Camtruder - Advanced RTSP Camera Discovery And Vulnerability Assessment Tool
Camtruder is a high-performance RTSP camera discovery and vulnerability assessment tool written in Go. It efficiently scans and identifies vulnerable RTSP cameras across networks using various authentication methods and path combinations, with support for both targeted and internet-wide scanning capabilities.
đŸŒŸ Key Features
- Advanced Scanning Capabilities
- Single IP targeting
- CIDR range scanning
- File-based target lists
- Pipe input support
- Internet-wide scanning with customizable limits
- Intelligent port discovery
- Location-based search using RIPE database
-
Raw CIDR output for integration with other tools
-
Screenshot Capability
- Capture screenshots of discovered cameras
- Automatic saving of JPEG images
- Requires ffmpeg installation
-
Configurable output directory
-
Location-Based Search
- Search by city or country name
- RIPE database integration
- Detailed output with netnames and IP ranges
- CIDR notation support
-
Raw output mode for scripting
-
Comprehensive Authentication Testing
- Built-in common credential database
- Custom username/password list support
- File-based credential input
- Multiple authentication format handling
-
Credential validation system
-
Smart Path Discovery
- Extensive default path database
- Vendor-specific path detection
- Dynamic path generation
-
Automatic path validation
-
High Performance Architecture
- Multi-threaded scanning engine
- Configurable connection timeouts
- Efficient resource management
- Smart retry mechanisms
-
Parallel connection handling
-
Advanced Output & Analysis
- Real-time console feedback
- Detailed logging system
- Camera fingerprinting
- Vendor detection
- Stream capability analysis
- Multiple output formats (verbose, raw)
đŸ“‹ Requirements
- Go 1.19 or higher
- ffmpeg (required for screenshot functionality)
- Internet connection
- Root/Administrator privileges (for certain scanning modes)
- Sufficient system resources for large-scale scans
đŸ”§ Installation
Using go install (recommended)
go install github.com/ALW1EZ/[email protected]From source
git clone https://github.com/ALW1EZ/camtruder.gitcd camtrudergo buildđŸš€ Usage
Basic Commands
# Scan a single IP./camtruder -t 192.168.1.100# Scan a network range./camtruder -t 192.168.1.0/24# Search by location with detailed output./camtruder -t london -s> [ NET-ISP ] [ 192.168.1.0/24 ] [256]# Get raw CIDR ranges for location./camtruder -t london -ss> 192.168.1.0/24# Scan multiple IPs from file./camtruder -t targets.txt# Take screenshots of discovered cameras./camtruder -t 192.168.1.0/24 -m screenshots# Pipe from port scannersnaabu -host 192.168.1.0/24 -p 554 | camtrudermasscan 192.168.1.0/24 -p554 --rate 1000 | awk '{print $6}' | camtruderzmap -p554 192.168.0.0/16 | camtruder# Internet scan (scan till 100 hits)./camtruder -t 100Advanced Options
# Custom credentials with increased threads./camtruder -t 192.168.1.0/24 -u admin,root -p pass123,admin123 -w 50# Location search with raw output piped to zmap./camtruder -t berlin -ss | while read range; do zmap -p 554 $range; done# Save results to file (as full url, you can use mpv --playlist=results.txt to watch the streams)./camtruder -t istanbul -o results.txt# Internet scan with limit of 50 workers and verbose output./camtruder -t 100 -w 50 -vđŸ› ️ Command Line Options
| Option | Description | Default |
|---|---|---|
-t | Target IP, CIDR range, location, or file | Required |
-u | Custom username(s) | Built-in list |
-p | Custom password(s) | Built-in list |
-w | Number of threads | 20 |
-to | Connection timeout (seconds) | 5 |
-o | Output file path | None |
-v | Verbose output | False |
-s | Search only - shows ranges with netnames | False |
-ss | Raw IP range output - only CIDR ranges | False |
-po | RTSP port | 554 |
-m | Directory to save screenshots (requires ffmpeg) | None |
đŸ“Š Output Formats
Standard Search Output (-s)
[ TR-NET-ISP ] [ 193.3.52.0/24 ] [256][ EXAMPLE-ISP ] [ 212.175.100.136/29 ] [8]Raw CIDR Output (-ss)
193.3.52.0/24212.175.100.136/29Scan Results
╭─ Found vulnerable camera [Hikvision, H264, 30fps]├ Host : 192.168.1.100:554├ Geo : United States/California/Berkeley├ Auth : admin:12345├ Path : /Streaming/Channels/1╰ URL : rtsp://admin:[email protected]:554/Streaming/Channels/1⚠️ Disclaimer
This tool is intended for security research and authorized testing only. Users are responsible for ensuring they have permission to scan target systems and comply with all applicable laws and regulations.
đŸ“ License
This project is licensed under the MIT License - see the LICENSE file for details.
đŸ™ Acknowledgments
- Thanks to all contributors and the security research community
- Special thanks to the Go RTSP library maintainers
- Inspired by various open-source security tools
đŸ“Ź Contact
- Author: @ALW1EZ
- Project Link: https://github.com/ALW1EZ/camtruder
Made by @ALW1EZ
Via: www.kitploit.com
Camtruder - Advanced RTSP Camera Discovery And Vulnerability Assessment Tool
Reviewed by Zion3R
on
9:58
Rating:
Reviewed by Zion3R
on
9:58
Rating:
