EyeSpy: enumerate and gain access to IP cameras via RTSP

EyeSpy

EyeSpy was developed by Miiden and utilizes PowerShell to help with penetration tests and research in a Windows environment. EyeSpy is designed to enumerate and gain access to IP cameras via RTSP. It provides a flexible and efficient way to scan for open RTSP ports, check if authentication is required, and attempt common credential spraying attacks.

• -Search <IP/CIDR>: Scan a single IP or CIDR range for open RTSP ports.

• -NoAuth <IP/CIDR>: Scan for open RTSP ports and spray for common paths. Returns any camera with no authentication required by checking common camera paths with no authentication header.

• -AuthAttack <IP:PORT>: Perform a password spray attack on the specified IP:PORT.

• -AuthAttack <IP:PORT> -Path 'KnownPath': Perform a password spray attack on the specified IP:PORT/PATH. Assume the path is correct and does not test for “NoAuth”.

• -Auto <IP/CIDR>: Perform a fully automatic scan within a specified IP range (CIDR notation). This scan will find open ports and spray each path with combinations of common and default credentials.

• -Timeout (10-2000): (Default: 200) Change the global timeout value for receiving, Increase value for things that might take a while to respond.

• -Help: Display the help menu, showing usage instructions and examples.

Install

Copyright (c) 2023 Miiden