Difference between revisions of "Finding Camera Stream Paths"

From ZoneMinder Wiki
Jump to navigationJump to search
Line 42: Line 42:
===Wireshark===
===Wireshark===


Watch the packets coming from the camera when accessing the video stream, and determine where the stream is located if possible. Some cameras require custom authentication, so if your camera is proprietary, then things are more difficult. This is the danger of purchasing cameras that don't have onvif compatibility.
Watch the packets coming from the camera when accessing the video stream, and determine where the stream is located if possible. Some cameras require custom authentication, so if your camera is proprietary, then things are more difficult. This is the danger of purchasing cameras that don't follow the onvif standards.


===Hardware Reading===
===Hardware Reading===

Revision as of 10:44, 16 February 2018

This page is for collecting methods and approaches for obtaining camera stream paths. The best results will be with cameras tested by users in the Hardware Compatibility List. Next best results with cameras that detail the path in user manuals, and or are Onvif compliant. Proprietary cameras, and undocumented cameras are more difficult and may require some work if you can't locate the information in a web search.

Overview

Typical methods of obtaining the cameras paths in order of ease are

  • User Manual/Website
  • Onvif probe
  • Search online resources and forums
  • Get access to the camera shell
  • Sniff network packets with TCPDump or Wireshark

Required Fields

Not all fields are required to be filled in for Zoneminder.

  • Resolution must be right.
  • Most cameras require username/password.

If you are unsure how to fill in the information into Zoneminder, refer to the Hardware Compatibility List for other cameras, and copy them.

Methods

User Manual

Reputable name brand cameras (Axis, Arecont Vision, Foscam, many others) will offer stream paths in the user manual or website. If you bought an unbranded cheap camera or one of the proprietary cameras sold in retail stores then you must move onto the other options.

Onvif

Starting with Zoneminder 1.30.4 there is an onvif probe option in the camera configuration. You can also use other Onvif probe programs.

Web Search Online

Ispyconnect has a large database of URLs available for cameras. The ZM wiki has some. Use a search engine. You may also come across a telnet or ssh password, which can be used to gain access to the camera OS.

Camera Shell

Many cameras run GNU/Linux. If you can get access to the files on the camera, through telnet, or through exploiting a vulnerability in the camera, then you can look around for paths. You may be able to send files from the camera to your local machine using FTP. Cameras often have busybox, or similar utils. Running the command "strings" on binaries may come up with something. Run nmap on the camera to see what ports are open. See more details in external links.

$ nmap -p1-65535 <ipaddressofcamera>

Wireshark

Watch the packets coming from the camera when accessing the video stream, and determine where the stream is located if possible. Some cameras require custom authentication, so if your camera is proprietary, then things are more difficult. This is the danger of purchasing cameras that don't follow the onvif standards.

Hardware Reading

Dumping the flash with hardware would be a last resort. I have not gone this far, and wouldn't recommend it for the layman. If you have access to a microcontroller or SBC such as a Raspberry Pi or Beaglebone you might be able to configure it similar to this method used by the libreboot project perhaps, if it is SPI compatible. Also see this walkthrough by Sgayou for advanced techniques and approaches for reverse engineering embedded devices.

External Links