![]() ![]() Further details can be found in our technical security advisory. Xiongmai uses a few different OUIs and assigns interface IDs in ascending order. It has a well-defined structure: a 3-byte OUI ( organizationally unique identifier of the vendor) + 3-byte NIC ID (Interface ID). #VMEYE CLOUD PC MAC#The MAC address is not a good source of randomness. We reverse engineered parts of the Xiongmai firmware and found that the cloud ID is derived from the device’s MAC address. Using this ID, the user can connect to the device through one of the supported apps. One would assume that the cloud ID is sufficiently random and complex to make guessing correct cloud IDs hard. So how does this “XMEye P2P Cloud” feature work in practice? Each device has a unique ID, called cloud ID or UID. Now, attackers cannot only attack devices that have been intentionally/unintentionally exposed to the web (classic “Shodan hacking” or the Mirai approach), but a large number of devices that are exposed via the “P2P Cloud”.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |