 CN CN201810867467.4A patent/CN108833447B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100169957A1 (en) * | 2008-12-30 | 2010-07-01 | International Business Machines Corporation | Weak password support in a multi-user environment |
| CN103701629A (en) * | 2013-11-27 | 2014-04-02 | 北京神州泰岳软件股份有限公司 | Weak password analysis method and system |
| CN105406976A (en) * | 2014-08-29 | 2016-03-16 | 中国电信股份有限公司 | Weak password checking method and system |
| CN104580197A (en) * | 2014-12-31 | 2015-04-29 | 北京奇虎科技有限公司 | Code detection method and code detection system |
| CN105184146A (en) * | 2015-06-05 | 2015-12-23 | 北京北信源软件股份有限公司 | Method and system for checking weak password of operating system |
| US9405890B1 (en) * | 2015-11-19 | 2016-08-02 | International Business Machines Corporation | Easy login on wearable device and wearable device applications |
| CN106934274A (en) * | 2015-12-31 | 2017-07-07 | 中国移动通信集团黑龙江有限公司 | A kind of weak passwurd detection method, apparatus and system |
| CN106911665A (en) * | 2016-12-27 | 2017-06-30 | 深圳市安之天信息技术有限公司 | A kind of method and system for recognizing malicious code weak passwurd intrusion behavior |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110753027A (en) * | 2019-06-05 | 2020-02-04 | 青岛海信网络科技股份有限公司 | Method and device for verifying weak password of equipment of UPnP protocol |
| CN110505236A (en) * | 2019-09-02 | 2019-11-26 | 杭州安恒信息技术股份有限公司 | The recognition methods and system of digital signage device |
| GB2590467A (en) * | 2019-12-19 | 2021-06-30 | Nokia Technologies Oy | Automatic change of password |
| CN111641584A (en) * | 2020-04-13 | 2020-09-08 | 国网浙江省电力有限公司杭州供电公司 | Camera weak password monitoring method and device |
| CN112804199A (en) * | 2020-12-30 | 2021-05-14 | 傅昱皓 | Method for discovering weak password of camera based on flow |
| CN112804199B (en) * | 2020-12-30 | 2023-10-10 | 傅昱皓 | Method for discovering weak password of camera based on flow |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108833447B (en) | 2021-04-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108833447A (en) | A kind of IP Camera weak passwurd detection method and system | |
| US20180075240A1 (en) | Method and device for detecting a suspicious process by analyzing data flow characteristics of a computing device | |
| CN105306445B (en) | The system and method for loophole for detection service device | |
| CN105450614B (en) | A kind of server account logon method, device and system | |
| CN102710770A (en) | Identification method for network access equipment and implementation system for identification method | |
| US9137245B2 (en) | Login method, apparatus, and system | |
| US10210068B2 (en) | Device topology definition system | |
| CN107483510A (en) | A kind of method and device of raising Web application layer attack Detection accuracies | |
| CN110222510A (en) | A kind of leak detection method, device and computer system | |
| CN109450690A (en) | It falls in quick lock in networking the method and apparatus of host | |
| CN107948287B (en) | Medical services authenticity verification methods based on Internet of Things | |
| CN104778587A (en) | Safety payment method and device | |
| CN105429996B (en) | A method of intelligence discovery and positioning address conversion equipment | |
| CN110213284A (en) | Detection method, system and the relevant apparatus of SSH server weak passwurd loophole | |
| CN107580132B (en) | Information sending method, information sending device, storage medium and electronic equipment | |
| CN108923974A (en) | A kind of Internet of Things assets fingerprint identification method and system | |
| CN108028843A (en) | Passive type web application firewalls | |
| CN108521425A (en) | A kind of industry control protocol filtering method and board | |
| CN104333538A (en) | Network device access method | |
| WO2017059778A1 (en) | Method, device and system for detecting shell website | |
| CN110837646A (en) | Risk investigation device of unstructured database | |
| CN113765912A (en) | Distributed firewall device and detection method thereof | |
| CN108282551A (en) | Message identifying processing method, apparatus, audiomonitor and readable storage medium storing program for executing | |
| CN108566380B (en) | Proxy internet surfing behavior identification and detection method | |
| US20220327221A1 (en) | Techniques for detecting exploitation of medical device vulnerabilities |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: No. 188, Lianhui street, Xixing street, Binjiang District, Hangzhou, Zhejiang Province, 310000 Applicant after: Hangzhou Anheng Information Technology Co.,Ltd. Address before: 310000 15-storey Zhejiang Zhongcai Building, No. 68 Tonghe Road, Binjiang District, Hangzhou City, Zhejiang Province Applicant before: Hangzhou Anheng Information Technology Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |