Initial commit — SetecSuite Camera MITM Framework
Original tooling from the Camhak research project (camera teardown of a
rebranded UBIA / Javiscam IP camera). PyQt6 GUI on top of a curses TUI on
top of a service controller; per-service start/stop, intruder detection,
protocol fingerprinting, OAM HMAC signing, CVE verifiers, OTA bucket
probe, firmware fetcher, fuzzer, packet injection.
Tabs: Dashboard, Live Log, Intruders, Cloud API, Fuzzer, Inject, CVEs,
Config, Help. Real-time per-packet protocol detection, conntrack-based
original-destination lookup, log rotation at 1 GiB.
See SECURITY_PAPER.md for the full writeup, site/index.html for the
public report, README.md for usage. Run with:
sudo /usr/bin/python3 gui.py
Co-authored by Setec Labs.
This commit is contained in:
sssnake
65
regen_cert.sh
Executable file
65
regen_cert.sh
Executable file
@@ -0,0 +1,65 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
if [[ $EUID -ne 0 ]]; then
|
||||
echo "must run as root (use sudo)" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
ROOT_DIR=/root/dumps/mitm_logs
|
||||
SNAKE_DIR=/home/snake/dumps/mitm_logs
|
||||
mkdir -p "$ROOT_DIR" "$SNAKE_DIR"
|
||||
|
||||
CERT="$ROOT_DIR/mitm_cert.pem"
|
||||
KEY="$ROOT_DIR/mitm_key.pem"
|
||||
|
||||
CFG=$(mktemp)
|
||||
trap 'rm -f "$CFG"' EXIT
|
||||
|
||||
cat > "$CFG" <<'EOF'
|
||||
[req]
|
||||
distinguished_name = dn
|
||||
req_extensions = v3_req
|
||||
x509_extensions = v3_req
|
||||
prompt = no
|
||||
|
||||
[dn]
|
||||
CN = portal.ubianet.com
|
||||
O = Ubia
|
||||
C = US
|
||||
|
||||
[v3_req]
|
||||
basicConstraints = CA:FALSE
|
||||
keyUsage = digitalSignature, keyEncipherment
|
||||
extendedKeyUsage = serverAuth
|
||||
subjectAltName = @alt
|
||||
|
||||
[alt]
|
||||
DNS.1 = portal.ubianet.com
|
||||
DNS.2 = api.us.ubianet.com
|
||||
DNS.3 = api.cn.ubianet.com
|
||||
DNS.4 = *.ubianet.com
|
||||
DNS.5 = *.aliyuncs.com
|
||||
DNS.6 = *.oss-cn-shenzhen.aliyuncs.com
|
||||
DNS.7 = *.myqcloud.com
|
||||
IP.1 = 192.168.1.172
|
||||
EOF
|
||||
|
||||
openssl req -x509 -newkey rsa:2048 -nodes -days 3650 \
|
||||
-keyout "$KEY" -out "$CERT" -config "$CFG" -extensions v3_req
|
||||
|
||||
chmod 644 "$CERT"
|
||||
chmod 600 "$KEY"
|
||||
|
||||
cp "$CERT" "$SNAKE_DIR/mitm_cert.pem"
|
||||
cp "$KEY" "$SNAKE_DIR/mitm_key.pem"
|
||||
chown snake:snake "$SNAKE_DIR/mitm_cert.pem" "$SNAKE_DIR/mitm_key.pem"
|
||||
chmod 644 "$SNAKE_DIR/mitm_cert.pem"
|
||||
chmod 600 "$SNAKE_DIR/mitm_key.pem"
|
||||
|
||||
echo
|
||||
echo "=== wrote ==="
|
||||
ls -l "$CERT" "$KEY" "$SNAKE_DIR/mitm_cert.pem" "$SNAKE_DIR/mitm_key.pem"
|
||||
echo
|
||||
echo "=== subject + SANs ==="
|
||||
openssl x509 -in "$CERT" -noout -text | grep -E "Subject:|DNS:|IP Address:"
|
||||
Reference in New Issue
Block a user