Friday, June 14, 2019
Wireguard on Raspberry Pi 2 B+
Probably after the installation you will not be able to run wireguard due missing modules in /lib/modules.
Verify by issuing:
sudo modprobe wireguard
modprobe: FATAL: Module wireguard not found in directory /lib/modules/4.19.50-v7+
[SOLUTION :]
sudo dpkg-reconfigure wireguard-dkms
sudo modprobe wireguard
pip error - cannot import main [SOLVED] + module has no attribute SSL_ST_INIT
Set python2.7 as default:
select python2.7
Remove
Reinstall it:
Check the
Do not upgrade
sudo update-alternatives --config pythonselect python2.7
Remove
pip:sudo python -m pip uninstall pip
sudo apt purge --autoremove python-pipReinstall it:
sudo apt install python-pipCheck the
pip --version:pip 9.0.1 from /usr/lib/python2.7/dist-packages (python 2.7)Do not upgrade
pip to the latest version.In case of the following error:
AttributeError: 'module' object has no attribute 'SSL_ST_INIT'
sudo python -m easy_install --upgrade pyOpenSSLWednesday, June 5, 2019
hacked.camera
Hundreds of brands of security cameras, baby monitors, and
“smart” doorbells have serious vulnerabilities that allow hackers to
hijack devices and spy on their owners.
Affected devices use “peer-to-peer” features (also known as “P2P”) that allow users to connect to their devices the moment they come online. Hackers are able to exploit flaws in these features to rapidly find vulnerable cameras, then launch attacks to access them – all without the owner’s knowledge.
Over 2 million vulnerable devices have been identified on the Internet, including those distributed by HiChip, TENVIS, SV3C, VStarcam, Wanscam, NEO Coolcam, Sricam, Eye Sight, and HVCAM. Affected devices use a component called iLnkP2P. Unfortunately, iLnkP2P is used by hundreds of other brands as well, making identification of vulnerable devices difficult.
A UID will look like:
In this example,
If disposing of the device is not possible, the P2P functionality may be effectively neutered by blocking outbound traffic to UDP port 32100. This will prevent devices from being accessed from external networks via P2P (though local access will still work).
iLnkP2P is one of several P2P solutions utilized by device manufacturers. It was developed by Shenzhen Yunni Technology Company, Inc.
Affected devices use “peer-to-peer” features (also known as “P2P”) that allow users to connect to their devices the moment they come online. Hackers are able to exploit flaws in these features to rapidly find vulnerable cameras, then launch attacks to access them – all without the owner’s knowledge.
Over 2 million vulnerable devices have been identified on the Internet, including those distributed by HiChip, TENVIS, SV3C, VStarcam, Wanscam, NEO Coolcam, Sricam, Eye Sight, and HVCAM. Affected devices use a component called iLnkP2P. Unfortunately, iLnkP2P is used by hundreds of other brands as well, making identification of vulnerable devices difficult.
Am I affected?
Vulnerable devices will have a special serial number known as a UID, which is typically printed on a label somewhere on the device.A UID will look like:
FFFF-123456-ABCDEIn this example,
FFFF is the device’s prefix. Devices with the following prefixes are known to be vulnerable:| AID | AJT | AVA | BSIP | CAM |
| CPTCAM | CTW | DFT | DFZ | DYNE |
| EEEE | ELSA | ESN | ESS | EST |
| FFFF | GCMN | GGGG | GKW | HDT |
| HHHH | HRXJ | HVC | HWAA | HZD |
| HZDA | HZDB | HZDC | HZDN | HZDX |
| HZDY | HZDZ | IIII | IPC | ISRP |
| JWEV | KSC | MCI | MCIHD | MDI |
| MDIHD | MEG | MEYE | MGA | MGW |
| MIC | MICHD | MMMM | MSE | MSEHD |
| MSI | MSIHD | MTE | MTEHD | MUI |
| MUIHD | NIP | NIPHD | NPC | NTP |
| OBJ | OPCS | OPMS | PAR | PARC |
| PCS | PHP | PIO | PIPCAM | PIX |
| PNP | PSD | PTP | QHSV | ROSS |
| SID | SIP | SXH | TIO | TSD |
| UID | VIO | VSTD | VSTF | WBT |
| WBTHD | WNS | WNSC | WXH | WXO |
| XDBL | XTST | ZES | ZLD | ZSKJ |
| ZZZZ |
What can I do?
Ideally, buy a new device from a reputable vendor. Research suggests that a fix from vendors is unlikely, and these devices are often riddled with other security problems that put their owners at risk.If disposing of the device is not possible, the P2P functionality may be effectively neutered by blocking outbound traffic to UDP port 32100. This will prevent devices from being accessed from external networks via P2P (though local access will still work).
More Information
What is P2P? What is iLnkP2P?
P2P is a feature included in many devices that allows them to be accessed without any manual configuration. By using a special serial number known as a UID, users may instantly connect to their device from their phone or computer. A main selling point of P2P devices is that they do not require port forwarding or dynamic DNS in order to be accessed, and are capable of overcoming NAT and firewall scenarios automatically.iLnkP2P is one of several P2P solutions utilized by device manufacturers. It was developed by Shenzhen Yunni Technology Company, Inc.
What is CVE-2019-11219?
CVE-2019-11219 refers to an enumeration vulnerability in iLnkP2P that allows attackers to rapidly discover devices that are online. Due to the nature of P2P, attackers are then able to directly connect to arbitrary devices while bypassing firewall restrictions.What is CVE-2019-11220?
CVE-2019-11220 refers to an authentication vulnerability in iLnkP2P that allows attackers to intercept connections to devices and perform man-in-the-middle attacks. Attackers may use this vulnerability to steal the password to a device and take control of it.Are all P2P devices vulnerable to these issues?
No. There are several different P2P solutions in use by different vendors. These issues are specific to devices that use iLnkP2P.I don’t know my UID. Is there another way to determine if I am affected?
Devices that use the following Android apps may be vulnerable:- HiChip: CamHi, P2PWIFICAM, iMega Cam, WEBVISION, P2PIPCamHi, IPCAM P
- VStarcam: Eye4, EyeCloud, VSCAM, PnPCam
- Wanscam: E View7
- NEO: P2PIPCAM, COOLCAMOP
- Sricam: APCamera
- Various: P2PCam_HD
Who are you?
I am Paul
Subscribe to:
Posts (Atom)