09ff19adbe
Long-form Camhak research report. 20 findings, 3 CVEs, 4 sanitized screenshots. Single-page HTML with terminal CRT aesthetic extending seteclabs.io. Sensitive specifics redacted; unredacted artifact pack held for CISA / UBIA coordination only. Generated by the cam-mitm toolkit at SetecLabs/cam-mitm.
1.3 KiB
1.3 KiB
camhak.seteclabs.io
Source for camhak.seteclabs.io — a Setec Labs original research report on the Javiscam 2604 / UBox / UBIA IP camera.
20 findings, 3 verified CVEs (CVE-2025-12636, CVE-2021-28372, CVE-2023-6322 chain), 4 screenshots, and a Phase 2 hardware-teardown plan. Sanitized for public release; the unredacted artifact pack is available to CISA coordinators and UBIA security contacts on request.
Layout
index.html— single-page long-form reportstyle.css— extends seteclabs.io/style.css with the report-specific aesthetic (terminal CRT, glitch hero, decrypt reveals, pulsing severity badges, custom cursor)boot.js— typewriter boot sequence, scroll reveals, live UTC clock, periodic hero glitchimg/— four screenshots (one redacted)
Source
The toolkit that produced this report is at SetecLabs/cam-mitm. The generic templated framework is SetecLabs/setec-mitm.
Deploy
rsync -avz --delete ./ root@<server>:/var/www/camhak.seteclabs.io/
Behind nginx with a Let's Encrypt cert. See the parent server config for details.
License
The site content (text, layout) is CC-BY-4.0. The toolkit it documents is MIT (see cam-mitm).