Exploitalert - Database of Exploits

Amcrest Cameras SSL Key Reuse Across installations

CVE	Category	Price	Severity
N/A	CWE-309: Use of Password System for Primary Authentication	$1000	High

Author	Risk	Exploitation Type	Date
Unknown	High	Remote	2018-09-05

CVSS	EPSS	EPSSP
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	0.02192	0.50148

CVSS vector description

Metric	Value	Metric Description	Value Description
Attack vector	Network	AV	The vulnerable system is bound to the network stack and the set of possible attackers extends beyond the other options listed below, up to and including the entire Internet. Such a vulnerability is often termed “remotely exploitable” and can be thought of as an attack being exploitable at the protocol level one or more network hops away (e.g., across one or more routers). An example of a network attack is an attacker causing a denial of service by sending a specially crafted TCP packet across a wide area network (e.g., CVE-2004-0230).
Attack Complexity	Low	AC	The attacker must take no measurable action to exploit the vulnerability. The attack requires no target-specific circumvention to exploit the vulnerability. An attacker can expect repeatable success against the vulnerable system.
Privileges Required	Low	PR	The attacker requires privileges that provide basic capabilities that are typically limited to settings and resources owned by a single low-privileged user. Alternatively, an attacker with Low privileges has the ability to access only non-sensitive resources.
User Interaction	None	UI	The vulnerable system can be exploited without interaction from any human user, other than the attacker. Examples include: a remote attacker is able to send packets to a target system a locally authenticated attacker executes code to elevate privileges
Scope	Unchanged	S	An exploited vulnerability can only affect resources managed by the same security authority. In the case of a vulnerability in a virtualized environment, an exploited vulnerability in one guest instance would not affect neighboring guest instances.
Confidentiality	High	C	There is total information disclosure, resulting in all data on the system being revealed to the attacker, or there is a possibility of the attacker gaining control over confidential data.
Integrity	High	I	There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the attacker being able to modify any file on the target system.
Availability	High	A	There is a total shutdown of the affected resource. The attacker can deny access to the system or data, potentially causing significant loss to the organization.

https://cxsecurity.com/ascii/WLB-2018090044

Amcrest Cameras SSL Key Reuse Across installations

Unpacking the firmware of any given (4 tested) Amcrest Camera shows that they use the same SSL Keys. For example, on the Amcrest_IPC-HX1X3X-LEXUS_Eng_N_AMCREST_V2.420.AC01.3.R.20180206 firware we can see hard coded SSL private keys and CAs. If we run binwalk we can see this in the folder _Amcrest_IPC-HX1X3X-LEXUS_Eng_N_AMCREST_V2.420.AC01.3.R.20180206.bin.extracted/_user-x.squashfs.img.extracted/squashfs-root/bin/ssl openssl x509 -in cacert.pem -text Certificate: Data: Version: 3 (0x2) Serial Number: 31:34:39:30:36:38:35:39:33:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=Product Root CA, C=US, ST=Taxas, L=Houston, O=Amcrest Technologies LLC, OU=Amcrest Validity Not Before: Mar 27 07:25:35 2017 GMT Not After : Mar 27 07:25:35 2021 GMT Subject: CN=Product Root CA, C=US, ST=Taxas, L=Houston, O=Amcrest Technologies LLC, OU=Amcrest Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:99:26:51:d4:6c:1d:88:28:cd:9a:ef:7d:f0:72: 37:5a:9a:12:58:4a:26:3f:ed:4a:51:5e:35:71:18: 32:fd:87:05:0c:06:a3:6d:25:20:3c:c1:42:c2:93: 4d:75:00:09:0d:5c:37:cc:65:5b:ca:b3:81:4b:94: d6:ef:ce:fc:a6:52:aa:07:02:c8:89:2c:6b:f3:a8: 17:15:84:ef:5e:a6:c3:ef:b2:cc:24:df:8e:4f:67: 24:df:75:87:ba:60:f1:8a:05:5d:2e:bf:7d:89:d5: c4:7e:05:8f:02:80:6b:ce:c5:f5:b7:15:0f:ec:d7: bf:8a:c4:8c:97:9b:a4:79:47:d3:3e:7a:a1:bd:5d: a2:9a:2a:41:25:b2:db:01:d7:a8:6d:52:1e:10:37: 80:4d:90:3b:b1:b3:31:73:37:b2:4e:48:84:08:01: 4c:f1:58:b1:c6:02:06:85:88:98:43:d0:f1:c6:d1: f3:67:7f:37:7b:66:13:bc:41:22:6f:f5:13:7d:fb: 8f:92:f2:db:90:32:3f:21:fc:a8:41:94:a4:cc:ac: 27:d0:31:08:56:ea:17:30:5b:b8:bf:83:d1:92:b6: ee:4f:c0:a7:4e:80:3e:12:24:e9:67:56:a3:7c:7f: c2:1d:9d:7d:3e:db:64:22:9c:41:bd:9d:e6:34:dd: a6:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AD:2D:97:7F:1F:FE:09:77:A7:96:FE:12:E7:3C:C6:B4:C1:FC:EC:BF Signature Algorithm: sha256WithRSAEncryption 8d:72:fa:37:14:64:9b:d8:f2:04:d3:87:3d:0a:4b:dd:3b:c1: b8:06:00:24:27:db:4d:8b:20:2e:bb:b8:68:99:06:73:06:45: d8:50:48:49:12:71:04:67:66:3a:b3:78:6f:d9:59:f1:80:fb: 97:8f:e0:eb:58:02:aa:43:ce:37:f9:09:d0:4a:82:e2:61:e4: 19:bc:2e:b3:8f:13:87:f3:30:3f:eb:4d:07:5a:77:a5:f5:05: 5a:c8:0e:c1:b7:68:c3:a8:f1:2a:75:21:e9:d2:02:74:e5:c4: c8:f0:e6:23:92:9f:eb:ad:ac:f4:d4:32:a4:eb:10:fe:49:90: f3:85:f3:00:07:a4:2b:95:c2:d4:02:c2:21:42:aa:d5:a6:63: 68:14:a1:02:0d:1f:f7:6b:aa:4b:6c:09:63:97:37:84:0a:af: 96:a6:d2:a0:f7:48:8a:50:ac:0b:b3:47:8d:e8:f2:e9:a1:5f: bb:27:3b:09:6a:82:a9:28:d2:a1:fa:44:9f:96:65:a1:de:6c: da:c4:f5:99:c8:b3:ad:a4:0d:63:ef:09:c2:bc:bb:54:c7:8c: 8a:53:c4:e4:af:76:ac:61:a3:a9:51:b8:08:34:e5:37:50:1c: c0:58:3d:ea:50:e4:6c:8c:57:fb:c8:45:40:6d:ed:0c:a5:15: a3:43:59:61 -----BEGIN CERTIFICATE----- MIIDsjCCApqgAwIBAgIKMTQ5MDY4NTkzNTANBgkqhkiG9w0BAQsFADB+MRgwFgYD VQQDDA9Qcm9kdWN0IFJvb3QgQ0ExCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUYXhh czEQMA4GA1UEBwwHSG91c3RvbjEhMB8GA1UECgwYQW1jcmVzdCBUZWNobm9sb2dp ZXMgTExDMRAwDgYDVQQLDAdBbWNyZXN0MB4XDTE3MDMyNzA3MjUzNVoXDTIxMDMy NzA3MjUzNVowfjEYMBYGA1UEAwwPUHJvZHVjdCBSb290IENBMQswCQYDVQQGEwJV UzEOMAwGA1UECAwFVGF4YXMxEDAOBgNVBAcMB0hvdXN0b24xITAfBgNVBAoMGEFt Y3Jlc3QgVGVjaG5vbG9naWVzIExMQzEQMA4GA1UECwwHQW1jcmVzdDCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJkmUdRsHYgozZrvffByN1qaElhKJj/t SlFeNXEYMv2HBQwGo20lIDzBQsKTTXUACQ1cN8xlW8qzgUuU1u/O/KZSqgcCyIks a/OoFxWE716mw++yzCTfjk9nJN91h7pg8YoFXS6/fYnVxH4FjwKAa87F9bcVD+zX v4rEjJebpHlH0z56ob1dopoqQSWy2wHXqG1SHhA3gE2QO7GzMXM3sk5IhAgBTPFY scYCBoWImEPQ8cbR82d/N3tmE7xBIm/1E337j5Ly25AyPyH8qEGUpMysJ9AxCFbq FzBbuL+D0ZK27k/Ap06APhIk6WdWo3x/wh2dfT7bZCKcQb2d5jTdpmUCAwEAAaMy MDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUrS2Xfx/+CXenlv4S5zzGtMH8 7L8wDQYJKoZIhvcNAQELBQADggEBAI1y+jcUZJvY8gTThz0KS907wbgGACQn202L IC67uGiZBnMGRdhQSEkScQRnZjqzeG/ZWfGA+5eP4OtYAqpDzjf5CdBKguJh5Bm8 LrOPE4fzMD/rTQdad6X1BVrIDsG3aMOo8Sp1IenSAnTlxMjw5iOSn+utrPTUMqTr EP5JkPOF8wAHpCuVwtQCwiFCqtWmY2gUoQINH/drqktsCWOXN4QKr5am0qD3SIpQ rAuzR43o8umhX7snOwlqgqko0qH6RJ+WZaHebNrE9ZnIs62kDWPvCcK8u1THjIpT xOSvdqxho6lRuAg05TdQHMBYPepQ5GyMV/vIRUBt7QylFaNDWWE= -----END CERTIFICATE----- openssl x509 -in cacert.pem -text Certificate: Data: Version: 3 (0x2) Serial Number: 31:34:39:30:36:38:35:39:33:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=Product Root CA, C=US, ST=Taxas, L=Houston, O=Amcrest Technologies LLC, OU=Amcrest Validity Not Before: Mar 27 07:25:35 2017 GMT Not After : Mar 27 07:25:35 2021 GMT Subject: CN=Product Root CA, C=US, ST=Taxas, L=Houston, O=Amcrest Technologies LLC, OU=Amcrest Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:99:26:51:d4:6c:1d:88:28:cd:9a:ef:7d:f0:72: 37:5a:9a:12:58:4a:26:3f:ed:4a:51:5e:35:71:18: 32:fd:87:05:0c:06:a3:6d:25:20:3c:c1:42:c2:93: 4d:75:00:09:0d:5c:37:cc:65:5b:ca:b3:81:4b:94: d6:ef:ce:fc:a6:52:aa:07:02:c8:89:2c:6b:f3:a8: 17:15:84:ef:5e:a6:c3:ef:b2:cc:24:df:8e:4f:67: 24:df:75:87:ba:60:f1:8a:05:5d:2e:bf:7d:89:d5: c4:7e:05:8f:02:80:6b:ce:c5:f5:b7:15:0f:ec:d7: bf:8a:c4:8c:97:9b:a4:79:47:d3:3e:7a:a1:bd:5d: a2:9a:2a:41:25:b2:db:01:d7:a8:6d:52:1e:10:37: 80:4d:90:3b:b1:b3:31:73:37:b2:4e:48:84:08:01: 4c:f1:58:b1:c6:02:06:85:88:98:43:d0:f1:c6:d1: f3:67:7f:37:7b:66:13:bc:41:22:6f:f5:13:7d:fb: 8f:92:f2:db:90:32:3f:21:fc:a8:41:94:a4:cc:ac: 27:d0:31:08:56:ea:17:30:5b:b8:bf:83:d1:92:b6: ee:4f:c0:a7:4e:80:3e:12:24:e9:67:56:a3:7c:7f: c2:1d:9d:7d:3e:db:64:22:9c:41:bd:9d:e6:34:dd: a6:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AD:2D:97:7F:1F:FE:09:77:A7:96:FE:12:E7:3C:C6:B4:C1:FC:EC:BF Signature Algorithm: sha256WithRSAEncryption 8d:72:fa:37:14:64:9b:d8:f2:04:d3:87:3d:0a:4b:dd:3b:c1: b8:06:00:24:27:db:4d:8b:20:2e:bb:b8:68:99:06:73:06:45: d8:50:48:49:12:71:04:67:66:3a:b3:78:6f:d9:59:f1:80:fb: 97:8f:e0:eb:58:02:aa:43:ce:37:f9:09:d0:4a:82:e2:61:e4: 19:bc:2e:b3:8f:13:87:f3:30:3f:eb:4d:07:5a:77:a5:f5:05: 5a:c8:0e:c1:b7:68:c3:a8:f1:2a:75:21:e9:d2:02:74:e5:c4: c8:f0:e6:23:92:9f:eb:ad:ac:f4:d4:32:a4:eb:10:fe:49:90: f3:85:f3:00:07:a4:2b:95:c2:d4:02:c2:21:42:aa:d5:a6:63: 68:14:a1:02:0d:1f:f7:6b:aa:4b:6c:09:63:97:37:84:0a:af: 96:a6:d2:a0:f7:48:8a:50:ac:0b:b3:47:8d:e8:f2:e9:a1:5f: bb:27:3b:09:6a:82:a9:28:d2:a1:fa:44:9f:96:65:a1:de:6c: da:c4:f5:99:c8:b3:ad:a4:0d:63:ef:09:c2:bc:bb:54:c7:8c: 8a:53:c4:e4:af:76:ac:61:a3:a9:51:b8:08:34:e5:37:50:1c: c0:58:3d:ea:50:e4:6c:8c:57:fb:c8:45:40:6d:ed:0c:a5:15: a3:43:59:61 -----BEGIN CERTIFICATE----- MIIDsjCCApqgAwIBAgIKMTQ5MDY4NTkzNTANBgkqhkiG9w0BAQsFADB+MRgwFgYD VQQDDA9Qcm9kdWN0IFJvb3QgQ0ExCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUYXhh czEQMA4GA1UEBwwHSG91c3RvbjEhMB8GA1UECgwYQW1jcmVzdCBUZWNobm9sb2dp ZXMgTExDMRAwDgYDVQQLDAdBbWNyZXN0MB4XDTE3MDMyNzA3MjUzNVoXDTIxMDMy NzA3MjUzNVowfjEYMBYGA1UEAwwPUHJvZHVjdCBSb290IENBMQswCQYDVQQGEwJV UzEOMAwGA1UECAwFVGF4YXMxEDAOBgNVBAcMB0hvdXN0b24xITAfBgNVBAoMGEFt Y3Jlc3QgVGVjaG5vbG9naWVzIExMQzEQMA4GA1UECwwHQW1jcmVzdDCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJkmUdRsHYgozZrvffByN1qaElhKJj/t SlFeNXEYMv2HBQwGo20lIDzBQsKTTXUACQ1cN8xlW8qzgUuU1u/O/KZSqgcCyIks a/OoFxWE716mw++yzCTfjk9nJN91h7pg8YoFXS6/fYnVxH4FjwKAa87F9bcVD+zX v4rEjJebpHlH0z56ob1dopoqQSWy2wHXqG1SHhA3gE2QO7GzMXM3sk5IhAgBTPFY scYCBoWImEPQ8cbR82d/N3tmE7xBIm/1E337j5Ly25AyPyH8qEGUpMysJ9AxCFbq FzBbuL+D0ZK27k/Ap06APhIk6WdWo3x/wh2dfT7bZCKcQb2d5jTdpmUCAwEAAaMy MDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUrS2Xfx/+CXenlv4S5zzGtMH8 7L8wDQYJKoZIhvcNAQELBQADggEBAI1y+jcUZJvY8gTThz0KS907wbgGACQn202L IC67uGiZBnMGRdhQSEkScQRnZjqzeG/ZWfGA+5eP4OtYAqpDzjf5CdBKguJh5Bm8 LrOPE4fzMD/rTQdad6X1BVrIDsG3aMOo8Sp1IenSAnTlxMjw5iOSn+utrPTUMqTr EP5JkPOF8wAHpCuVwtQCwiFCqtWmY2gUoQINH/drqktsCWOXN4QKr5am0qD3SIpQ rAuzR43o8umhX7snOwlqgqko0qH6RJ+WZaHebNrE9ZnIs62kDWPvCcK8u1THjIpT xOSvdqxho6lRuAg05TdQHMBYPepQ5GyMV/vIRUBt7QylFaNDWWE= -----END CERTIFICATE----- as well as _Amcrest_IPC-HX1X3X-LEXUS_Eng_N_AMCREST_V2.420.AC01.3.R.20180206.bin.extracted/_user-x.squashfs.img.extracted/squashfs-root/bin/amcssl openssl x509 -in cacert.pem -text Certificate: Data: Version: 3 (0x2) Serial Number: 925100063 (0x3723e81f) Signature Algorithm: sha256WithRSAEncryption Issuer: C=CA, ST=ON, L=Ottawa, O=Camcloud, OU=Camcloud, CN=Dan Burkett Validity Not Before: Apr 2 12:44:49 2015 GMT Not After : Aug 18 12:44:49 2042 GMT Subject: C=CA, ST=ON, L=Ottawa, O=Camcloud, OU=Camcloud, CN=Dan Burkett Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:ff:73:6c:6c:e1:de:b4:7d:a8:13:cf:66:3a:36: 22:30:11:f1:c4:44:33:68:b0:15:b0:0c:5a:41:10: 17:48:40:66:5d:db:d0:9e:5e:c9:85:ae:87:18:63: 40:2b:ad:d6:64:92:1c:23:99:fb:82:70:84:c1:cd: 6a:98:8a:0a:6e:de:9c:c8:34:97:c3:f6:95:51:42: 29:1f:2e:c5:92:9f:7e:f3:d8:7d:60:3b:ef:d3:3f: 34:3a:06:a5:9f:86:16:c3:ae:9b:6d:76:a3:dc:91: 84:e1:57:aa:ee:73:69:0b:6b:e6:65:72:1b:30:9b: dd:86:0b:78:c0:81:55:e3:53:4b:5f:ef:8c:2e:ac: c0:d7:b6:ea:5e:10:05:6a:bd:63:e7:53:5b:64:b6: 15:36:b5:08:8f:40:4f:aa:08:59:51:76:b5:73:a7: 0e:8e:f6:bf:a1:50:83:1d:4f:66:2a:77:ef:63:04: 56:c0:d9:ce:0d:18:c9:24:9c:43:11:8a:c1:95:27: 6e:bc:72:7c:ce:d0:d0:85:da:13:8c:fd:cc:56:a0: 45:82:5a:d3:c3:2f:cf:38:c1:b9:7a:1d:9b:2f:6a: cf:6d:b8:c7:e3:b0:03:24:56:81:01:84:21:32:9c: f6:11:6f:8e:47:2e:9c:5a:a8:b5:83:e6:bc:12:90: 80:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:D4:87:CC:D7:70:3B:64:FF:6E:AE:C4:B1:37:3E:0C:1A:86:0B:CF Signature Algorithm: sha256WithRSAEncryption da:9e:50:c8:2d:f0:f5:3b:f6:71:75:bd:e5:e2:8d:f3:30:3e: ed:88:91:d7:7b:55:9f:24:7b:de:7b:49:14:28:23:9f:de:fe: 1f:60:fb:68:a3:25:92:e5:e8:f5:e9:5b:06:58:24:ea:70:4f: 7d:2a:d7:86:46:c8:5e:95:13:65:66:e8:51:54:8e:b9:bc:de: 92:82:39:1e:f7:d1:95:58:03:7b:3d:1b:e7:29:9c:03:4c:d2: 2a:5c:63:9d:9f:5f:b2:58:92:40:b2:aa:c2:94:fd:10:4c:4f: c2:19:1b:34:c1:8e:3c:14:be:3f:f3:be:2c:f6:5e:04:bf:f8: 13:b5:aa:e0:05:e5:a7:2f:c6:36:1c:bf:c1:d7:34:70:86:bc: 86:b5:ca:d1:b4:85:03:af:74:8b:ae:79:ad:94:63:27:17:99: 53:5c:6e:35:92:90:82:dd:80:c6:a0:c8:ba:f7:08:3c:5c:46: 7f:8c:b7:6f:7a:e6:66:91:86:89:0b:29:28:1c:79:3e:66:8e: 7c:6a:3f:e1:b5:5e:56:06:ac:8e:7d:6a:fb:91:94:46:b9:1d: 31:0f:a0:35:67:9f:70:c1:f7:ab:8b:4a:88:f3:20:10:10:e1: e2:da:4c:db:3f:50:d7:dd:9e:27:bf:9a:b2:4c:7d:4c:6c:56: 7d:8a:76:54 -----BEGIN CERTIFICATE----- MIIDbTCCAlWgAwIBAgIENyPoHzANBgkqhkiG9w0BAQsFADBnMQswCQYDVQQGEwJD QTELMAkGA1UECBMCT04xDzANBgNVBAcTBk90dGF3YTERMA8GA1UEChMIQ2FtY2xv dWQxETAPBgNVBAsTCENhbWNsb3VkMRQwEgYDVQQDEwtEYW4gQnVya2V0dDAeFw0x NTA0MDIxMjQ0NDlaFw00MjA4MTgxMjQ0NDlaMGcxCzAJBgNVBAYTAkNBMQswCQYD VQQIEwJPTjEPMA0GA1UEBxMGT3R0YXdhMREwDwYDVQQKEwhDYW1jbG91ZDERMA8G A1UECxMIQ2FtY2xvdWQxFDASBgNVBAMTC0RhbiBCdXJrZXR0MIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/3NsbOHetH2oE89mOjYiMBHxxEQzaLAVsAxa QRAXSEBmXdvQnl7Jha6HGGNAK63WZJIcI5n7gnCEwc1qmIoKbt6cyDSXw/aVUUIp Hy7Fkp9+89h9YDvv0z80Ogaln4YWw66bbXaj3JGE4Veq7nNpC2vmZXIbMJvdhgt4 wIFV41NLX++MLqzA17bqXhAFar1j51NbZLYVNrUIj0BPqghZUXa1c6cOjva/oVCD HU9mKnfvYwRWwNnODRjJJJxDEYrBlSduvHJ8ztDQhdoTjP3MVqBFglrTwy/POMG5 eh2bL2rPbbjH47ADJFaBAYQhMpz2EW+ORy6cWqi1g+a8EpCAeQIDAQABoyEwHzAd BgNVHQ4EFgQUqdSHzNdwO2T/bq7EsTc+DBqGC88wDQYJKoZIhvcNAQELBQADggEB ANqeUMgt8PU79nF1veXijfMwPu2Ikdd7VZ8ke957SRQoI5/e/h9g+2ijJZLl6PXp WwZYJOpwT30q14ZGyF6VE2Vm6FFUjrm83pKCOR730ZVYA3s9G+cpnANM0ipcY52f X7JYkkCyqsKU/RBMT8IZGzTBjjwUvj/zviz2XgS/+BO1quAF5acvxjYcv8HXNHCG vIa1ytG0hQOvdIuuea2UYycXmVNcbjWSkILdgMagyLr3CDxcRn+Mt2965maRhokL KSgceT5mjnxqP+G1XlYGrI59avuRlEa5HTEPoDVnn3DB96uLSojzIBAQ4eLaTNs/ UNfdnie/mrJMfUxsVn2KdlQ= -----END CERTIFICATE----- openssl x509 -in cacert.pem -text Certificate: Data: Version: 3 (0x2) Serial Number: 925100063 (0x3723e81f) Signature Algorithm: sha256WithRSAEncryption Issuer: C=CA, ST=ON, L=Ottawa, O=Camcloud, OU=Camcloud, CN=Dan Burkett Validity Not Before: Apr 2 12:44:49 2015 GMT Not After : Aug 18 12:44:49 2042 GMT Subject: C=CA, ST=ON, L=Ottawa, O=Camcloud, OU=Camcloud, CN=Dan Burkett Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:ff:73:6c:6c:e1:de:b4:7d:a8:13:cf:66:3a:36: 22:30:11:f1:c4:44:33:68:b0:15:b0:0c:5a:41:10: 17:48:40:66:5d:db:d0:9e:5e:c9:85:ae:87:18:63: 40:2b:ad:d6:64:92:1c:23:99:fb:82:70:84:c1:cd: 6a:98:8a:0a:6e:de:9c:c8:34:97:c3:f6:95:51:42: 29:1f:2e:c5:92:9f:7e:f3:d8:7d:60:3b:ef:d3:3f: 34:3a:06:a5:9f:86:16:c3:ae:9b:6d:76:a3:dc:91: 84:e1:57:aa:ee:73:69:0b:6b:e6:65:72:1b:30:9b: dd:86:0b:78:c0:81:55:e3:53:4b:5f:ef:8c:2e:ac: c0:d7:b6:ea:5e:10:05:6a:bd:63:e7:53:5b:64:b6: 15:36:b5:08:8f:40:4f:aa:08:59:51:76:b5:73:a7: 0e:8e:f6:bf:a1:50:83:1d:4f:66:2a:77:ef:63:04: 56:c0:d9:ce:0d:18:c9:24:9c:43:11:8a:c1:95:27: 6e:bc:72:7c:ce:d0:d0:85:da:13:8c:fd:cc:56:a0: 45:82:5a:d3:c3:2f:cf:38:c1:b9:7a:1d:9b:2f:6a: cf:6d:b8:c7:e3:b0:03:24:56:81:01:84:21:32:9c: f6:11:6f:8e:47:2e:9c:5a:a8:b5:83:e6:bc:12:90: 80:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:D4:87:CC:D7:70:3B:64:FF:6E:AE:C4:B1:37:3E:0C:1A:86:0B:CF Signature Algorithm: sha256WithRSAEncryption da:9e:50:c8:2d:f0:f5:3b:f6:71:75:bd:e5:e2:8d:f3:30:3e: ed:88:91:d7:7b:55:9f:24:7b:de:7b:49:14:28:23:9f:de:fe: 1f:60:fb:68:a3:25:92:e5:e8:f5:e9:5b:06:58:24:ea:70:4f: 7d:2a:d7:86:46:c8:5e:95:13:65:66:e8:51:54:8e:b9:bc:de: 92:82:39:1e:f7:d1:95:58:03:7b:3d:1b:e7:29:9c:03:4c:d2: 2a:5c:63:9d:9f:5f:b2:58:92:40:b2:aa:c2:94:fd:10:4c:4f: c2:19:1b:34:c1:8e:3c:14:be:3f:f3:be:2c:f6:5e:04:bf:f8: 13:b5:aa:e0:05:e5:a7:2f:c6:36:1c:bf:c1:d7:34:70:86:bc: 86:b5:ca:d1:b4:85:03:af:74:8b:ae:79:ad:94:63:27:17:99: 53:5c:6e:35:92:90:82:dd:80:c6:a0:c8:ba:f7:08:3c:5c:46: 7f:8c:b7:6f:7a:e6:66:91:86:89:0b:29:28:1c:79:3e:66:8e: 7c:6a:3f:e1:b5:5e:56:06:ac:8e:7d:6a:fb:91:94:46:b9:1d: 31:0f:a0:35:67:9f:70:c1:f7:ab:8b:4a:88:f3:20:10:10:e1: e2:da:4c:db:3f:50:d7:dd:9e:27:bf:9a:b2:4c:7d:4c:6c:56: 7d:8a:76:54 -----BEGIN CERTIFICATE----- MIIDbTCCAlWgAwIBAgIENyPoHzANBgkqhkiG9w0BAQsFADBnMQswCQYDVQQGEwJD QTELMAkGA1UECBMCT04xDzANBgNVBAcTBk90dGF3YTERMA8GA1UEChMIQ2FtY2xv dWQxETAPBgNVBAsTCENhbWNsb3VkMRQwEgYDVQQDEwtEYW4gQnVya2V0dDAeFw0x NTA0MDIxMjQ0NDlaFw00MjA4MTgxMjQ0NDlaMGcxCzAJBgNVBAYTAkNBMQswCQYD VQQIEwJPTjEPMA0GA1UEBxMGT3R0YXdhMREwDwYDVQQKEwhDYW1jbG91ZDERMA8G A1UECxMIQ2FtY2xvdWQxFDASBgNVBAMTC0RhbiBCdXJrZXR0MIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/3NsbOHetH2oE89mOjYiMBHxxEQzaLAVsAxa QRAXSEBmXdvQnl7Jha6HGGNAK63WZJIcI5n7gnCEwc1qmIoKbt6cyDSXw/aVUUIp Hy7Fkp9+89h9YDvv0z80Ogaln4YWw66bbXaj3JGE4Veq7nNpC2vmZXIbMJvdhgt4 wIFV41NLX++MLqzA17bqXhAFar1j51NbZLYVNrUIj0BPqghZUXa1c6cOjva/oVCD HU9mKnfvYwRWwNnODRjJJJxDEYrBlSduvHJ8ztDQhdoTjP3MVqBFglrTwy/POMG5 eh2bL2rPbbjH47ADJFaBAYQhMpz2EW+ORy6cWqi1g+a8EpCAeQIDAQABoyEwHzAd BgNVHQ4EFgQUqdSHzNdwO2T/bq7EsTc+DBqGC88wDQYJKoZIhvcNAQELBQADggEB ANqeUMgt8PU79nF1veXijfMwPu2Ikdd7VZ8ke957SRQoI5/e/h9g+2ijJZLl6PXp WwZYJOpwT30q14ZGyF6VE2Vm6FFUjrm83pKCOR730ZVYA3s9G+cpnANM0ipcY52f X7JYkkCyqsKU/RBMT8IZGzTBjjwUvj/zviz2XgS/+BO1quAF5acvxjYcv8HXNHCG vIa1ytG0hQOvdIuuea2UYycXmVNcbjWSkILdgMagyLr3CDxcRn+Mt2965maRhokL KSgceT5mjnxqP+G1XlYGrI59avuRlEa5HTEPoDVnn3DB96uLSojzIBAQ4eLaTNs/ UNfdnie/mrJMfUxsVn2KdlQ= -----END CERTIFICATE----- To reproduce, download a firmware image from https://amcrest.com/firmwaredownloads One will find a .bin file. Install binwalk. Run binwalk -Me amcrestfirmware.bin navigate to _user-x.squashfs.img.extracted/squashfs-root/bin/ssl/ and _user-x.squashfs.img.extracted/squashfs-root/bin/amcssl/

Impressum