Discovering a Hardcoded Root Password - Hacking the VStarcam CB73 Security Camera

You should be able to tell ghidra to decode the password as a string! To do this, select the variable (local_8c, later renamed to password), and change its type to `char [9]` (8 letters plus null byte) by pressing ctrl+l (or right click and retype variable). Then, ghidra should hopefully change the hex value to a string!

Watching professionals work is so satisfying. You probably make a bunch of people think "that looks easy. I can do this!" When in reality it's because that's just how good you are at it.

29:45 the reason why the rand seed is the same within a close time period is because the way that calling time(NULL) or as gihdra is showing it to be time(0x0) which is null and time() returns the unix timestamp to the second it was called so when u spam run the program the hashes will be very close and since the camera has no way of persisting time on bootup will always return the same salt which means rand() will always output the same "randomness"

I recently discovered this channel and has become by far the most interesting one I have found in the last couple of years. I just have to say you are an incredible presenter, and every video just flies by. Looking forward to the next one. Cheers!

Please keep spoiling us all with frequent video releases!

The YouTube algorithms have gifted me the knowledge of your channel today! Looking forward to watching more of your videos!

Very well done! As a person who started his IT career as a trainee computer operator feeding programs into mainframes on punch cards, and who gave up programming about the time C first emerged to start a career as a project manager instead, I can say what you were explaining is right up there with describing electricity to a Neanderthal (me). That said, I managed more or less to keep up with what you said you did to crack open the password. Along the way you clearly demonstrated a deep knowledge of the tools, command line prompts and their uses that enabled you to tease open what was going on. I'm in awe of your obvious expertise and experience, and your ability to convey your work in a manner that even a dinosaur can get his head around. I'd say you have a very bright future in technology, and you'd be very welcome to come work on any project I'd be running to deliver technology in this space. 😄

A salt doesn't need to be truly random, the shtick of hash salting is to avoid rainbow tables and it can be an arbitrary number

As a programmer, I scare more every time I watch Matt`s videos 😂 this a the best channel I ever could find.

Excellent video!! Thanks! I paused the video at 18:00 and ran Hashcat myself. Took 36 seconds to brute force. Chinese security is #1!

Very nice Matt, your channel is gaining traction which is well-deserved!

Soldering serial points I use pieces of thin gauge silicone wires instead of enameled wire.... Less stress on the pad and less risk of lifting the pad.

Love your vids... I only wish that when i was younger I had access to the wealth of knowledge the internet holds, and the cheap technology and computers that are around now... I was scratching around with no computer and rs and maplin catalogues as my reference sources to find pinouts etc... how things have changed...

Amazing video as always, you rock!

bro found this channel 2 days ago almost binge watched all your fkin videos. you are amazing

I always watch your videos as soon as they are posted. High quality stuff!

Those PCBite probes are pretty cool! Looks a lot easier than how I have mine setup ("Helping hands" tape and sewing needles lol) Definitely going to pick one of those up. Thanks for listing what you use for your setup and great video as always!

Literally as simple as a binary CTF challenge, as long as you can get the firmware. This is great content!

very cool to do that, my young nephew is having a blast trying hack into an old router. my dude knows more than me

Thanks for running through the whole process as you did it initially, super interesting. And kudos for the shout out to Joe Grant, that time video was awesome as well 😊