Updated: Jan 28
Welcome back, my aspiring camera hackers!
As you know, at the beginning of the Russian invasion of Ukraine, the Ukrainian Army asked for our assistance to hack IP cameras across Ukraine. This was intended provide surveillance to the Ukraine military and intelligence on Russian troop movements and later to record war crimes. You can read more about it here.
Faced with this urgent task, we went about it strategically and methodically. The first thing we did was to locate the cameras using such Open Source Intelligence (OSINT) tools as Google, Shodan, and Censys. Once we located the cameras, the next step was to attempt to hack into them using default usernames and passwords. It makes little sense to engage a lot of time and resources into hacking a system if it is still using these default credentials.
Always start with the simplest solution first!
Maybe not surprisingly, this method was successful in a very large number of cases.
To assist you in your efforts to access these cameras, we have published our default camera username and passwords for the major camera manufacturers.
For more on IP Camera Hacking, see Master OTW and David Bombal discussing this subject here on YouTube.
Also, to learn more advanced techniques for IP Camera Hacking, you can purchase this course in our online store here.