Superior RTSP Digital camera Discovery and Vulnerability Evaluation Instrument

April 27, 2025

7

Camtruder is a high-efficiency RTSP digital camera discovery and vulnerability evaluation software written in Go. It effectively scans and identifies susceptible RTSP cameras throughout networks utilizing varied authentication strategies and path mixtures, with assist for each focused and internet-wide scanning capabilities.

🌟 Key Options

Superior Scanning Capabilities

Single IP focusing on

CIDR vary scanning

File-based goal lists

Pipe enter assist

Web-wide scanning with customizable limits

Clever port discovery

Location-based search utilizing RIPE database

Uncooked CIDR output for integration with different instruments

Screenshot Functionality
Seize screenshots of found cameras
Automated saving of JPEG photos
Requires ffmpeg set up
Configurable output listing
Location-Based mostly Search
Search by metropolis or nation identify
RIPE database integration
Detailed output with netnames and IP ranges
CIDR notation assist
Uncooked output mode for scripting
Complete Authentication Testing
Constructed-in frequent credential database
Customized username/password checklist assist
File-based credential enter
A number of authentication format dealing with
Credential validation system
Sensible Path Discovery
In depth default path database
Vendor-specific path detection
Dynamic path era
Automated path validation
Excessive Efficiency Structure
Multi-threaded scanning engine
Configurable connection timeouts
Environment friendly useful resource administration
Sensible retry mechanisms
Parallel connection dealing with
Superior Output & Evaluation
Actual-time console suggestions
Detailed logging system
Digital camera fingerprinting
Vendor detection
Stream functionality evaluation
A number of output codecs (verbose, uncooked)

📋 Necessities

Go 1.19 or increased
ffmpeg (required for screenshot performance)
Web connection
Root/Administrator privileges (for sure scanning modes)
Enough system assets for large-scale scans

🔧 Set up

Utilizing go set up (beneficial)

go set up github.com/ALW1EZ/[email protected]

From supply

git clone https://github.com/ALW1EZ/camtruder.git
cd camtruder
go construct

🚀 Utilization

Fundamental Instructions

# Scan a single IP
./camtruder -t 192.168.1.100# Scan a community vary
./camtruder -t 192.168.1.0/24
# Search by location with detailed output
./camtruder -t london -s
> [ NET-ISP ] [ 192.168.1.0/24 ] [256]
# Get uncooked CIDR ranges for location
./camtruder -t london -ss
> 192.168.1.0/24
# Scan a number of IPs from file
./camtruder -t targets.txt
# Take screenshots of found cameras
./camtruder -t 192.168.1.0/24 -m screenshots
# Pipe from port scanners
naabu -host 192.168.1.0/24 -p 554 | camtruder
masscan 192.168.1.0/24 -p554 --rate 1000 | awk '{print $6}' | camtruder
zmap -p554 192.168.0.0/16 | camtruder
# Web scan (scan until 100 hits)
./camtruder -t 100

Superior Choices

# Customized credentials with elevated threads
./camtruder -t 192.168.1.0/24 -u admin,root -p pass123,admin123 -w 50# Location search with uncooked output piped to zmap
./camtruder -t berlin -ss | whereas learn vary; do zmap -p 554 $vary; accomplished
# Save outcomes to file (as full url, you should use mpv --playlist=outcomes.txt to observe the streams)
./camtruder -t istanbul -o outcomes.txt
# Web scan with restrict of fifty employees and verbose output
./camtruder -t 100 -w 50 -v

🛠️ Command Line Choices

Choice	Description	Default
`-t`	Goal IP, CIDR vary, location, or file	Required
`-u`	Customized username(s)	Constructed-in checklist
`-p`	Customized password(s)	Constructed-in checklist
`-w`	Variety of threads	20
`-to`	Connection timeout (seconds)	5
`-o`	Output file path	None
`-v`	Verbose output	False
`-s`	Search solely – reveals ranges with netnames	False
`-ss`	Uncooked IP vary output – solely CIDR ranges	False
`-po`	RTSP port	554
`-m`	Listing to avoid wasting screenshots (requires ffmpeg)	None

📊 Output Codecs

Normal Search Output (-s)

[ TR-NET-ISP ] [ 193.3.52.0/24 ] [256]
[ EXAMPLE-ISP ] [ 212.175.100.136/29 ] [8]

Uncooked CIDR Output (-ss)

193.3.52.0/24
212.175.100.136/29

Scan Outcomes

╭─ Discovered susceptible digital camera [Hikvision, H264, 30fps]
├ Host      : 192.168.1.100:554
├ Geo       : United States/California/Berkeley
├ Auth      : admin:12345
├ Path      : /Streaming/Channels/1
╰ URL       : rtsp://admin:[email protected]:554/Streaming/Channels/1

⚠️ Disclaimer

This software is meant for safety analysis and licensed testing solely. Customers are answerable for guaranteeing they’ve permission to scan goal programs and adjust to all relevant legal guidelines and rules.

📝 License

This venture is licensed underneath the MIT License – see the LICENSE file for particulars.

🙏 Acknowledgments

Due to all contributors and the safety analysis neighborhood
Particular due to the Go RTSP library maintainers
Impressed by varied open-source safety instruments

📬 Contact

Made by @ALW1EZ