CameraObscura - IP Cam Honeypot
IP Cameras are often misused for wide range malware campaigns. The purpose of this project is to fake a IP Camera with the common features, such as camera stream, login or firmware upload to protocolize actions done by botnets.
This project is currently under development. Most of the features are not implemented yet.
For God's sake, don't deploy this to productive environments. It's an honeypot which also could be exploited.
- Fake Camera Endpoint (for HTTP
POST/GETetc.)- Fake camera stream
- JSON configurable Routes to simulate logins or upload of new firmware according to the specifications of the manufacturers
- Configurable headers to simulate a vulnerable webserver
- Web Interface
- Semi-Fake Web UI
- Clone existing to simulate running vulnerable IP-Cams
- Logging
- JSON
- Log (text)
- SQL
- Payload dump (e. g. on fake firmware upload or
POSTwithfile)
- Fake other services (like RTSP)
- RTSP
- SSH/ Telnet (using cowrie)
- Configuration
- Company Logos (via config/templates)
- Service/ Port redirect
- Routes
- Deployment/ Analysis/ Usage
- CLI Commands (like
startorrestart) - Docker Image
- Splunk/ ELK Usage
- Upgrade process
- CLI Commands (like
Python3
- Don't run the honeypot as root
- Don't run the honeypot on a productive environment
- Use a dedicated, isolated environment (like
qemu,lxd,lxcordocker) - It's still in development :)
MPL-2.0