554 - RTSP
Overview
The Real Time Streaming Protocol (RTSP) is a non-stateless network control protocol designed for media streaming between endpoints.
RTSP defines a number of commands for controlling multimedia playback, which can be send both way, from client to server or vice versa.
The connection to a RTSP service is made using an RTSP URL of the following format: rtsp://<HOSTNAME | IP>:<PORT>/<STREAM_ROUTE>
.
Network scan
nmap
can be used to scan the network for RTSP
services:
nmap -v -p 554 -sV -sC -oA nmap_smb <RANGE | CIDR>
The Cameradar
GO tool can be used to scan the network for RTSP services and conduct automated dictionary attacks on the stream route and username/password of the retrieved services.
# sudo service docker start
docker pull ullaakut/cameradar
# Scan ports 554, 5554, 8554
docker run ullaakut/cameradar -t <HOSTNAME | IP | CIDR | RANGE | FILE>
docker run <FILES_DIR_PATH>:/tmp/dictionaries ullaakut/cameradar -t <HOSTNAME | IP | CIDR | RANGE | FILE> -p "1-65535"-r <FILE_STREAM_ROUTES> -c <FILE_CREDENTIALS_JSON>
RTSP stream access
The utility VLC Media Player
can be used to access the video stream using Open Network Stream
/ Ctrl + N
and specifying the RTSP URL in the following format:
rtsp://<HOSTNAME | IP>:<PORT>/<STREAM_ROUTE>
rtsp://<USERNAME>:<PASSWORD>@<HOSTNAME | IP>:<PORT>/<STREAM_ROUTE>
Last updated