CN110730442A - Camera equipment discovering and countering system and method based on wifi monitoring and controlling equipment - Google Patents
Camera equipment discovering and countering system and method based on wifi monitoring and controlling equipment Download PDFInfo
- Publication number
- CN110730442A CN110730442A CN201911018102.5A CN201911018102A CN110730442A CN 110730442 A CN110730442 A CN 110730442A CN 201911018102 A CN201911018102 A CN 201911018102A CN 110730442 A CN110730442 A CN 110730442A
- Authority
- CN
- China
- Prior art keywords
- module
- wifi
- camera
- target
- wireless
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/005—Discovery of network devices, e.g. terminals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/30—Security of mobile devices; Security of mobile applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/63—Location-dependent; Proximity-dependent
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Databases & Information Systems (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a camera equipment discovering and countering system and method based on wifi monitoring equipment, relating to the field of wifi monitoring equipment and comprising the following steps: the main control module is used for controlling the internal module of the equipment and sending and receiving commands; the signal scanning module is used for scanning a signal for finding a target WIFI route, scanning an MAC address of network equipment under the WIFI route, confirming a source MAC address and a target MAC address, and then classifying terminal equipment under the WIFI route; and the wireless frequency band suppression module is used for completing the suppression attack of aiming signals of the target WIFI route or the target terminal equipment, so that the target terminal equipment and the WIFI route can not be normally connected. According to the invention, the normal connection of WIFI signals is blocked by adopting an infiltration network access technology or a reverse control technology, the acquisition of relevant information of a mobile terminal can be realized, the signal interference and suppression of a specified WiFi SSID route, the interception of a user network flow data packet, the analysis of network data, the control of a specified camera, the functions of reverse control, video data tampering and the like are realized.
Description
Technical Field
The invention relates to the field of wifi monitoring equipment, in particular to a camera equipment discovering and countering system and method based on wifi monitoring equipment.
Background
With the increasing demand of network technology and mobile phone users on wireless communication, more and more wireless communication protocols appear, the situation that global WiFi equipment is rapidly increased is directly driven, WiFi is used as a technology for short-distance wireless transmission in the internet era, the WiFi is paid attention to all circles with unique advantages, China has become the market with the largest demand of WiFi according to the data display of a WiFi alliance, the permeability of WiFi in China reaches 21.8%, 2016, 1.1 hundred million WiFi families are newly added in China and account for 31% of the total amount of WiFi families in the world, the coverage range of WiFi is applied under the condition that the WiFi alliance is expanded to regional environments such as high-grade hotels, luxury residential areas, airports and coffee shops, and the statistical result in 2008 shows that the public places with wireless network signals of each city are ranked in turn: hotels, resorts, restaurants, cafes, shopping centers, and bars.
With the increasing popularization of monitoring systems in commercial and civil use, wireless monitoring cameras are widely applied to various fields and are used for social security and driving protection, but due to the weak security awareness of netizens, the intelligent equipment has the potential safety risk of being attacked by hackers because the intelligent equipment is logged in by using weak passwords such as initial passwords and the like.
Disclosure of Invention
The invention aims to: in order to solve the problem that due to weak security consciousness of netizens, the intelligent equipment has potential safety risk hazards of being attacked by hackers because of login by using weak passwords such as initial passwords and the like, the camera equipment discovering and countering system and method based on the wifi monitoring and controlling equipment are provided.
In order to achieve the purpose, the invention provides the following technical scheme: a wifi surveillance device, comprising:
the main control module is used for controlling the internal module of the equipment and sending and receiving commands;
the signal scanning module is used for scanning a signal for finding a target WIFI route, scanning an MAC address of network equipment under the WIFI route, confirming a source MAC address and a target MAC address, and then classifying terminal equipment under the WIFI route;
the wireless frequency band suppression module is used for completing suppression attack on the target WIFI route or the aiming signal of the target terminal equipment, so that the target terminal equipment and the WIFI route cannot be normally connected;
the standard WIFI routing module performs dial-up networking by utilizing the WCDMA, TD-SCDMA and other networks provided by the operator 2G/3G/4G/5G module, so that wireless signals can be provided for terminal equipment by utilizing the 2.4G/5.8G wireless module, and the terminal equipment can realize data transmission, Internet surfing and the like;
the data storage module is used for system operation and program and data storage and comprises a flash memory and an ram memory, wherein the ram memory is used as a system operation place, and the flash memory is used for program and data storage;
the GPS module is used for carrying out high-frequency and high-precision positioning under the condition of wireless network signals, providing a coordinate system, namely longitude and latitude of a geographic position, and sending positioning information to the main control processor module;
the Ethernet module is used for providing an uplink data channel and a local management network port;
the 2G/3G/4G/5G module is used for providing an uplink data channel;
the 2.4G/5.8G wireless module is used for wirelessly covering data or wirelessly capturing packets, acquiring a link establishment handshake packet in a signal coverage range and storing the link establishment handshake packet in the data storage module;
and the power supply module is used for supplying voltage to all the modules.
Preferably, the main control module is respectively connected with the signal scanning module, the wireless frequency band suppression module, the standard wifi routing module and the data storage module, the GPS module, the Ethernet module, the 2G/3G/4G/5G module and the 2.4G/5.8G wireless module, and the power supply module is respectively connected with the main control module, the signal scanning module, the wireless frequency band suppression module, the standard wifi routing module, the data storage module, the GPS module, the Ethernet module, the 2G/3G/4G/5G module and the 2.4G/5.8G wireless module.
Preferably, the signal scanning module is composed of a directional antenna and an omnidirectional antenna, the omnidirectional antenna shows uniform radiation at 360 degrees on a horizontal directional diagram, has no directivity, shows a beam with a certain width on a vertical directional diagram, generally, the smaller the lobe width is, the larger the gain is, the larger the coverage range is, the directional antenna is especially strong for transmitting and receiving electromagnetic waves in a certain specific direction or specific directions, and the zero or minimum for transmitting and receiving electromagnetic waves in other directions, so that the effective utilization rate of radiation power can be increased, the confidentiality is increased, the signal intensity is enhanced, and the anti-interference capability is increased.
Preferably, the camera device discovery and reaction system includes:
the camera management module is used for managing parameters such as an IP address, a port number, an account number and a password of the camera;
the scanning classification module is used for scanning all equipment IP addresses and MAC addresses in a local area network, classifying and displaying all scanned terminal equipment and discovering the camera equipment;
the encryption mechanism cracking module is used for quickly analyzing and cracking the encryption and decryption mechanisms and can be realized by a cluster mixed heterogeneous processing architecture, a distributed processing architecture, a single-machine local processing architecture and the like;
the password library management module is used for increasing, decreasing or modifying the password library;
the camera attack module is used for attacking the camera with the specified IP, MAC address and port number to disconnect the camera from the wireless router;
the video replacement module is used for modifying all parameters of the pseudo camera to be completely the same as parameters of the target camera, and performing camera counterfeiting to enable the target NVR display terminal equipment to display a picture shot by the pseudo camera;
and the video recovery module is used for restoring and configuring all parameters of the pseudo camera and the original target camera, so that the target NVR display terminal equipment displays the picture shot by the original target camera.
Preferably, the camera management module is respectively connected with the IP address scanning module, the encryption mechanism cracking module, the camera attack module, and the video replacement module, the encryption mechanism cracking module is connected with the password library management module, and the video replacement module is connected with the video recovery module.
Preferably, the camera device discovery and method based on the wifi surveillance device includes the following steps:
the method comprises the following steps: using a device discovery and control system based on wifi signals to scan the MAC address of the network device and perform GPS positioning;
step two: acquiring a wifi password;
step three: the camera finds and countermeasures;
step four: pressing the WiFi equipment;
step five: target network hijacking;
step six: and (6) auditing the intranet.
Preferably, the SSID and the MAC address of the WiFi route in the coverage area of the scanning signal, and the MAC address and the signal strength of the terminal device are scanned, the terminal device is classified, the terminal brand is determined, all wireless signals are positioned at high frequency and high precision, and a link establishment relationship between the route and the terminal device is analyzed through a relationship between a source MAC address and a target MAC address to lock a related target route.
Preferably, the WIFI passwords are obtained by the following methods:
known key (one): directly entering the next step when the service set identification and the WIFI password are known; the WIFI router can also be directly connected with the WIFI router, and the types of all wireless and wired devices with the link relation of the WIFI router can be obtained;
(II) master key tool: the device discovery and countercheck system based on the WIFI signal is preset with a WIFI key cracking tool (a master key), a cracked key is connected into the wireless access point, and the types of all wireless and wired devices which are in connection with the wireless access point can be obtained;
(III) cracking the key: the method is divided into two steps, wherein the first step is to grab the handshake package, the second step is to crack the secret key, and the grabbing of the handshake package has two modes, namely, a first mode: when the new terminal equipment is connected with the WIFI route, the WIFI route and the key equipment are authenticated, and at the moment, the handshake packet is captured; the second method comprises the following steps: attacking the terminal equipment by using an attack mode to drop the terminal equipment, authenticating the WIFI route and the terminal when the equipment reconnects the WIFI route, and capturing a handshake packet at the moment; there are two ways to obtain the key, one way is: local cracking, namely, after converting the format of the handshake packet file, cracking the handshake packet file in a password dictionary mode, wherein the dictionary source is a password acquired by universal actual combat collection and an intelligent password formed by an encryption habit; the second method comprises the following steps: remote cracking needs to lead out a handshake package from a background storage path in a USB mode, convert the format of a handshake package file and then transmit the handshake package file to a remote cracking platform, and crack the handshake package file in a mode of combining a password dictionary mode and a brute force cracking mode, wherein the brute force cracking mode refers to that full-space password inquiry is carried out within a certain bit width range under a certain character set rule.
Preferably, the camera finds and reacts:
①, accessing the camera discovery and control system into a WIFI route based on the WIFI password cracked by the WIFI monitoring device, scanning all device IP addresses and MAC addresses in the local area network by the camera discovery and control system, performing classified display on all scanned terminal devices, and discovering the camera devices;
② the encryption mechanism cracking module calls the password library file to rapidly analyze and crack the encryption and decryption mechanism through the scanned IP address of the camera, and guesses the account and password of the corresponding IP address of the camera;
③ attacking the camera with assigned IP, MAC address and port number to disconnect the camera from the wireless router and prevent normal transmission of video data;
④ video replacement includes three realization modes, mainly divided into intrusion mode, direct operation mode, indirect operation mode, mode one, the intrusion mode is mainly to utilize camera standard protocol leak, utilize account number, password of the camera IP address obtained to enter into the monitoring network, achieve the purpose of modifying the monitoring video picture by transmitting the virtual data stream to the monitoring video acquisition end;
⑤ restoring all parameter configurations of the pseudo camera and the original target camera, and enabling the target NVR display terminal equipment to resume displaying pictures shot by the original target camera.
Preferably, the WiFi device suppresses: the terminal equipment under the target WiFi equipment is disconnected with the AP by pressing the appointed IP and MAC addresses, and the frequency point and the terminal equipment under the network segment cannot be normally connected and communicated by pressing the appointed frequency point and the whole network segment; target network hijacking: the device discovery and countercheck system based on the WiFi signal attacks the specified IP and MAC address to disconnect the target network from the terminal device, and changes the wireless name and the wireless password of the device discovery and countercheck system based on the WiFi signal into the wireless name and the wireless password which are completely the same as the target WiFi route to forge the WiFi device, so that the terminal device under the target network is adsorbed on the forged WiFi device; auditing the inner network: after the device discovery and counter-control system based on the WiFi signal forges the AP to enter the target network, the terminal device under the target network is adsorbed to the forged WiFi device, and network information generated by the terminal device under the target network is audited, so that all specific information (device types and the like) of all terminal devices and the internet access behavior of the user are acquired.
Compared with the prior art, the invention has the beneficial effects that: the invention provides a camera equipment discovering and countering system and method based on WIFI monitoring equipment, which can block the normal connection of a WIFI signal by WIFI signal discovery and adopting an infiltration network access technology or a countering technology, can realize the acquisition of relevant information (including a mobile phone number, an MAC address, position information and the like) of a mobile terminal, interfere and suppress signals of a specified WiFi SSID route, intercept a user network flow data packet, analyze network data, control a specified camera, and realize countering, tampering video data and other functions.
Drawings
FIG. 1 is a flow chart of a wifi monitoring device system of the present invention;
fig. 2 is a flow chart of the camera device discovery and reaction system of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1-2, a wifi detecting and controlling device includes:
the main control module is used for controlling the internal module of the equipment and sending and receiving commands;
the signal scanning module is used for scanning a signal for finding a target WIFI route, scanning an MAC address of network equipment under the WIFI route, confirming a source MAC address and a target MAC address, and then classifying terminal equipment under the WIFI route;
the wireless frequency band suppression module is used for completing suppression attack on the target WIFI route or the aiming signal of the target terminal equipment, so that the target terminal equipment and the WIFI route cannot be normally connected;
the standard WIFI routing module performs dial-up networking by utilizing the WCDMA, TD-SCDMA and other networks provided by the operator 2G/3G/4G/5G module, so that wireless signals can be provided for terminal equipment by utilizing the 2.4G/5.8G wireless module, and the terminal equipment can realize data transmission, Internet surfing and the like;
the data storage module is used for system operation and program and data storage and comprises a flash memory and an ram memory, wherein the ram memory is used as a system operation place, and the flash memory is used for program and data storage;
the GPS module is used for carrying out high-frequency and high-precision positioning under the condition of wireless network signals, providing a coordinate system, namely longitude and latitude of a geographic position, and sending positioning information to the main control processor module;
the Ethernet module is used for providing an uplink data channel and a local management network port;
the 2G/3G/4G/5G module is used for providing an uplink data channel;
the 2.4G/5.8G wireless module is used for wirelessly covering data or wirelessly capturing packets, acquiring a link establishment handshake packet in a signal coverage range and storing the link establishment handshake packet in the data storage module;
and the power supply module is used for supplying voltage to all the modules.
According to the invention, normal connection of WIFI signals is blocked by WIFI signal discovery and adopting an infiltration network access technology or a reverse system technology, so that acquisition of relevant information (including mobile phone numbers, MAC addresses, position information and the like) of a mobile terminal can be realized, signal interference and suppression of a specified WiFiSSID route, user network traffic data packets are intercepted, network data analysis is carried out, a specified camera is controlled, and functions of reverse system, video data tampering and the like are realized.
Please refer to fig. 1, the main control module is respectively connected to the signal scanning module, the wireless frequency band suppression module, the standard wifi routing module, the data storage module, the GPS module, the ethernet module, the 2G/3G/4G/5G module, and the 2.4G/5.8G wireless module, and the power module is respectively connected to the main control module, the signal scanning module, the wireless frequency band suppression module, the standard wifi routing module, the data storage module, the GPS module, the ethernet module, the 2G/3G/4G/5G module, and the 2.4G/5.8G wireless module, where the connection includes electrical connection and wireless connection.
Referring to fig. 1, the signal scanning module is composed of a directional antenna and an omnidirectional antenna, the omnidirectional antenna shows a 360 ° uniform radiation on a horizontal directional pattern, no directivity, the vertical directional diagram shows a beam with a certain width, generally, the smaller the lobe width, the larger the gain, the larger the coverage area, the directional antenna is especially strong in transmitting and receiving electromagnetic waves in a certain or a plurality of specific directions, the electromagnetic wave transmitted and received in other directions is zero or very small, the use of directional antenna can increase the effective utilization rate of radiation power, increase security, enhance signal strength and anti-interference capability, the directional antenna can inhibit backward signal, this feature is useful when the cell can potentially interfere with cells behind it, it is also worth mentioning that directional antennas can improve indoor coverage in certain buildings within the coverage area of the microcells.
Referring to fig. 2, the camera device discovery and countermeasure system includes:
the camera management module is used for managing parameters such as an IP address, a port number, an account number and a password of the camera;
the scanning classification module is used for scanning all equipment IP addresses and MAC addresses in a local area network, classifying and displaying all scanned terminal equipment and discovering the camera equipment;
the encryption mechanism cracking module is used for quickly analyzing and cracking the encryption and decryption mechanisms and can be realized by a cluster mixed heterogeneous processing architecture, a distributed processing architecture, a single-machine local processing architecture and the like;
the password library management module is used for increasing, decreasing or modifying the password library;
the camera attack module is used for attacking the camera with the specified IP, MAC address and port number to disconnect the camera from the wireless router;
the video replacement module is used for modifying all parameters of the pseudo camera to be completely the same as parameters of the target camera, and performing camera counterfeiting to enable the target NVR display terminal equipment to display a picture shot by the pseudo camera;
and the video recovery module is used for restoring and configuring all parameters of the pseudo camera and the original target camera, so that the target NVR display terminal equipment displays the picture shot by the original target camera.
The method can realize the acquisition of relevant information (including mobile phone numbers, MAC addresses, position information and the like) of the mobile terminal, the interference and suppression of signals of a specified WiFi SSID route, the interception of a user network flow data packet, the analysis of network data, the control of a specified camera, the realization of the functions of resisting and tampering video data and the like.
Please refer to fig. 2, the camera management module is connected to the IP address scanning module, the encryption mechanism cracking module, the camera attack module, and the video replacement module, the encryption mechanism cracking module is connected to the password library management module, and the video replacement module is connected to the video recovery module, where the connection may be an electrical connection or a wireless connection.
Please refer to fig. 1 and fig. 2, the method for discovering the camera device based on the wifi monitoring device includes the following steps:
the method comprises the following steps: using a device discovery and control system based on wifi signals to scan the MAC address of the network device and perform GPS positioning;
step two: acquiring a wifi password;
step three: the camera finds and countermeasures;
step four: pressing the WiFi equipment;
step five: target network hijacking;
step six: and (6) auditing the intranet.
The anti-system of the camera comprises a camera management module, a scanning classification module, an encryption mechanism cracking module, a password library management module, a camera attack module, a video replacement module and a video recovery module, and the anti-system and the anti-tampering video data functions are realized.
Please refer to fig. 1 and fig. 2, scan SSID and MAC address of WiFi route in signal coverage, and MAC address and signal strength of terminal device, classify the terminal device, determine terminal brand, and perform high-frequency and high-precision positioning on all wireless signals, analyze link establishment relationship between the route and the terminal device through the relationship between source MAC address and target MAC address, lock related target route, interfere and suppress signal of specified WiFi SSID route, intercept user network traffic data packet, analyze network data, control specified camera, and implement functions such as anti-jamming and tampering video data.
Please refer to fig. 1 and fig. 2, the WIFI passwords may be obtained by the following methods:
known key (one): directly entering the next step when the service set identification and the WIFI password are known; the WIFI router can also be directly connected with the WIFI router, and the types of all wireless and wired devices with the link relation of the WIFI router can be obtained;
(II) master key tool: the device discovery and countercheck system based on the WIFI signal is preset with a WIFI key cracking tool (a master key), a cracked key is connected into the wireless access point, and the types of all wireless and wired devices which are in connection with the wireless access point can be obtained;
(III) cracking the key: the method is divided into two steps, wherein the first step is to grab the handshake package, the second step is to crack the secret key, and the grabbing of the handshake package has two modes, namely, a first mode: when the new terminal equipment is connected with the WIFI route, the WIFI route and the key equipment are authenticated, and at the moment, the handshake packet is captured; the second method comprises the following steps: attacking the terminal equipment by using an attack mode to drop the terminal equipment, authenticating the WIFI route and the terminal when the equipment reconnects the WIFI route, and capturing a handshake packet at the moment; there are two ways to obtain the key, one way is: local cracking, namely, after converting the format of the handshake packet file, cracking the handshake packet file in a password dictionary mode, wherein the dictionary source is a password acquired by universal actual combat collection and an intelligent password formed by an encryption habit; the second method comprises the following steps: remote cracking needs to lead out a handshake package from a background storage path in a USB mode, convert the format of a handshake package file and then transmit the handshake package file to a remote cracking platform, and crack the handshake package file in a mode of combining a password dictionary mode and a brute force cracking mode, wherein the brute force cracking mode refers to that full-space password inquiry is carried out in a certain bit width range under a certain character set rule, and in addition, cracking is carried out through a dictionary, BT, CdLinux and PIN.
Please refer to fig. 1 and 2, the camera finds and counteracts:
①, accessing the camera discovery and control system into a WIFI route based on the WIFI password cracked by the WIFI monitoring device, scanning all device IP addresses and MAC addresses in the local area network by the camera discovery and control system, performing classified display on all scanned terminal devices, and discovering the camera devices;
② the encryption mechanism cracking module calls the password library file to rapidly analyze and crack the encryption and decryption mechanism through the scanned IP address of the camera, and guesses the account and password of the corresponding IP address of the camera;
③ attacking the camera with assigned IP, MAC address and port number to disconnect the camera from the wireless router and prevent normal transmission of video data;
④ video replacement includes three realization modes, mainly divided into intrusion mode, direct operation mode, indirect operation mode, mode one, the intrusion mode is mainly to utilize camera standard protocol leak, utilize account number, password of the camera IP address obtained to enter into the monitoring network, achieve the purpose of modifying the monitoring video picture by transmitting the virtual data stream to the monitoring video acquisition end;
⑤ restoring all parameter configurations of the pseudo camera and the original target camera, and enabling the target NVR display terminal equipment to resume displaying pictures shot by the original target camera, wherein the purpose of forging and tampering videos is to protect privacy.
Please refer to fig. 1 and 2, the WiFi device suppresses: the terminal equipment under the target WiFi equipment is disconnected with the AP by pressing the appointed IP and MAC addresses, and the frequency point and the terminal equipment under the network segment cannot be normally connected and communicated by pressing the appointed frequency point and the whole network segment; target network hijacking: the device discovery and countercheck system based on the WiFi signal attacks the specified IP and MAC address to disconnect the target network from the terminal device, and changes the wireless name and the wireless password of the device discovery and countercheck system based on the WiFi signal into the wireless name and the wireless password which are completely the same as the target WiFi route to forge the WiFi device, so that the terminal device under the target network is adsorbed on the forged WiFi device; auditing the inner network: after the device discovery and countercheck system based on the WiFi signal forges the AP to enter the target network, the terminal device under the target network is adsorbed to the forged WiFi device, and network information generated by the terminal device under the target network is audited, so that all specific information (device types and the like) of all the terminal devices and internet access behaviors of users are acquired, acquisition of relevant information of a mobile terminal is performed, and signal interference and suppression of an appointed WiFi SSID route are performed.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned.
Claims (10)
1. A wifi reconnaissance device, comprising:
the main control module is used for controlling the internal module of the equipment and sending and receiving commands;
the signal scanning module is used for scanning a signal for finding a target WIFI route, scanning an MAC address of network equipment under the WIFI route, confirming a source MAC address and a target MAC address, and then classifying terminal equipment under the WIFI route;
the wireless frequency band suppression module is used for completing suppression attack on the target WIFI route or the aiming signal of the target terminal equipment, so that the target terminal equipment and the WIFI route cannot be normally connected;
the standard WIFI routing module performs dial-up networking by utilizing the WCDMA, TD-SCDMA and other networks provided by the operator 2G/3G/4G/5G module, so that wireless signals can be provided for terminal equipment by utilizing the 2.4G/5.8G wireless module, and the terminal equipment can realize data transmission, Internet surfing and the like;
the data storage module is used for system operation and program and data storage and comprises a flash memory and an ram memory, wherein the ram memory is used as a system operation place, and the flash memory is used for program and data storage;
the GPS module is used for carrying out high-frequency and high-precision positioning under the condition of wireless network signals, providing a coordinate system, namely longitude and latitude of a geographic position, and sending positioning information to the main control processor module;
the Ethernet module is used for providing an uplink data channel and a local management network port;
the 2G/3G/4G/5G module is used for providing an uplink data channel;
the 2.4G/5.8G wireless module is used for wirelessly covering data or wirelessly capturing packets, acquiring a link establishment handshake packet in a signal coverage range and storing the link establishment handshake packet in the data storage module;
and the power supply module is used for supplying voltage to all the modules.
2. The wifi surveillance device according to claim 1, characterized in that: the main control module respectively with signal scanning module, wireless frequency range suppression module, standard wifi route module, data storage module, GPS module, ethernet module, 2G 3G 4G 5G module, 2.4G 5.8G wireless module are connected, and power module is connected with main control module, signal scanning module, wireless frequency range suppression module, standard wifi route module, data storage module, GPS module, ethernet module, 2G 3G 4G 5G module and 2.4G 5.8G wireless module respectively.
3. The wifi surveillance device according to claim 1, characterized in that: the signal scanning module consists of a directional antenna and an omnidirectional antenna, the omnidirectional antenna uniformly radiates at 360 degrees on a horizontal directional diagram and has no directivity, a beam with a certain width is shown on a vertical directional diagram, generally, the smaller the lobe width, the larger the gain and the larger the coverage area, the electromagnetic wave transmitted and received by the directional antenna in a certain specific direction or specific directions is particularly strong, and the electromagnetic wave transmitted and received in other directions is zero or extremely small, so that the effective utilization rate of radiation power can be increased, the confidentiality is increased, the signal intensity is enhanced, and the anti-interference capability is increased.
4. Camera equipment discovers and counter-system, its characterized in that includes:
the camera management module is used for managing parameters such as an IP address, a port number, an account number and a password of the camera;
the scanning classification module is used for scanning all equipment IP addresses and MAC addresses in a local area network, classifying and displaying all scanned terminal equipment and discovering the camera equipment;
the encryption mechanism cracking module is used for quickly analyzing and cracking the encryption and decryption mechanisms and can be realized by a cluster mixed heterogeneous processing architecture, a distributed processing architecture, a single-machine local processing architecture and the like;
the password library management module is used for increasing, decreasing or modifying the password library;
the camera attack module is used for attacking the camera with the specified IP, MAC address and port number to disconnect the camera from the wireless router;
the video replacement module is used for modifying all parameters of the pseudo camera to be completely the same as parameters of the target camera, and performing camera counterfeiting to enable the target NVR display terminal equipment to display a picture shot by the pseudo camera;
and the video recovery module is used for restoring and configuring all parameters of the pseudo camera and the original target camera, so that the target NVR display terminal equipment displays the picture shot by the original target camera.
5. The camera device discovery and reaction system of claim 4, wherein: the camera management module is respectively connected with the IP address scanning module, the encryption mechanism cracking module, the camera attacking module and the video replacing module, the encryption mechanism cracking module is connected with the password bank management module, and the video replacing module is connected with the video restoring module.
6. A camera device discovery and method based on wifi monitoring and control devices is characterized by comprising the following steps:
the method comprises the following steps: using a device discovery and control system based on wifi signals to scan the MAC address of the network device and perform GPS positioning;
step two: acquiring a wifi password;
step three: the camera finds and countermeasures;
step four: pressing the WiFi equipment;
step five: target network hijacking;
step six: and (6) auditing the intranet.
7. The wifi detection and control device based camera device discovering and countering method according to claim 6, characterized in that: and scanning SSID and MAC addresses of the WiFi routes in the signal coverage range and MAC addresses and signal strength of the terminal equipment, classifying the terminal equipment, determining terminal brands, positioning all wireless signals at high frequency and high precision, analyzing a link establishment relation between the routes and the terminal equipment according to the relation between the source MAC address and the target MAC address, and locking related target routes.
8. The wifi detection and control device based camera device discovering and countering method according to claim 6, characterized in that: the WIFI password acquisition methods include the following methods:
known key (one): directly entering the next step when the service set identification and the WIFI password are known; the WIFI router can also be directly connected with the WIFI router, and the types of all wireless and wired devices with the link relation of the WIFI router can be obtained;
(II) master key tool: the device discovery and countercheck system based on the WIFI signal is preset with a WIFI key cracking tool (a master key), a cracked key is connected into the wireless access point, and the types of all wireless and wired devices which are in connection with the wireless access point can be obtained;
(III) cracking the key: the method is divided into two steps, wherein the first step is to grab the handshake package, the second step is to crack the secret key, and the grabbing of the handshake package has two modes, namely, a first mode: when the new terminal equipment is connected with the WIFI route, the WIFI route and the key equipment are authenticated, and at the moment, the handshake packet is captured; the second method comprises the following steps: attacking the terminal equipment by using an attack mode to drop the terminal equipment, authenticating the WIFI route and the terminal when the equipment reconnects the WIFI route, and capturing a handshake packet at the moment; there are two ways to obtain the key, one way is: local cracking, namely, after converting the format of the handshake packet file, cracking the handshake packet file in a password dictionary mode, wherein the dictionary source is a password acquired by universal actual combat collection and an intelligent password formed by an encryption habit; the second method comprises the following steps: remote cracking needs to lead out a handshake package from a background storage path in a USB mode, convert the format of a handshake package file and then transmit the handshake package file to a remote cracking platform, and crack the handshake package file in a mode of combining a password dictionary mode and a brute force cracking mode, wherein the brute force cracking mode refers to that full-space password inquiry is carried out within a certain bit width range under a certain character set rule.
9. The wifi detection and control device based camera device discovering and countering method according to claim 6, characterized in that: the camera finds and reacts:
①, accessing the camera discovery and control system into a WIFI route based on the WIFI password cracked by the WIFI monitoring device, scanning all device IP addresses and MAC addresses in the local area network by the camera discovery and control system, performing classified display on all scanned terminal devices, and discovering the camera devices;
② the encryption mechanism cracking module calls the password library file to rapidly analyze and crack the encryption and decryption mechanism through the scanned IP address of the camera, and guesses the account and password of the corresponding IP address of the camera;
③ attacking the camera with assigned IP, MAC address and port number to disconnect the camera from the wireless router and prevent normal transmission of video data;
④ video replacement includes three realization modes, mainly divided into intrusion mode, direct operation mode, indirect operation mode, mode one, the intrusion mode is mainly to utilize camera standard protocol leak, utilize account number, password of the camera IP address obtained to enter into the monitoring network, achieve the purpose of modifying the monitoring video picture by transmitting the virtual data stream to the monitoring video acquisition end;
⑤ restoring all parameter configurations of the pseudo camera and the original target camera, and enabling the target NVR display terminal equipment to resume displaying pictures shot by the original target camera.
10. The wifi detection and control device based camera device discovering and countering method according to claim 6, characterized in that: and pressing the WiFi equipment: the terminal equipment under the target WiFi equipment is disconnected with the AP by pressing the appointed IP and MAC addresses, and the frequency point and the terminal equipment under the network segment cannot be normally connected and communicated by pressing the appointed frequency point and the whole network segment; target network hijacking: the device discovery and countercheck system based on the WiFi signal attacks the specified IP and MAC address to disconnect the target network from the terminal device, and changes the wireless name and the wireless password of the device discovery and countercheck system based on the WiFi signal into the wireless name and the wireless password which are completely the same as the target WiFi route to forge the WiFi device, so that the terminal device under the target network is adsorbed on the forged WiFi device; auditing the inner network: after the device discovery and counter-control system based on the WiFi signal forges the AP to enter the target network, the terminal device under the target network is adsorbed to the forged WiFi device, and network information generated by the terminal device under the target network is audited, so that all specific information (device types and the like) of all terminal devices and the internet access behavior of the user are acquired.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911018102.5A CN110730442A (en) | 2019-10-24 | 2019-10-24 | Camera equipment discovering and countering system and method based on wifi monitoring and controlling equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911018102.5A CN110730442A (en) | 2019-10-24 | 2019-10-24 | Camera equipment discovering and countering system and method based on wifi monitoring and controlling equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110730442A true CN110730442A (en) | 2020-01-24 |
Family
ID=69223092
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911018102.5A Pending CN110730442A (en) | 2019-10-24 | 2019-10-24 | Camera equipment discovering and countering system and method based on wifi monitoring and controlling equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110730442A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111917975A (en) * | 2020-07-06 | 2020-11-10 | 成都深思科技有限公司 | Concealed network camera identification method based on network communication data |
| CN113055929A (en) * | 2021-02-26 | 2021-06-29 | 浙江大华技术股份有限公司 | Network hard disk video recorder and video transmission system |
| WO2022083343A1 (en) * | 2020-10-22 | 2022-04-28 | 华为技术有限公司 | Method for detecting video monitoring device, and electronic device |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106792877A (en) * | 2016-12-27 | 2017-05-31 | 无锡十月中宸科技有限公司 | Information capture system and wifi camouflage methods based on wifi route signals |
-
2019
- 2019-10-24 CN CN201911018102.5A patent/CN110730442A/en active Pending
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106792877A (en) * | 2016-12-27 | 2017-05-31 | 无锡十月中宸科技有限公司 | Information capture system and wifi camouflage methods based on wifi route signals |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111917975A (en) * | 2020-07-06 | 2020-11-10 | 成都深思科技有限公司 | Concealed network camera identification method based on network communication data |
| CN111917975B (en) * | 2020-07-06 | 2021-11-02 | 成都深思科技有限公司 | Concealed network camera identification method based on network communication data |
| WO2022083343A1 (en) * | 2020-10-22 | 2022-04-28 | 华为技术有限公司 | Method for detecting video monitoring device, and electronic device |
| CN114466084A (en) * | 2020-10-22 | 2022-05-10 | 华为技术有限公司 | Method and electronic device for detecting video monitoring device |
| CN113055929A (en) * | 2021-02-26 | 2021-06-29 | 浙江大华技术股份有限公司 | Network hard disk video recorder and video transmission system |
| CN113055929B (en) * | 2021-02-26 | 2023-04-07 | 浙江大华技术股份有限公司 | Network hard disk video recorder and video transmission system under household wireless network |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8789191B2 (en) | Automated sniffer apparatus and method for monitoring computer systems for unauthorized access | |
| US7216365B2 (en) | Automated sniffer apparatus and method for wireless local area network security | |
| US7856656B1 (en) | Method and system for detecting masquerading wireless devices in local area computer networks | |
| US7970894B1 (en) | Method and system for monitoring of wireless devices in local area computer networks | |
| Lim et al. | Wireless intrusion detection and response | |
| CN110730442A (en) | Camera equipment discovering and countering system and method based on wifi monitoring and controlling equipment | |
| EP1709824B1 (en) | Method and system for monitoring a selected region of an airspace associated with local area networks of computing devices | |
| US7316031B2 (en) | System and method for remotely monitoring wireless networks | |
| US10284373B2 (en) | Smart grid secure communications method and apparatus | |
| CN101277231B (en) | Method and system for detecting wireless access points, switch and client terminal | |
| CN103701825A (en) | Security testing system oriented to mobile intelligent terminal IPv6 protocol and application of protocol | |
| CN105681272A (en) | Method for detecting and defensing fishing WiFi of mobile terminal | |
| CN110213761B (en) | Multi-model pseudo AP detection method and detection device based on bidirectional SYN reflection | |
| Wang et al. | Integration of SDR and UAS for malicious Wi-Fi hotspots detection | |
| Mateti | Hacking techniques in wireless networks | |
| CN110636490A (en) | WIFI signal discovery and countercheck equipment and system and method based on equipment | |
| US20140245441A1 (en) | Apparatus for analyzing vulnerability of wireless local area network | |
| Patel et al. | Taxonomy and future threat of rogue access point for wireless network | |
| KR20220100281A (en) | Method and system to take over control of unmanned vehicle | |
| Lu | A position self-adaptive method to detect fake access points | |
| Issac et al. | The art of war driving and security threats-a Malaysian case study | |
| Patel et al. | Rogue access point: The WLAN threat | |
| Miao et al. | security analysis of UaV wireless Communication Based on airsim | |
| CANSIAN et al. | Wireless Lack of Security: A Case Study Surveying the Access Point Misconfiguration Problem at São Paulo City | |
| Karanth et al. | Monitoring of Wireless Networks for Intrusions and Attacks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200124 |