Hello all.
I thought I’d tell you a little about a side-project I’ve been working on, now that it is starting to take shape. It is still far from complete but I thought I’d share its development with 0x00sec.
We all know that the mythical Internet Of Things has been on the rise and that people make all kinds of interesting things publically addressable. Security cameras are one of them and for several years I have been wanting to write something that does the heavy lifting of finding them, places them on a map and if possible, streams them.
The technology stack
There were a couple of things I wanted when I started building this:
- The program should be able to run locally, rather than as a webservice.
- It should run on both Windows and Linux.
- Should be extensible, as we aren’t looking at a static environment.
For portability, Watcher is written in C++11. As there is a limit to how much of the wheel I’m willing to re-invent, SDL (Simple DirectMedia Layer) provides cross-platform window creation, OpenGL initialisation, input handling and a few other things. Layering on top of SDL and OpenGL, ImGui is used to create the user interface while keeping the bloat low. For data management, SQLite handles storing and retrieving data from a database local to the program, which requires no “real” database service to have to be installed. The much beloved cURL is used to interact with HTTP servers and finally, a JSON library serialises configuration files (such as rule sets) and messages between individual plugins.
Further building up on this, the map is built using tiles from a remote server: currently Stamen, but most tile servers which used the same specification as OpenStreetMap can be used.
Geolocation is handled by ipinfo.io, using their public API. This is rate limited to 1000 requests a day, but Watcher will just store the addresses which need to be resolved and try again later.
The current state
The plugin architecture is now working properly, allowing new components to be added without considerable overhead. The most basic way of finding cameras has been implemented: a simple multi-threaded portscanner scans the internet for webservers on certain ports (80, 81, 8000) and then forwards any results to a plugin which tries to identify if a webpage contains a camera or not, based on a growing ruleset. The vast majority of cameras have specific titles on their pages which makes this less of a faff than it would be otherwise.
Once a camera has been identified, the IP address is sent to the geolocation plugin so it can be represented on our map.
Increasing coverage
Obviously, scanning the entire internet takes a while. Quite a while, particularly if you’re thinking on being thorough and increasing the number of ports to scan for! Even using something like masscan, you’d need a fairly fat pipe and a serious router. So, there are two additional plugins in the pipeline: one which will leverage Shodan, another which will use Google with specially targetted search terms.
Next in the pipeline
The map is currently quite basic. The user can scroll around, zoom in/out and see the camera markers, but can’t select them. The tile streaming is also a bit flakey and it’s possible for a tile which is in use to be unloaded, only to get loaded again a few seconds later. It isn’t great work and I could take some shortcuts to get the entire flow running sooner, but since I have no time constraints I can build a solid foundation and get something I’m happy with.
Source?
Open source, of course. You’ll find the code in the project’s GitLab. At the moment it only successfully builds on Windows, I need to spend some time wrangling the makefile
Further posts?
Do you find this kind of development post useful or interesting? Or would you rather just have a post when the tool is ready?