Amcrest Cameras SSL Key Reuse Across installations
CVE
Category
Price
Severity
N/A
CWE-309: Use of Password System for Primary Authentication
$1000
High
Author
Risk
Exploitation Type
Date
Unknown
High
Remote
2018-09-05
CVSS vector description
Metric
Value
Metric Description
Value Description
Attack vector Network AV The vulnerable system is bound to the network stack and the set of possible attackers extends beyond the other options listed below, up to and including the entire Internet. Such a vulnerability is often termed “remotely exploitable” and can be thought of as an attack being exploitable at the protocol level one or more network hops away (e.g., across one or more routers). An example of a network attack is an attacker causing a denial of service by sending a specially crafted TCP packet across a wide area network (e.g., CVE-2004-0230). Attack Complexity Low AC The attacker must take no measurable action to exploit the vulnerability. The attack requires no target-specific circumvention to exploit the vulnerability. An attacker can expect repeatable success against the vulnerable system. Privileges Required Low PR The attacker requires privileges that provide basic capabilities that are typically limited to settings and resources owned by a single low-privileged user. Alternatively, an attacker with Low privileges has the ability to access only non-sensitive resources. User Interaction None UI The vulnerable system can be exploited without interaction from any human user, other than the attacker. Examples include: a remote attacker is able to send packets to a target system a locally authenticated attacker executes code to elevate privileges Scope Unchanged S An exploited vulnerability can only affect resources managed by the same security authority. In the case of a vulnerability in a virtualized environment, an exploited vulnerability in one guest instance would not affect neighboring guest instances. Confidentiality High C There is total information disclosure, resulting in all data on the system being revealed to the attacker, or there is a possibility of the attacker gaining control over confidential data. Integrity High I There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the attacker being able to modify any file on the target system. Availability High A There is a total shutdown of the affected resource. The attacker can deny access to the system or data, potentially causing significant loss to the organization.
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2018090044 Below is a copy:
Amcrest Cameras SSL Key Reuse Across installations Unpacking the firmware of any given (4 tested) Amcrest Camera shows that they use the same SSL Keys.
For example, on the Amcrest_IPC-HX1X3X-LEXUS_Eng_N_AMCREST_V2.420.AC01.3.R.20180206 firware we can see hard coded SSL private keys and CAs. If we run binwalk we can see this in the folder
_Amcrest_IPC-HX1X3X-LEXUS_Eng_N_AMCREST_V2.420.AC01.3.R.20180206.bin.extracted/_user-x.squashfs.img.extracted/squashfs-root/bin/ssl
openssl x509 -in cacert.pem -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:34:39:30:36:38:35:39:33:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Product Root CA, C=US, ST=Taxas, L=Houston, O=Amcrest Technologies LLC, OU=Amcrest
Validity
Not Before: Mar 27 07:25:35 2017 GMT
Not After : Mar 27 07:25:35 2021 GMT
Subject: CN=Product Root CA, C=US, ST=Taxas, L=Houston, O=Amcrest Technologies LLC, OU=Amcrest
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:99:26:51:d4:6c:1d:88:28:cd:9a:ef:7d:f0:72:
37:5a:9a:12:58:4a:26:3f:ed:4a:51:5e:35:71:18:
32:fd:87:05:0c:06:a3:6d:25:20:3c:c1:42:c2:93:
4d:75:00:09:0d:5c:37:cc:65:5b:ca:b3:81:4b:94:
d6:ef:ce:fc:a6:52:aa:07:02:c8:89:2c:6b:f3:a8:
17:15:84:ef:5e:a6:c3:ef:b2:cc:24:df:8e:4f:67:
24:df:75:87:ba:60:f1:8a:05:5d:2e:bf:7d:89:d5:
c4:7e:05:8f:02:80:6b:ce:c5:f5:b7:15:0f:ec:d7:
bf:8a:c4:8c:97:9b:a4:79:47:d3:3e:7a:a1:bd:5d:
a2:9a:2a:41:25:b2:db:01:d7:a8:6d:52:1e:10:37:
80:4d:90:3b:b1:b3:31:73:37:b2:4e:48:84:08:01:
4c:f1:58:b1:c6:02:06:85:88:98:43:d0:f1:c6:d1:
f3:67:7f:37:7b:66:13:bc:41:22:6f:f5:13:7d:fb:
8f:92:f2:db:90:32:3f:21:fc:a8:41:94:a4:cc:ac:
27:d0:31:08:56:ea:17:30:5b:b8:bf:83:d1:92:b6:
ee:4f:c0:a7:4e:80:3e:12:24:e9:67:56:a3:7c:7f:
c2:1d:9d:7d:3e:db:64:22:9c:41:bd:9d:e6:34:dd:
a6:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
AD:2D:97:7F:1F:FE:09:77:A7:96:FE:12:E7:3C:C6:B4:C1:FC:EC:BF
Signature Algorithm: sha256WithRSAEncryption
8d:72:fa:37:14:64:9b:d8:f2:04:d3:87:3d:0a:4b:dd:3b:c1:
b8:06:00:24:27:db:4d:8b:20:2e:bb:b8:68:99:06:73:06:45:
d8:50:48:49:12:71:04:67:66:3a:b3:78:6f:d9:59:f1:80:fb:
97:8f:e0:eb:58:02:aa:43:ce:37:f9:09:d0:4a:82:e2:61:e4:
19:bc:2e:b3:8f:13:87:f3:30:3f:eb:4d:07:5a:77:a5:f5:05:
5a:c8:0e:c1:b7:68:c3:a8:f1:2a:75:21:e9:d2:02:74:e5:c4:
c8:f0:e6:23:92:9f:eb:ad:ac:f4:d4:32:a4:eb:10:fe:49:90:
f3:85:f3:00:07:a4:2b:95:c2:d4:02:c2:21:42:aa:d5:a6:63:
68:14:a1:02:0d:1f:f7:6b:aa:4b:6c:09:63:97:37:84:0a:af:
96:a6:d2:a0:f7:48:8a:50:ac:0b:b3:47:8d:e8:f2:e9:a1:5f:
bb:27:3b:09:6a:82:a9:28:d2:a1:fa:44:9f:96:65:a1:de:6c:
da:c4:f5:99:c8:b3:ad:a4:0d:63:ef:09:c2:bc:bb:54:c7:8c:
8a:53:c4:e4:af:76:ac:61:a3:a9:51:b8:08:34:e5:37:50:1c:
c0:58:3d:ea:50:e4:6c:8c:57:fb:c8:45:40:6d:ed:0c:a5:15:
a3:43:59:61
-----BEGIN CERTIFICATE-----
MIIDsjCCApqgAwIBAgIKMTQ5MDY4NTkzNTANBgkqhkiG9w0BAQsFADB+MRgwFgYD
VQQDDA9Qcm9kdWN0IFJvb3QgQ0ExCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUYXhh
czEQMA4GA1UEBwwHSG91c3RvbjEhMB8GA1UECgwYQW1jcmVzdCBUZWNobm9sb2dp
ZXMgTExDMRAwDgYDVQQLDAdBbWNyZXN0MB4XDTE3MDMyNzA3MjUzNVoXDTIxMDMy
NzA3MjUzNVowfjEYMBYGA1UEAwwPUHJvZHVjdCBSb290IENBMQswCQYDVQQGEwJV
UzEOMAwGA1UECAwFVGF4YXMxEDAOBgNVBAcMB0hvdXN0b24xITAfBgNVBAoMGEFt
Y3Jlc3QgVGVjaG5vbG9naWVzIExMQzEQMA4GA1UECwwHQW1jcmVzdDCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJkmUdRsHYgozZrvffByN1qaElhKJj/t
SlFeNXEYMv2HBQwGo20lIDzBQsKTTXUACQ1cN8xlW8qzgUuU1u/O/KZSqgcCyIks
a/OoFxWE716mw++yzCTfjk9nJN91h7pg8YoFXS6/fYnVxH4FjwKAa87F9bcVD+zX
v4rEjJebpHlH0z56ob1dopoqQSWy2wHXqG1SHhA3gE2QO7GzMXM3sk5IhAgBTPFY
scYCBoWImEPQ8cbR82d/N3tmE7xBIm/1E337j5Ly25AyPyH8qEGUpMysJ9AxCFbq
FzBbuL+D0ZK27k/Ap06APhIk6WdWo3x/wh2dfT7bZCKcQb2d5jTdpmUCAwEAAaMy
MDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUrS2Xfx/+CXenlv4S5zzGtMH8
7L8wDQYJKoZIhvcNAQELBQADggEBAI1y+jcUZJvY8gTThz0KS907wbgGACQn202L
IC67uGiZBnMGRdhQSEkScQRnZjqzeG/ZWfGA+5eP4OtYAqpDzjf5CdBKguJh5Bm8
LrOPE4fzMD/rTQdad6X1BVrIDsG3aMOo8Sp1IenSAnTlxMjw5iOSn+utrPTUMqTr
EP5JkPOF8wAHpCuVwtQCwiFCqtWmY2gUoQINH/drqktsCWOXN4QKr5am0qD3SIpQ
rAuzR43o8umhX7snOwlqgqko0qH6RJ+WZaHebNrE9ZnIs62kDWPvCcK8u1THjIpT
xOSvdqxho6lRuAg05TdQHMBYPepQ5GyMV/vIRUBt7QylFaNDWWE=
-----END CERTIFICATE-----
openssl x509 -in cacert.pem -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:34:39:30:36:38:35:39:33:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Product Root CA, C=US, ST=Taxas, L=Houston, O=Amcrest Technologies LLC, OU=Amcrest
Validity
Not Before: Mar 27 07:25:35 2017 GMT
Not After : Mar 27 07:25:35 2021 GMT
Subject: CN=Product Root CA, C=US, ST=Taxas, L=Houston, O=Amcrest Technologies LLC, OU=Amcrest
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:99:26:51:d4:6c:1d:88:28:cd:9a:ef:7d:f0:72:
37:5a:9a:12:58:4a:26:3f:ed:4a:51:5e:35:71:18:
32:fd:87:05:0c:06:a3:6d:25:20:3c:c1:42:c2:93:
4d:75:00:09:0d:5c:37:cc:65:5b:ca:b3:81:4b:94:
d6:ef:ce:fc:a6:52:aa:07:02:c8:89:2c:6b:f3:a8:
17:15:84:ef:5e:a6:c3:ef:b2:cc:24:df:8e:4f:67:
24:df:75:87:ba:60:f1:8a:05:5d:2e:bf:7d:89:d5:
c4:7e:05:8f:02:80:6b:ce:c5:f5:b7:15:0f:ec:d7:
bf:8a:c4:8c:97:9b:a4:79:47:d3:3e:7a:a1:bd:5d:
a2:9a:2a:41:25:b2:db:01:d7:a8:6d:52:1e:10:37:
80:4d:90:3b:b1:b3:31:73:37:b2:4e:48:84:08:01:
4c:f1:58:b1:c6:02:06:85:88:98:43:d0:f1:c6:d1:
f3:67:7f:37:7b:66:13:bc:41:22:6f:f5:13:7d:fb:
8f:92:f2:db:90:32:3f:21:fc:a8:41:94:a4:cc:ac:
27:d0:31:08:56:ea:17:30:5b:b8:bf:83:d1:92:b6:
ee:4f:c0:a7:4e:80:3e:12:24:e9:67:56:a3:7c:7f:
c2:1d:9d:7d:3e:db:64:22:9c:41:bd:9d:e6:34:dd:
a6:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
AD:2D:97:7F:1F:FE:09:77:A7:96:FE:12:E7:3C:C6:B4:C1:FC:EC:BF
Signature Algorithm: sha256WithRSAEncryption
8d:72:fa:37:14:64:9b:d8:f2:04:d3:87:3d:0a:4b:dd:3b:c1:
b8:06:00:24:27:db:4d:8b:20:2e:bb:b8:68:99:06:73:06:45:
d8:50:48:49:12:71:04:67:66:3a:b3:78:6f:d9:59:f1:80:fb:
97:8f:e0:eb:58:02:aa:43:ce:37:f9:09:d0:4a:82:e2:61:e4:
19:bc:2e:b3:8f:13:87:f3:30:3f:eb:4d:07:5a:77:a5:f5:05:
5a:c8:0e:c1:b7:68:c3:a8:f1:2a:75:21:e9:d2:02:74:e5:c4:
c8:f0:e6:23:92:9f:eb:ad:ac:f4:d4:32:a4:eb:10:fe:49:90:
f3:85:f3:00:07:a4:2b:95:c2:d4:02:c2:21:42:aa:d5:a6:63:
68:14:a1:02:0d:1f:f7:6b:aa:4b:6c:09:63:97:37:84:0a:af:
96:a6:d2:a0:f7:48:8a:50:ac:0b:b3:47:8d:e8:f2:e9:a1:5f:
bb:27:3b:09:6a:82:a9:28:d2:a1:fa:44:9f:96:65:a1:de:6c:
da:c4:f5:99:c8:b3:ad:a4:0d:63:ef:09:c2:bc:bb:54:c7:8c:
8a:53:c4:e4:af:76:ac:61:a3:a9:51:b8:08:34:e5:37:50:1c:
c0:58:3d:ea:50:e4:6c:8c:57:fb:c8:45:40:6d:ed:0c:a5:15:
a3:43:59:61
-----BEGIN CERTIFICATE-----
MIIDsjCCApqgAwIBAgIKMTQ5MDY4NTkzNTANBgkqhkiG9w0BAQsFADB+MRgwFgYD
VQQDDA9Qcm9kdWN0IFJvb3QgQ0ExCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUYXhh
czEQMA4GA1UEBwwHSG91c3RvbjEhMB8GA1UECgwYQW1jcmVzdCBUZWNobm9sb2dp
ZXMgTExDMRAwDgYDVQQLDAdBbWNyZXN0MB4XDTE3MDMyNzA3MjUzNVoXDTIxMDMy
NzA3MjUzNVowfjEYMBYGA1UEAwwPUHJvZHVjdCBSb290IENBMQswCQYDVQQGEwJV
UzEOMAwGA1UECAwFVGF4YXMxEDAOBgNVBAcMB0hvdXN0b24xITAfBgNVBAoMGEFt
Y3Jlc3QgVGVjaG5vbG9naWVzIExMQzEQMA4GA1UECwwHQW1jcmVzdDCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJkmUdRsHYgozZrvffByN1qaElhKJj/t
SlFeNXEYMv2HBQwGo20lIDzBQsKTTXUACQ1cN8xlW8qzgUuU1u/O/KZSqgcCyIks
a/OoFxWE716mw++yzCTfjk9nJN91h7pg8YoFXS6/fYnVxH4FjwKAa87F9bcVD+zX
v4rEjJebpHlH0z56ob1dopoqQSWy2wHXqG1SHhA3gE2QO7GzMXM3sk5IhAgBTPFY
scYCBoWImEPQ8cbR82d/N3tmE7xBIm/1E337j5Ly25AyPyH8qEGUpMysJ9AxCFbq
FzBbuL+D0ZK27k/Ap06APhIk6WdWo3x/wh2dfT7bZCKcQb2d5jTdpmUCAwEAAaMy
MDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUrS2Xfx/+CXenlv4S5zzGtMH8
7L8wDQYJKoZIhvcNAQELBQADggEBAI1y+jcUZJvY8gTThz0KS907wbgGACQn202L
IC67uGiZBnMGRdhQSEkScQRnZjqzeG/ZWfGA+5eP4OtYAqpDzjf5CdBKguJh5Bm8
LrOPE4fzMD/rTQdad6X1BVrIDsG3aMOo8Sp1IenSAnTlxMjw5iOSn+utrPTUMqTr
EP5JkPOF8wAHpCuVwtQCwiFCqtWmY2gUoQINH/drqktsCWOXN4QKr5am0qD3SIpQ
rAuzR43o8umhX7snOwlqgqko0qH6RJ+WZaHebNrE9ZnIs62kDWPvCcK8u1THjIpT
xOSvdqxho6lRuAg05TdQHMBYPepQ5GyMV/vIRUBt7QylFaNDWWE=
-----END CERTIFICATE-----
as well as
_Amcrest_IPC-HX1X3X-LEXUS_Eng_N_AMCREST_V2.420.AC01.3.R.20180206.bin.extracted/_user-x.squashfs.img.extracted/squashfs-root/bin/amcssl
openssl x509 -in cacert.pem -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 925100063 (0x3723e81f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=CA, ST=ON, L=Ottawa, O=Camcloud, OU=Camcloud, CN=Dan Burkett
Validity
Not Before: Apr 2 12:44:49 2015 GMT
Not After : Aug 18 12:44:49 2042 GMT
Subject: C=CA, ST=ON, L=Ottawa, O=Camcloud, OU=Camcloud, CN=Dan Burkett
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ff:73:6c:6c:e1:de:b4:7d:a8:13:cf:66:3a:36:
22:30:11:f1:c4:44:33:68:b0:15:b0:0c:5a:41:10:
17:48:40:66:5d:db:d0:9e:5e:c9:85:ae:87:18:63:
40:2b:ad:d6:64:92:1c:23:99:fb:82:70:84:c1:cd:
6a:98:8a:0a:6e:de:9c:c8:34:97:c3:f6:95:51:42:
29:1f:2e:c5:92:9f:7e:f3:d8:7d:60:3b:ef:d3:3f:
34:3a:06:a5:9f:86:16:c3:ae:9b:6d:76:a3:dc:91:
84:e1:57:aa:ee:73:69:0b:6b:e6:65:72:1b:30:9b:
dd:86:0b:78:c0:81:55:e3:53:4b:5f:ef:8c:2e:ac:
c0:d7:b6:ea:5e:10:05:6a:bd:63:e7:53:5b:64:b6:
15:36:b5:08:8f:40:4f:aa:08:59:51:76:b5:73:a7:
0e:8e:f6:bf:a1:50:83:1d:4f:66:2a:77:ef:63:04:
56:c0:d9:ce:0d:18:c9:24:9c:43:11:8a:c1:95:27:
6e:bc:72:7c:ce:d0:d0:85:da:13:8c:fd:cc:56:a0:
45:82:5a:d3:c3:2f:cf:38:c1:b9:7a:1d:9b:2f:6a:
cf:6d:b8:c7:e3:b0:03:24:56:81:01:84:21:32:9c:
f6:11:6f:8e:47:2e:9c:5a:a8:b5:83:e6:bc:12:90:
80:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:D4:87:CC:D7:70:3B:64:FF:6E:AE:C4:B1:37:3E:0C:1A:86:0B:CF
Signature Algorithm: sha256WithRSAEncryption
da:9e:50:c8:2d:f0:f5:3b:f6:71:75:bd:e5:e2:8d:f3:30:3e:
ed:88:91:d7:7b:55:9f:24:7b:de:7b:49:14:28:23:9f:de:fe:
1f:60:fb:68:a3:25:92:e5:e8:f5:e9:5b:06:58:24:ea:70:4f:
7d:2a:d7:86:46:c8:5e:95:13:65:66:e8:51:54:8e:b9:bc:de:
92:82:39:1e:f7:d1:95:58:03:7b:3d:1b:e7:29:9c:03:4c:d2:
2a:5c:63:9d:9f:5f:b2:58:92:40:b2:aa:c2:94:fd:10:4c:4f:
c2:19:1b:34:c1:8e:3c:14:be:3f:f3:be:2c:f6:5e:04:bf:f8:
13:b5:aa:e0:05:e5:a7:2f:c6:36:1c:bf:c1:d7:34:70:86:bc:
86:b5:ca:d1:b4:85:03:af:74:8b:ae:79:ad:94:63:27:17:99:
53:5c:6e:35:92:90:82:dd:80:c6:a0:c8:ba:f7:08:3c:5c:46:
7f:8c:b7:6f:7a:e6:66:91:86:89:0b:29:28:1c:79:3e:66:8e:
7c:6a:3f:e1:b5:5e:56:06:ac:8e:7d:6a:fb:91:94:46:b9:1d:
31:0f:a0:35:67:9f:70:c1:f7:ab:8b:4a:88:f3:20:10:10:e1:
e2:da:4c:db:3f:50:d7:dd:9e:27:bf:9a:b2:4c:7d:4c:6c:56:
7d:8a:76:54
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIENyPoHzANBgkqhkiG9w0BAQsFADBnMQswCQYDVQQGEwJD
QTELMAkGA1UECBMCT04xDzANBgNVBAcTBk90dGF3YTERMA8GA1UEChMIQ2FtY2xv
dWQxETAPBgNVBAsTCENhbWNsb3VkMRQwEgYDVQQDEwtEYW4gQnVya2V0dDAeFw0x
NTA0MDIxMjQ0NDlaFw00MjA4MTgxMjQ0NDlaMGcxCzAJBgNVBAYTAkNBMQswCQYD
VQQIEwJPTjEPMA0GA1UEBxMGT3R0YXdhMREwDwYDVQQKEwhDYW1jbG91ZDERMA8G
A1UECxMIQ2FtY2xvdWQxFDASBgNVBAMTC0RhbiBCdXJrZXR0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/3NsbOHetH2oE89mOjYiMBHxxEQzaLAVsAxa
QRAXSEBmXdvQnl7Jha6HGGNAK63WZJIcI5n7gnCEwc1qmIoKbt6cyDSXw/aVUUIp
Hy7Fkp9+89h9YDvv0z80Ogaln4YWw66bbXaj3JGE4Veq7nNpC2vmZXIbMJvdhgt4
wIFV41NLX++MLqzA17bqXhAFar1j51NbZLYVNrUIj0BPqghZUXa1c6cOjva/oVCD
HU9mKnfvYwRWwNnODRjJJJxDEYrBlSduvHJ8ztDQhdoTjP3MVqBFglrTwy/POMG5
eh2bL2rPbbjH47ADJFaBAYQhMpz2EW+ORy6cWqi1g+a8EpCAeQIDAQABoyEwHzAd
BgNVHQ4EFgQUqdSHzNdwO2T/bq7EsTc+DBqGC88wDQYJKoZIhvcNAQELBQADggEB
ANqeUMgt8PU79nF1veXijfMwPu2Ikdd7VZ8ke957SRQoI5/e/h9g+2ijJZLl6PXp
WwZYJOpwT30q14ZGyF6VE2Vm6FFUjrm83pKCOR730ZVYA3s9G+cpnANM0ipcY52f
X7JYkkCyqsKU/RBMT8IZGzTBjjwUvj/zviz2XgS/+BO1quAF5acvxjYcv8HXNHCG
vIa1ytG0hQOvdIuuea2UYycXmVNcbjWSkILdgMagyLr3CDxcRn+Mt2965maRhokL
KSgceT5mjnxqP+G1XlYGrI59avuRlEa5HTEPoDVnn3DB96uLSojzIBAQ4eLaTNs/
UNfdnie/mrJMfUxsVn2KdlQ=
-----END CERTIFICATE-----
openssl x509 -in cacert.pem -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 925100063 (0x3723e81f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=CA, ST=ON, L=Ottawa, O=Camcloud, OU=Camcloud, CN=Dan Burkett
Validity
Not Before: Apr 2 12:44:49 2015 GMT
Not After : Aug 18 12:44:49 2042 GMT
Subject: C=CA, ST=ON, L=Ottawa, O=Camcloud, OU=Camcloud, CN=Dan Burkett
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ff:73:6c:6c:e1:de:b4:7d:a8:13:cf:66:3a:36:
22:30:11:f1:c4:44:33:68:b0:15:b0:0c:5a:41:10:
17:48:40:66:5d:db:d0:9e:5e:c9:85:ae:87:18:63:
40:2b:ad:d6:64:92:1c:23:99:fb:82:70:84:c1:cd:
6a:98:8a:0a:6e:de:9c:c8:34:97:c3:f6:95:51:42:
29:1f:2e:c5:92:9f:7e:f3:d8:7d:60:3b:ef:d3:3f:
34:3a:06:a5:9f:86:16:c3:ae:9b:6d:76:a3:dc:91:
84:e1:57:aa:ee:73:69:0b:6b:e6:65:72:1b:30:9b:
dd:86:0b:78:c0:81:55:e3:53:4b:5f:ef:8c:2e:ac:
c0:d7:b6:ea:5e:10:05:6a:bd:63:e7:53:5b:64:b6:
15:36:b5:08:8f:40:4f:aa:08:59:51:76:b5:73:a7:
0e:8e:f6:bf:a1:50:83:1d:4f:66:2a:77:ef:63:04:
56:c0:d9:ce:0d:18:c9:24:9c:43:11:8a:c1:95:27:
6e:bc:72:7c:ce:d0:d0:85:da:13:8c:fd:cc:56:a0:
45:82:5a:d3:c3:2f:cf:38:c1:b9:7a:1d:9b:2f:6a:
cf:6d:b8:c7:e3:b0:03:24:56:81:01:84:21:32:9c:
f6:11:6f:8e:47:2e:9c:5a:a8:b5:83:e6:bc:12:90:
80:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:D4:87:CC:D7:70:3B:64:FF:6E:AE:C4:B1:37:3E:0C:1A:86:0B:CF
Signature Algorithm: sha256WithRSAEncryption
da:9e:50:c8:2d:f0:f5:3b:f6:71:75:bd:e5:e2:8d:f3:30:3e:
ed:88:91:d7:7b:55:9f:24:7b:de:7b:49:14:28:23:9f:de:fe:
1f:60:fb:68:a3:25:92:e5:e8:f5:e9:5b:06:58:24:ea:70:4f:
7d:2a:d7:86:46:c8:5e:95:13:65:66:e8:51:54:8e:b9:bc:de:
92:82:39:1e:f7:d1:95:58:03:7b:3d:1b:e7:29:9c:03:4c:d2:
2a:5c:63:9d:9f:5f:b2:58:92:40:b2:aa:c2:94:fd:10:4c:4f:
c2:19:1b:34:c1:8e:3c:14:be:3f:f3:be:2c:f6:5e:04:bf:f8:
13:b5:aa:e0:05:e5:a7:2f:c6:36:1c:bf:c1:d7:34:70:86:bc:
86:b5:ca:d1:b4:85:03:af:74:8b:ae:79:ad:94:63:27:17:99:
53:5c:6e:35:92:90:82:dd:80:c6:a0:c8:ba:f7:08:3c:5c:46:
7f:8c:b7:6f:7a:e6:66:91:86:89:0b:29:28:1c:79:3e:66:8e:
7c:6a:3f:e1:b5:5e:56:06:ac:8e:7d:6a:fb:91:94:46:b9:1d:
31:0f:a0:35:67:9f:70:c1:f7:ab:8b:4a:88:f3:20:10:10:e1:
e2:da:4c:db:3f:50:d7:dd:9e:27:bf:9a:b2:4c:7d:4c:6c:56:
7d:8a:76:54
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIENyPoHzANBgkqhkiG9w0BAQsFADBnMQswCQYDVQQGEwJD
QTELMAkGA1UECBMCT04xDzANBgNVBAcTBk90dGF3YTERMA8GA1UEChMIQ2FtY2xv
dWQxETAPBgNVBAsTCENhbWNsb3VkMRQwEgYDVQQDEwtEYW4gQnVya2V0dDAeFw0x
NTA0MDIxMjQ0NDlaFw00MjA4MTgxMjQ0NDlaMGcxCzAJBgNVBAYTAkNBMQswCQYD
VQQIEwJPTjEPMA0GA1UEBxMGT3R0YXdhMREwDwYDVQQKEwhDYW1jbG91ZDERMA8G
A1UECxMIQ2FtY2xvdWQxFDASBgNVBAMTC0RhbiBCdXJrZXR0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/3NsbOHetH2oE89mOjYiMBHxxEQzaLAVsAxa
QRAXSEBmXdvQnl7Jha6HGGNAK63WZJIcI5n7gnCEwc1qmIoKbt6cyDSXw/aVUUIp
Hy7Fkp9+89h9YDvv0z80Ogaln4YWw66bbXaj3JGE4Veq7nNpC2vmZXIbMJvdhgt4
wIFV41NLX++MLqzA17bqXhAFar1j51NbZLYVNrUIj0BPqghZUXa1c6cOjva/oVCD
HU9mKnfvYwRWwNnODRjJJJxDEYrBlSduvHJ8ztDQhdoTjP3MVqBFglrTwy/POMG5
eh2bL2rPbbjH47ADJFaBAYQhMpz2EW+ORy6cWqi1g+a8EpCAeQIDAQABoyEwHzAd
BgNVHQ4EFgQUqdSHzNdwO2T/bq7EsTc+DBqGC88wDQYJKoZIhvcNAQELBQADggEB
ANqeUMgt8PU79nF1veXijfMwPu2Ikdd7VZ8ke957SRQoI5/e/h9g+2ijJZLl6PXp
WwZYJOpwT30q14ZGyF6VE2Vm6FFUjrm83pKCOR730ZVYA3s9G+cpnANM0ipcY52f
X7JYkkCyqsKU/RBMT8IZGzTBjjwUvj/zviz2XgS/+BO1quAF5acvxjYcv8HXNHCG
vIa1ytG0hQOvdIuuea2UYycXmVNcbjWSkILdgMagyLr3CDxcRn+Mt2965maRhokL
KSgceT5mjnxqP+G1XlYGrI59avuRlEa5HTEPoDVnn3DB96uLSojzIBAQ4eLaTNs/
UNfdnie/mrJMfUxsVn2KdlQ=
-----END CERTIFICATE-----
To reproduce, download a firmware image from https://amcrest.com/firmwaredownloads
One will find a .bin file.
Install binwalk.
Run binwalk -Me amcrestfirmware.bin
navigate to
_user-x.squashfs.img.extracted/squashfs-root/bin/ssl/
and
_user-x.squashfs.img.extracted/squashfs-root/bin/amcssl/
Copyright ©2024 Exploitalert.
This information is provided for TESTING and LEGAL RESEARCH purposes only. All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum