1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Audit: Cameradar Scanning Attempt

Audit: Cameradar Scanning Attempt

Severity: Low

This attack poses a minor threat. Corrective action may not be possible or is not required.


This signature detects Cameradar Scannning activity.

Additional Information

Cameradar is an RTSP Surveillance Camera Access Multitool, it allows attackers to:
- Detect open RTSP hosts on any accessible target
- Get their public info (hostname, port, camera model, etc.)
Launch automated dictionary attacks to get their stream route (for example /live.sdp)
- Launch automated dictionary attacks to get the username and password of the cameras
- Generate thumbnails from them to check if the streams are valid and to have a quick preview of their content
- Try to create a Gstreamer pipeline to check if they are properly encoded
- Print a summary of all the informations Cameradar could get


  • Various RTSP CCTV cameras


  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube