29 lines
1.3 KiB
Markdown
29 lines
1.3 KiB
Markdown
|
# camhak.seteclabs.io
|
||
|
|
|
||
|
|
Source for **[camhak.seteclabs.io](https://camhak.seteclabs.io)** — a Setec Labs original research report on the Javiscam 2604 / UBox / UBIA IP camera.
|
||
|
|
|
||
|
|
20 findings, 3 verified CVEs (CVE-2025-12636, CVE-2021-28372, CVE-2023-6322 chain), 4 screenshots, and a Phase 2 hardware-teardown plan. Sanitized for public release; the unredacted artifact pack is available to CISA coordinators and UBIA security contacts on request.
|
||
|
|
|
||
|
|
## Layout
|
||
|
|
|
||
|
|
- `index.html` — single-page long-form report
|
||
|
|
- `style.css` — extends [seteclabs.io/style.css](https://seteclabs.io/style.css) with the report-specific aesthetic (terminal CRT, glitch hero, decrypt reveals, pulsing severity badges, custom cursor)
|
||
|
|
- `boot.js` — typewriter boot sequence, scroll reveals, live UTC clock, periodic hero glitch
|
||
|
|
- `img/` — four screenshots (one redacted)
|
||
|
|
|
||
|
|
## Source
|
||
|
|
|
||
|
|
The toolkit that produced this report is at [SetecLabs/cam-mitm](https://repo.seteclabs.io/SetecLabs/cam-mitm). The generic templated framework is [SetecLabs/setec-mitm](https://repo.seteclabs.io/SetecLabs/setec-mitm).
|
||
|
|
|
||
|
|
## Deploy
|
||
|
|
|
||
|
|
```
|
||
|
|
rsync -avz --delete ./ root@<server>:/var/www/camhak.seteclabs.io/
|
||
|
|
```
|
||
|
|
|
||
|
|
Behind nginx with a Let's Encrypt cert. See the parent server config for details.
|
||
|
|
|
||
|
|
## License
|
||
|
|
|
||
|
|
The site content (text, layout) is **CC-BY-4.0**. The toolkit it documents is MIT (see cam-mitm).
|