Open HIP Cams

Overview

This is an exploit to for HIP brand cameras written in Python. The exploit check Shodan database and test HIP cams to find ones that failed to delete default login credentials. The program scans the database and peoduces an easy to read list of cams with links that can be streamed in a media player such as VLC. The scanner is indiscriminate so it will test all cameras that are served by Shodan. CLI output will indicate how the tests went. At the end all results can be found in output.txt for the users revision.

Dependencies

To use the program you mast have access to a Shodan.io API key that can be obtained by creating an account. Once obtained, this should be pasted into the SDKey.config file.

Moreover, this program requires rtsp library to test that the stream can be established. This library can be installed using pip install rtsp.

Disclaimer

This program is purely for educational purposes. Please do not use it for any immoral purposes or to invigilate unsuspecting victims. Instead consider using the findings to improve the security for either the camera users or the camera makers.