Today's Quote

In the end, we will remember not the words of our enemies, but the silence of our friends. -- Martin Luther King, Jr.

Saturday, 12 August 2017

Couch Potato Can spy your live streams wikileaks

This exploitable Python binary was deployed in Feb 2014 to NSA computers. The exploit has helped the Gov to check videos you were streaming 


Supported formats are
 RTSP/H.264 video streams and can capture the screen  frames as JPG and store them in an output directory

Before the usage, the python file has to be configured with its -output folder for the media to save


 Example: rtsp://10.3.2.1:8854/IPCameraStream
• -vcodec copy o Directs the decoder to “copy” the video data from the stream. For use when collecting video files only.
• -acodec copy o Directs the decoder to “copy” the audio data from the stream. For use when collecting video files only.
• -an o Directs the decoder to ignore audio data from the stream. For use when collecting video files only.
 • -f [output file format] [output path] o The only currently supported options are avi and image2.
The output path should always be “-“ (as in a STDOUT pipe). 





Example argument strings: 
-i rtsp://10.3.2.52:8554/Cam –f image2 – 
-i rtsp://10.3.2.52:8554/Cam –t 300 –vcodec copy –an –f avi –
-i rtsp://10.3.2.52:8554/Cam –t 300 –vcodec copy –acodec copy –f avi 


This malware leaves no trace of spying you.

The reason of being stealthy is the application includes In-Memory Code Execution exploit where the program gets executed directly without being stored in your disk

Documentation release of the CouchPotato v1.0 -- User Guide.

Share this:

Post a Comment

 
© ORBACLES