Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/miiden/eyespy

EyeSpy is a PowerShell tool for finding IP Cameras and spraying credentials at the underlying RTSP streams if present.
https://github.com/miiden/eyespy

blue-team-tool camera educational-project internal ip-cameras osint penetration-testing pentesting pentesting-tools pentesting-windows powershell powershell-script red-team red-team-tools surveillance

Last synced: 6 days ago
JSON representation

EyeSpy is a PowerShell tool for finding IP Cameras and spraying credentials at the underlying RTSP streams if present.

Host: GitHub
URL: https://github.com/miiden/eyespy
Owner: Miiden
License: mit
Created: 2024-02-29T19:02:33.000Z (11 months ago)
Default Branch: main
Last Pushed: 2024-09-20T14:46:58.000Z (4 months ago)
Last Synced: 2025-01-08T09:09:49.236Z (13 days ago)
Topics: blue-team-tool, camera, educational-project, internal, ip-cameras, osint, penetration-testing, pentesting, pentesting-tools, pentesting-windows, powershell, powershell-script, red-team, red-team-tools, surveillance
Language: PowerShell
Homepage:
Size: 4.13 MB
Stars: 77
Watchers: 4
Forks: 9
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE.md

Awesome Lists containing this project

README

# EyeSpy

EyeSpy is a tool designed to enumerate and gain access to IP cameras via RTSP. It provides a flexible and efficient way to scan for open RTSP ports, check if authentication is required, and attempt common credential spraying attacks.

## Table of Contents

- [Introduction](#introduction)
- [Installation](#installation)
- [Usage](#usage)
- [Examples](#examples)
- [Contributing](#contributing)
- [Licence](#licence)

## Introduction

EyeSpy is developed by Miiden and utilises PowerShell to help with penetration tests and research in a Windows environment.
EyeSpy is designed to enumerate and gain access to IP cameras via RTSP. It provides a flexible and efficient way to scan for open RTSP ports, check if authentication is required, and attempt common credential spraying attacks.

https://github.com/Miiden/EyeSpy/assets/127749134/aae09bc8-4025-42d1-a79d-9090c201a48a

## Installation

There is no specific installation required for EyeSpy. Simply download the script and run it using PowerShell.
You may need to be in Bypass mode to run scripts.

```powershell
powershell -ep bypass
```

### EyeSpy OneLiner!
```powershell
IEX(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/Miiden/EyeSpy/main/EyeSpy.ps1');EyeSpy -Auto 10.10.10.0/24
```

## Usage

EyeSpy provides several command-line options to customise its behaviour:

- `-Search `: Scan a single IP or CIDR range for open RTSP ports.

- `-NoAuth `: Scan for open RTSP ports and spray for common paths. Returns any camera with no authentication required by checking common camera paths with no authentication header.

- `-AuthAttack `: Perform a password spray attack on the specified IP:PORT.

- `-AuthAttack -Path 'KnownPath'`: Perform a password spray attack on the specified IP:PORT/PATH. Assume the path is correct and does not test for "NoAuth".

- `-Auto `: Perform a fully automatic scan within a specified IP range (CIDR notation). This scan will find open ports and spray each path with combinations of common and default credentials.

- `-Timeout (10-2000)`: (Default: 200) Change the global timeout value for receiving, Increase value for things that might take a while to respond.

- `-Help`: Display the help menu, showing usage instructions and examples.

## Examples

### Search for common open RTSP ports on a single IP or across a range.
```powershell
EyeSpy -Search 192.168.0.1/24
```

### Searches for common open RTSP ports and checks common paths if authentication is required.
```powershell
EyeSpy -NoAuth 192.168.0.123
```

### Performs a password spraying attack with common credentials on a known open IP:Port
```powershell
EyeSpy -AuthAttack 192.168.0.66:8554
```

### Performs a password spraying attack with common credentials on a known open IP:Port/Path
```powershell
EyeSpy -AuthAttack 192.168.0.123:554 -Path 'MyStream'
```

### Performs all of the above automatically across a single IP or range.
```powershell
Eyespy -Auto 192.168.0.1/24
```

### Displays the Help
```powershell
Eyespy -Help
```

## TODO
- ~~Async the search function~~
- Allow for custom username(s) and password(s)
- Output results to file

## Contributing
Contributions to EyeSpy are welcome. Feel free to fork the repository, make improvements, and submit pull requests.

## Disclaimer
EyeSpy is designed for research, educational, and authorised testing scenarios. The purpose of developing and distributing EyeSpy is to provide professionals and researchers with a tool to understand and identify vulnerabilities and to bolster the security of systems. It is fundamentally imperative that users ensure they have obtained explicit, mutual consent from all involved parties before applying this tool on any system, network, or digital environment.

Engaging in unauthorised activities, including, but not limited to, accessing systems without permission, can lead to severe legal consequences. Users must be fully aware of, and adhere to, all their jurisdictional, local, state, and federal laws and regulations concerning cybersecurity and digital access.

The developers and contributors of EyeSpy expressly disclaim all liabilities and responsibilities for any unauthorised or illicit use of the tool. Additionally, they are not responsible for any consequent damages, losses, or repercussions stemming from the misuse or misapplication of EyeSpy.

## Licence
EyeSpy is licenced under the [MIT](https://github.com/Miiden/EyeSpy/blob/main/LICENSE.md) Licence.