coelner/hacktricks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #623 from Reelix/patch-4

Browse Source 
Fixed missing return characters in RTSP samples
This commit is contained in:
Carlos Polop 2023-04-26 15:55:58 +02:00 committed by GitHub
commit 3d0193ad04
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
network-services-pentesting/554-8554-pentesting-rtsp.md
View File

@ -39,7 +39,7 @@ First and foremost RTSP is an HTTP like protocol. It has different structure and
RTSP can be accessed unauthenticated (common in off-the-shelf devices) or authenticated. Authenticated access mirrors HTTP in that you have Basic and Digest authentication, both nearly identical to HTTP. To find out whether your device is authenticated or unauthenticated, simply send a “DESCRIBE” request. A simple DESCRIBE request looks like:
`DESCRIBE rtsp://<ip>:<port> RTSP/1.0\r\nCSeq: 2`
`DESCRIBE rtsp://<ip>:<port> RTSP/1.0\r\nCSeq: 2\r\n\r\n`
Note: the additional “\r\n” is required for reliable response. Some systems will accept the single “\r\n” but most wont.
@ -53,7 +53,7 @@ Basic authentication is the way to go, hopefully the response received indicates
To formulate a Basic authentication element, one simple has to base 64 encode \<username> “:” \<password> and add it to the request. So a new request would look like:
`DESCRIBE rtsp://<ip>:<port> RTSP/1.0\r\nCSeq: 2\r\nAuthorization: Basic YWRtaW46MTIzNA==`
`DESCRIBE rtsp://<ip>:<port> RTSP/1.0\r\nCSeq: 2\r\nAuthorization: Basic YWRtaW46MTIzNA==\r\n\r\n`
Again note the request is terminated with the double “\r\n”.