Tv hacker: I'll write code to hack their security cameras

2 seconds later

Tv hacker: I'm in

Me: go fuck yourself you fucking fuck

Another story on the spirit of wk93. TL;DR I DOS'd the whole campus network for some beers.

In highschool teachers had this blackboard system (a sort of moodle) and we used to have really lazy teachers who only read the PowerPoint presentations and made us take notes. One day I was fed up with their bullshit and figured these lazy ass professors wouldn't "teach" crap as soon as there was no internet connection...so the race was on...

10 minutes before the bell rang a friend and I managed to break in into a computer lab, I booted up Kali and searched for the access points, 3 routers through the building all with CISCO OS.

I figured they had all the default configs, time was running out so I decided to Smurf the three access points with the lab's IP range, scheduled an automatic shutdown in 2 hours and blocked the PC. The bell rang and as predicted, no internet, no class, my friends and I used that free time to go to a bar (on a Monday afternoon).

Funny side note, since the 3 routers were down the whole network collapsed, no cameras, no access control, no faculty network or any network. We kept doing it and every time we did campus security would be desperately searching for someone with a black hoodie.

My parents told everyone at church that I have a computer science degree. I got asked to install security cameras 5 minutes after. Cool :/

I work in an unrelated field, and code in my spare time as I'm just starting out. Have to pay tbe bills somehow, amirite?

So my boss has installed cameras "for security", and uses them to monitor staff on a regular basis. A couple months ago he pulled me aside with a piece of paper. My "second written warning" (next step prior to dismissal) however I haven't received any other disciplinary action.

The warning contained 10 points, all of which made reference to observances over the damn cameras.

Please keep in mind -- I have been an overachieving empleyee for over 5 years, and friends with the bosses the whole time. My boss was in my wedding party.

So my office is located in the oldest part of the hospital I work at. Weird shit happens here, especially at night. Currently working on configuring our security cameras, stand by for triply shit.

I arrived at 8am sharp today, SHARP, I usually arrive 2-3min earlier, so I can start with my actual work at 8am sharp, but traffic was rough and my scooter wouldn't turn on, so I wasn't able to.
Suddenly my boss calls me into his office, being all like "you are late everyday, you won't start work until 5 after 8 yadayada". Wtf?? You know I have a clock on my desk and I always check the clock when I'm arriving at work? (He has security cameras everywhere, so he can actually see me check the clock every morning). This morning I arrived at 8am sharp and the only reason why I started with work late is because he thought it's necessary to remind me to be at work in time. Now he expects me to start with work 5min early everyday, fuck off!

In the before time (late 90s) I worked for a company that worked for a company that worked for a company that provided software engineering services for NRC regulatory compliance. Fallout radius simulation, security access and checks, operational reporting, that sort of thing. Given that, I spent a lot of time around/at/in nuclear reactors.

One day, we're working on this system that uses RFID (before it was cool) and various physical sensors to do a few things, one of which is to determine if people exist at the intersection of hazardous particles, gasses, etc.

This also happens to be a system which, at that moment, is reporting hazardous conditions and people at the top of the outer containment shell. We know this is probably a red herring or faulty sensor because no one is present in the system vs the access logs and cameras, but we have to check anyways. A few building engineers climb the ladders up there and find that nothing is really visibly wrong and we have an all clear. They did not however know how to check the sensor.

Enter me, the only person from our firm on site that day. So in the next few minutes I am also in a monkey suit (bc protocol), climbing a 150 foot ladder that leads to another 150 foot ladder, all 110lbs of me + a 30lb diag "laptop" slung over my shoulder by a strap. At the top, I walk about a quarter of the way out, open the casing on the sensor module and find that someone had hooked up the line feed, but not the activity connection wire so it was sending a false signal. I open the diag laptop, plug it into the unit, write a simple firmware extension to intermediate the condition, flash, reload. I verify the error has cleared and an appropriate message was sent to the diagnostic system over the radio, run through an error test cycle, radio again, close it up. Once I returned to the ground, sweating my ass off, I also send a not at all passive aggressive email letting the boss know that the next shift will need to push the update to the other 600 air-gapped, unidirectional sensors around the facility.

I wanna make you feel what you have brought into my house!!

I was working with security cameras once in a home automation project. One of those camera particularly stand out by offering a cgi without password request to view and change the current passwort and username.

Seriously wtf is wrong with you? I mean this thing automatically connects to an internet service offering everyone to connect to it with that passwort and username. And I know some of you might say "hey chill the cgi is only available on the wifi" - dammit no. Security is a lifestyle do it complete or get the fuck out. God knows what other mistakes there might be hidden in that thing screaming out to everyone to watch me taking a shit.

But that's not the end of it. My company arranged a call to the technical support of that camera so that I can explain the problem and a patch gets released. Those guys didn't give a shit about it and were even laughing at me. Fuck you!

So whoever is responsible - I will find you - and you will never see me coming.

Because of some theft this year and even though we already have security cameras, my apartment building decided to check the front door locks so it's more secure.

This key looks very high tech... Only issue though is I never use the key anyway... I just entered the door code...

So what is the point of changing the locks? I'm going to guess whoever is stealing isn't picking the lock... People would notice... They must know the code.

Also it seems most of the apartment locks are digital key card/pins too. Wondering if this just means most owners are young or just are techies/devs...

At a previous job I bumped heads with the IT person a lot because he would spread misinformation about technology so the owners would never replace him. This was conversation with the VP:

VP: Hey I just got a new security setup at my house and I can monitor everything with my phone.
Me: That's cool.
VP: I'm rethinking it because [IT guy] said it was very dangerous to have, what do you think?
Me: ....? What did he say was dangerous about it?
VP: He said hackers could then gain access to cameras and plan the perfect time to rob me since it's in the cloud.
Me: I seriously doubt anyone is planning an Ocean's 11 heist to steal your TV.
VP: Yea I thought it sounded weird when he told me.

FUCKING CHINESE SUPOSED IP CAMERAS...
First, they aren't Ip cameras, they are p2p cameras with different settings and more limited...
then took me 3 days to open 5 ports for 2 cameras, config the cameras, till they work.
YEY they finally work, can see them over the Internet (no default settings, even changed the Alias), have my Ip camera viewer on the Phone... but one doesn't activate on moviment.. in this 3 days only took 2 pictures with motion detection on and people passing in front of them... the other was working for like 5 minutes... giving black and white 7kb jpgs... after a few teeks... can't make it work again.
Now I have two cameras that I can see if my house is being robbed but no motion detection to warm me, or at least save some pictures on the server to serve as evidence (and maby finally get the team that is robbing one house a day, If they try to rob my house again...).
The cameras are very good as baby monitors or to play around, for 14$ and 20$... (love the 360º ball) , but as security cameras... Unless you have them connected to a security station and with a repeater close by... worthless...
Oh, and they may give me 1 good frame a second or lag to 10+seconds a frame...

So my day started well.

I come in an the DVR monitor is not working, ok lets turn it off and on, nope. Lets turn the DVR on and off, nope still nothing. Played around with the VGA cable, nope. I cant replace the cable because its hard wired into the monitor....

I grab the spare screen next to me and connect it all up and it works!

Boss tells me to throw "broken" monitor out, I say I want to test it just to make sure, connect it all up to my pc and now it fucking works!

There are days I hate technology....

Just spent three and a half hours reconfiguring security cameras and troubleshooting over and over why the fuck internal and external weren’t reachable...

I failed to realize the DDNS was handing out the IP of 127.0.0.1 and 3.0.0.0 because nothing fucking stated that up until I found a small text link to the camera’s DDNS registration page... logged in with the customers info and low and behold the mother fucker was handing stupid shit out.

I hate that I overlook the simplest shit when I’m stressed and in a rush...

I need to learn to take deep breaths, but fuck that... I want to blow shit up.

I know I'm a bit late with this, but I thought I'd share it anyway.
A few years ago me and my friend were messing around in computer class and I decided to look at the network devices.
I couldn't believe, what I saw. All of the school security cameras were there, and the best part: when I connected to their ip addresses, they were just showing the live feed, no password or anything.
I didn't really do anything with it since I couldn't think of any great ideas and it has since been fixed.
Technically not hacking but still somewhat related.

Let's see:

No archival of data on a database server with over 5000 high profile customers using no encryption whatsoever with telnet open on LAN, every user on the same account in the office using the companies name as the password... But hey there are security cameras!

Do people use DVR and NVR for bitcoin mining since security cameras are easy to hack into?

So first week working as tech support for security cameras. I realize that there are some people who will make you hate your job.

My company inherited a video conference tool called Video Butler (with Zoom) from our parent. I personally have never used it, seems more a tool that's wired in and only used by execs and parent company, regardless it annoys the shit out of me. You can be in a room and all of a sudden the room switches to video conference mode with no input from those in the room. I have seen video conferences where people are chatting over room speakers to an empty room, or in a really weird situation where 2 empty rooms are connected and sending a video feed to each other. Guess the ghosts needed a conference or something. I get that things happen and managers have a lot of meetings so it's easy to lose track of details, but I genuinely don't get why any system would just connect rooms without allowing the rooms a say. The only security we have to detect it would be that our cameras move for streaming, not that anyone would notice based on past experience.

!rant
My dad wants to add security cameras in our home. I kind of want to go ahead and add cool stuff(like automation or something) to our house using this opportunity.
What I am thinking of right now is salvaging an old desktop with an Nvidia GPU to add face recognition and motion detection to the mix. I am also thinking I could get an Alexa echo dot or something similar and hook everything up. Another idea is using owncloud to create my own cloud.
What do you guys think? Any ideas or suggestions? Maybe a cheaper way to do stuff?