# camhak.seteclabs.io

Source for **[camhak.seteclabs.io](https://camhak.seteclabs.io)** — a Setec Labs original research report on the Javiscam 2604 / UBox / UBIA IP camera.

20 findings, 3 verified CVEs (CVE-2025-12636, CVE-2021-28372, CVE-2023-6322 chain), 4 screenshots, and a Phase 2 hardware-teardown plan. Sanitized for public release; the unredacted artifact pack is available to CISA coordinators and UBIA security contacts on request.

## Layout

- `index.html` — single-page long-form report
- `style.css` — extends [seteclabs.io/style.css](https://seteclabs.io/style.css) with the report-specific aesthetic (terminal CRT, glitch hero, decrypt reveals, pulsing severity badges, custom cursor)
- `boot.js` — typewriter boot sequence, scroll reveals, live UTC clock, periodic hero glitch
- `img/` — four screenshots (one redacted)

## Source

The toolkit that produced this report is at [SetecLabs/cam-mitm](https://repo.seteclabs.io/SetecLabs/cam-mitm). The generic templated framework is [SetecLabs/setec-mitm](https://repo.seteclabs.io/SetecLabs/setec-mitm).

## Deploy

```
rsync -avz --delete ./ root@<server>:/var/www/camhak.seteclabs.io/
```

Behind nginx with a Let's Encrypt cert. See the parent server config for details.

## License

The site content (text, layout) is **CC-BY-4.0**. The toolkit it documents is MIT (see cam-mitm).