curl: Couldn't resolve host name

[nguyentrungduc1]

Context

Please select one:

• [x] I use my own build of the binary

Please select one:

• [x] I use a specific version: <v5.0.2>

Environment

My operating system:

• [x] Linux

OS version: <kali linux 2023.4> OS architecture:

Issue

<curl: Couldn't resolve host name>

What was expected

<escape '@' in curl password>

What happened

<when the password file has the @ character. curl notification: curl: Couldn't resolve host name. That's my camera password.>

Logs

<──(root㉿kali)-[~/go/bin]
└─# ./cameradar -d -c '/root/Desktop/credentials.json' -r '/root/Desktop/routes2' -p 554 -t 192.168.1.7
Loading credentials...ok
  > Loading credentials dictionary from path "/root/Desktop/credentials.json"
  > Loaded 1 usernames and 59 passwords
Loading routes...ok
  > Loading routes dictionary from path "/root/Desktop/routes2"
  > Loaded 3 routes
Scanning the network...ok
  > Found 2 RTSP streams
Attacking routes of 2 streams...ok
  > Perform failed for "rtsp://:@38:AF:29:DA:71:81:554//0x8b6c42" (auth 0): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://:@38:AF:29:DA:71:81:554/cam/realmonitor?channel=0&subtype=0" (auth 0): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://:@38:AF:29:DA:71:81:554/cam/realmonitor?channel=1&subtype=0" (auth 0): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://:@38:AF:29:DA:71:81:554/cam/realmonitor?channel=1&subtype=1" (auth 0): curl: URL using bad/illegal format or missing URL
  > DESCRIBE rtsp://:@192.168.1.7:554//0x8b6c42 RTSP/1.0 > 401
Attempting to detect authentication methods of 2 streams...ok
  > DESCRIBE rtsp://192.168.1.7:554// RTSP/1.0 > 2
  > Stream rtsp://:@192.168.1.7:554// uses digest authentication method
  > Perform failed for "rtsp://38:AF:29:DA:71:81:554/" (auth 0): curl: URL using bad/illegal format or missing URL
  > Stream rtsp://:@38:AF:29:DA:71:81:554/ uses  authentication method
Attacking credentials of 2 streams...ok
  > Perform failed for "rtsp://admin:0000@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:test@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:00000@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:1111@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:111111@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:9phuong@dung@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:1111111@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:123@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:1234@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:12345@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:123456@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:1234567@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:12345678@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:123456789@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:12345678910@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:4321@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:666666@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:6fJjMKYx@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:888888@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:9999@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:admin@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:admin pass@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:Admin@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:admin123@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:administrator@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:Administrator@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:aiphone@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:camera@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:Camera@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:fliradmin@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:GRwvcj8j@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:hikvision@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:hikadmin@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:HuaWei123@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:ikwd@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:jvc@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:kj3TqCWv@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:meinsm@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:pass@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:Pass@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:password@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:password123@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:qwerty@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:qwerty123@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:Recorder@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:reolink@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:root@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:service@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:supervisor@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:support@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:system@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:tlJwpbo6@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:toor@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:tp-link@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:ubnt@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:user@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:wbox@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:wbox123@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://admin:Y5eIMz3C@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
  > DESCRIBE rtsp://admin:0000@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:test@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:00000@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:1111@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:111111@192.168.1.7:554// RTSP/1.0 > 401
  > Perform failed for "rtsp://admin:9phuong@dung@192.168.1.7:554//" (auth 2): curl: Couldn't resolve host name
  > DESCRIBE rtsp://admin:1111111@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:123@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:1234@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:12345@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:123456@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:1234567@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:12345678@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:123456789@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:12345678910@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:4321@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:666666@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:6fJjMKYx@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:888888@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:9999@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:admin@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:admin pass@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:Admin@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:admin123@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:administrator@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:Administrator@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:aiphone@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:camera@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:Camera@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:fliradmin@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:GRwvcj8j@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:hikvision@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:hikadmin@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:HuaWei123@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:ikwd@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:jvc@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:kj3TqCWv@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:meinsm@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:pass@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:Pass@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:password@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:password123@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:qwerty@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:qwerty123@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:Recorder@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:reolink@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:root@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:service@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:supervisor@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:support@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:system@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:tlJwpbo6@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:toor@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:tp-link@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:ubnt@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:user@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:wbox@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:wbox123@192.168.1.7:554// RTSP/1.0 > 401
  > DESCRIBE rtsp://admin:Y5eIMz3C@192.168.1.7:554// RTSP/1.0 > 401
Validating that streams are accessible...ok
  > SETUP rtsp://:@192.168.1.7:554// RTSP/1.0 > 455
  > Perform failed for "rtsp://:@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
Second round of attacks...ok
  > Perform failed for "rtsp://:@38:AF:29:DA:71:81:554//0x8b6c42" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://:@38:AF:29:DA:71:81:554/cam/realmonitor?channel=0&subtype=0" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://:@38:AF:29:DA:71:81:554/cam/realmonitor?channel=1&subtype=0" (auth -1): curl: URL using bad/illegal format or missing URL
  > Perform failed for "rtsp://:@38:AF:29:DA:71:81:554/cam/realmonitor?channel=1&subtype=1" (auth -1): curl: URL using bad/illegal format or missing URL
  > DESCRIBE rtsp://:@192.168.1.7:554//0x8b6c42 RTSP/1.0 > 401
Validating that streams are accessible...ok
  > SETUP rtsp://:@192.168.1.7:554// RTSP/1.0 > 455
  > Perform failed for "rtsp://:@38:AF:29:DA:71:81:554/" (auth -1): curl: URL using bad/illegal format or missing URL
✖       Admin panel URL:        http://192.168.1.7/ You can use this URL to try attacking the camera's admin panel instead.
        Available:              ✖
        Device model:           Lorex IP camera rtspd

        IP address:             192.168.1.7
        RTSP port:              554
        Auth type:              digest
        Username:               not found
        Password:               not found
        RTSP routes:
                                //
                                //

✖       Admin panel URL:        http://38:AF:29:DA:71:81/ You can use this URL to try attacking the camera's admin panel instead.
        Available:              ✖
        Device model:           Lorex IP camera rtspd

        IP address:             38:AF:29:DA:71:81
        RTSP port:              554
        Username:               not found
        Password:               not found
        RTSP routes:
not found

✖ Streams were found but none were accessed. They are most likely configured with secure credentials and routes. You can try adding entries to the dictionary or generating your own in order to attempt a bruteforce attack on the cameras.>

[nguyentrungduc1]

Help me @Ullaakut

[Ullaakut]

Hi @nguyentrungduc1. I'm not sure why, but it's looking like Cameradar is attempting to access not one URL but two:

  > DESCRIBE rtsp://192.168.1.7:554// RTSP/1.0 > 2
  > Stream rtsp://:@192.168.1.7:554// uses digest authentication method

This one works fine.

  > Perform failed for "rtsp://38:AF:29:DA:71:81:554/" (auth 0): curl: URL using bad/illegal format or missing URL

That one does not.

I assume this is due to the network configuration of your machine, that attempts to reach the camera using both IPv4 and IPv6. Regardless, the IPv4 attempt seems to have worked, and Cameradar simply failed because the default credentials from its dictionaries do not match with the camera.

[nguyentrungduc1]

Thank you @Ullaakut . I think the problem is that when you say http://myuser:myp@ssword@host.example.com/file, it sees the username as myuser, the password as myp, and the host as ssword@host.example.com which is obviously wrong.

[nguyentrungduc1]

• I'm only interested in this rtsp stream

  Perform failed for "rtsp://admin:9phuong@dung@192.168.1.7:554//" (auth 2): curl: Couldn't resolve host name

• stream rtsp with unnecessary MAC address!

[Ullaakut]

Ah indeed, that is the problem. Cameradar currently does not support passwords and users with @ or : characters in them unfortunately. I'm not sure if it would be possible to fix, since it uses CURL which relies on the full URL.

[nguyentrungduc1]

Thank you so much @Ullaakut