Amcrest Cameras SSL Key Reuse Across installations

From: jack.m.mckenna@gmail.com
To: bugtraq@securityfocus.com
Cc:
Subject: Amcrest Cameras SSL Key Reuse Across installations
Date:


Unpacking the firmware of any given (4 tested) Amcrest Camera shows that they use the same SSL Keys.

For example, on  the Amcrest_IPC-HX1X3X-LEXUS_Eng_N_AMCREST_V2.420.AC01.3.R.20180206 firware we can see hard coded SSL private keys and CAs. If we run binwalk we can see this in the folder 

_Amcrest_IPC-HX1X3X-LEXUS_Eng_N_AMCREST_V2.420.AC01.3.R.20180206.bin.extracted/_user-x.squashfs.img.extracted/squashfs-root/bin/ssl

 openssl x509 -in cacert.pem -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:34:39:30:36:38:35:39:33:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=Product Root CA, C=US, ST=Taxas, L=Houston, O=Amcrest Technologies LLC, OU=Amcrest
        Validity
            Not Before: Mar 27 07:25:35 2017 GMT
            Not After : Mar 27 07:25:35 2021 GMT
        Subject: CN=Product Root CA, C=US, ST=Taxas, L=Houston, O=Amcrest Technologies LLC, OU=Amcrest
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:99:26:51:d4:6c:1d:88:28:cd:9a:ef:7d:f0:72:
                    37:5a:9a:12:58:4a:26:3f:ed:4a:51:5e:35:71:18:
                    32:fd:87:05:0c:06:a3:6d:25:20:3c:c1:42:c2:93:
                    4d:75:00:09:0d:5c:37:cc:65:5b:ca:b3:81:4b:94:
                    d6:ef:ce:fc:a6:52:aa:07:02:c8:89:2c:6b:f3:a8:
                    17:15:84:ef:5e:a6:c3:ef:b2:cc:24:df:8e:4f:67:
                    24:df:75:87:ba:60:f1:8a:05:5d:2e:bf:7d:89:d5:
                    c4:7e:05:8f:02:80:6b:ce:c5:f5:b7:15:0f:ec:d7:
                    bf:8a:c4:8c:97:9b:a4:79:47:d3:3e:7a:a1:bd:5d:
                    a2:9a:2a:41:25:b2:db:01:d7:a8:6d:52:1e:10:37:
                    80:4d:90:3b:b1:b3:31:73:37:b2:4e:48:84:08:01:
                    4c:f1:58:b1:c6:02:06:85:88:98:43:d0:f1:c6:d1:
                    f3:67:7f:37:7b:66:13:bc:41:22:6f:f5:13:7d:fb:
                    8f:92:f2:db:90:32:3f:21:fc:a8:41:94:a4:cc:ac:
                    27:d0:31:08:56:ea:17:30:5b:b8:bf:83:d1:92:b6:
                    ee:4f:c0:a7:4e:80:3e:12:24:e9:67:56:a3:7c:7f:
                    c2:1d:9d:7d:3e:db:64:22:9c:41:bd:9d:e6:34:dd:
                    a6:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier: 
                AD:2D:97:7F:1F:FE:09:77:A7:96:FE:12:E7:3C:C6:B4:C1:FC:EC:BF
    Signature Algorithm: sha256WithRSAEncryption
         8d:72:fa:37:14:64:9b:d8:f2:04:d3:87:3d:0a:4b:dd:3b:c1:
         b8:06:00:24:27:db:4d:8b:20:2e:bb:b8:68:99:06:73:06:45:
         d8:50:48:49:12:71:04:67:66:3a:b3:78:6f:d9:59:f1:80:fb:
         97:8f:e0:eb:58:02:aa:43:ce:37:f9:09:d0:4a:82:e2:61:e4:
         19:bc:2e:b3:8f:13:87:f3:30:3f:eb:4d:07:5a:77:a5:f5:05:
         5a:c8:0e:c1:b7:68:c3:a8:f1:2a:75:21:e9:d2:02:74:e5:c4:
         c8:f0:e6:23:92:9f:eb:ad:ac:f4:d4:32:a4:eb:10:fe:49:90:
         f3:85:f3:00:07:a4:2b:95:c2:d4:02:c2:21:42:aa:d5:a6:63:
         68:14:a1:02:0d:1f:f7:6b:aa:4b:6c:09:63:97:37:84:0a:af:
         96:a6:d2:a0:f7:48:8a:50:ac:0b:b3:47:8d:e8:f2:e9:a1:5f:
         bb:27:3b:09:6a:82:a9:28:d2:a1:fa:44:9f:96:65:a1:de:6c:
         da:c4:f5:99:c8:b3:ad:a4:0d:63:ef:09:c2:bc:bb:54:c7:8c:
         8a:53:c4:e4:af:76:ac:61:a3:a9:51:b8:08:34:e5:37:50:1c:
         c0:58:3d:ea:50:e4:6c:8c:57:fb:c8:45:40:6d:ed:0c:a5:15:
         a3:43:59:61
-----BEGIN CERTIFICATE-----
MIIDsjCCApqgAwIBAgIKMTQ5MDY4NTkzNTANBgkqhkiG9w0BAQsFADB+MRgwFgYD
VQQDDA9Qcm9kdWN0IFJvb3QgQ0ExCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUYXhh
czEQMA4GA1UEBwwHSG91c3RvbjEhMB8GA1UECgwYQW1jcmVzdCBUZWNobm9sb2dp
ZXMgTExDMRAwDgYDVQQLDAdBbWNyZXN0MB4XDTE3MDMyNzA3MjUzNVoXDTIxMDMy
NzA3MjUzNVowfjEYMBYGA1UEAwwPUHJvZHVjdCBSb290IENBMQswCQYDVQQGEwJV
UzEOMAwGA1UECAwFVGF4YXMxEDAOBgNVBAcMB0hvdXN0b24xITAfBgNVBAoMGEFt
Y3Jlc3QgVGVjaG5vbG9naWVzIExMQzEQMA4GA1UECwwHQW1jcmVzdDCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJkmUdRsHYgozZrvffByN1qaElhKJj/t
SlFeNXEYMv2HBQwGo20lIDzBQsKTTXUACQ1cN8xlW8qzgUuU1u/O/KZSqgcCyIks
a/OoFxWE716mw++yzCTfjk9nJN91h7pg8YoFXS6/fYnVxH4FjwKAa87F9bcVD+zX
v4rEjJebpHlH0z56ob1dopoqQSWy2wHXqG1SHhA3gE2QO7GzMXM3sk5IhAgBTPFY
scYCBoWImEPQ8cbR82d/N3tmE7xBIm/1E337j5Ly25AyPyH8qEGUpMysJ9AxCFbq
FzBbuL+D0ZK27k/Ap06APhIk6WdWo3x/wh2dfT7bZCKcQb2d5jTdpmUCAwEAAaMy
MDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUrS2Xfx/+CXenlv4S5zzGtMH8
7L8wDQYJKoZIhvcNAQELBQADggEBAI1y+jcUZJvY8gTThz0KS907wbgGACQn202L
IC67uGiZBnMGRdhQSEkScQRnZjqzeG/ZWfGA+5eP4OtYAqpDzjf5CdBKguJh5Bm8
LrOPE4fzMD/rTQdad6X1BVrIDsG3aMOo8Sp1IenSAnTlxMjw5iOSn+utrPTUMqTr
EP5JkPOF8wAHpCuVwtQCwiFCqtWmY2gUoQINH/drqktsCWOXN4QKr5am0qD3SIpQ
rAuzR43o8umhX7snOwlqgqko0qH6RJ+WZaHebNrE9ZnIs62kDWPvCcK8u1THjIpT
xOSvdqxho6lRuAg05TdQHMBYPepQ5GyMV/vIRUBt7QylFaNDWWE=
-----END CERTIFICATE-----


 openssl x509 -in cacert.pem -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:34:39:30:36:38:35:39:33:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=Product Root CA, C=US, ST=Taxas, L=Houston, O=Amcrest Technologies LLC, OU=Amcrest
        Validity
            Not Before: Mar 27 07:25:35 2017 GMT
            Not After : Mar 27 07:25:35 2021 GMT
        Subject: CN=Product Root CA, C=US, ST=Taxas, L=Houston, O=Amcrest Technologies LLC, OU=Amcrest
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:99:26:51:d4:6c:1d:88:28:cd:9a:ef:7d:f0:72:
                    37:5a:9a:12:58:4a:26:3f:ed:4a:51:5e:35:71:18:
                    32:fd:87:05:0c:06:a3:6d:25:20:3c:c1:42:c2:93:
                    4d:75:00:09:0d:5c:37:cc:65:5b:ca:b3:81:4b:94:
                    d6:ef:ce:fc:a6:52:aa:07:02:c8:89:2c:6b:f3:a8:
                    17:15:84:ef:5e:a6:c3:ef:b2:cc:24:df:8e:4f:67:
                    24:df:75:87:ba:60:f1:8a:05:5d:2e:bf:7d:89:d5:
                    c4:7e:05:8f:02:80:6b:ce:c5:f5:b7:15:0f:ec:d7:
                    bf:8a:c4:8c:97:9b:a4:79:47:d3:3e:7a:a1:bd:5d:
                    a2:9a:2a:41:25:b2:db:01:d7:a8:6d:52:1e:10:37:
                    80:4d:90:3b:b1:b3:31:73:37:b2:4e:48:84:08:01:
                    4c:f1:58:b1:c6:02:06:85:88:98:43:d0:f1:c6:d1:
                    f3:67:7f:37:7b:66:13:bc:41:22:6f:f5:13:7d:fb:
                    8f:92:f2:db:90:32:3f:21:fc:a8:41:94:a4:cc:ac:
                    27:d0:31:08:56:ea:17:30:5b:b8:bf:83:d1:92:b6:
                    ee:4f:c0:a7:4e:80:3e:12:24:e9:67:56:a3:7c:7f:
                    c2:1d:9d:7d:3e:db:64:22:9c:41:bd:9d:e6:34:dd:
                    a6:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier: 
                AD:2D:97:7F:1F:FE:09:77:A7:96:FE:12:E7:3C:C6:B4:C1:FC:EC:BF
    Signature Algorithm: sha256WithRSAEncryption
         8d:72:fa:37:14:64:9b:d8:f2:04:d3:87:3d:0a:4b:dd:3b:c1:
         b8:06:00:24:27:db:4d:8b:20:2e:bb:b8:68:99:06:73:06:45:
         d8:50:48:49:12:71:04:67:66:3a:b3:78:6f:d9:59:f1:80:fb:
         97:8f:e0:eb:58:02:aa:43:ce:37:f9:09:d0:4a:82:e2:61:e4:
         19:bc:2e:b3:8f:13:87:f3:30:3f:eb:4d:07:5a:77:a5:f5:05:
         5a:c8:0e:c1:b7:68:c3:a8:f1:2a:75:21:e9:d2:02:74:e5:c4:
         c8:f0:e6:23:92:9f:eb:ad:ac:f4:d4:32:a4:eb:10:fe:49:90:
         f3:85:f3:00:07:a4:2b:95:c2:d4:02:c2:21:42:aa:d5:a6:63:
         68:14:a1:02:0d:1f:f7:6b:aa:4b:6c:09:63:97:37:84:0a:af:
         96:a6:d2:a0:f7:48:8a:50:ac:0b:b3:47:8d:e8:f2:e9:a1:5f:
         bb:27:3b:09:6a:82:a9:28:d2:a1:fa:44:9f:96:65:a1:de:6c:
         da:c4:f5:99:c8:b3:ad:a4:0d:63:ef:09:c2:bc:bb:54:c7:8c:
         8a:53:c4:e4:af:76:ac:61:a3:a9:51:b8:08:34:e5:37:50:1c:
         c0:58:3d:ea:50:e4:6c:8c:57:fb:c8:45:40:6d:ed:0c:a5:15:
         a3:43:59:61
-----BEGIN CERTIFICATE-----
MIIDsjCCApqgAwIBAgIKMTQ5MDY4NTkzNTANBgkqhkiG9w0BAQsFADB+MRgwFgYD
VQQDDA9Qcm9kdWN0IFJvb3QgQ0ExCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUYXhh
czEQMA4GA1UEBwwHSG91c3RvbjEhMB8GA1UECgwYQW1jcmVzdCBUZWNobm9sb2dp
ZXMgTExDMRAwDgYDVQQLDAdBbWNyZXN0MB4XDTE3MDMyNzA3MjUzNVoXDTIxMDMy
NzA3MjUzNVowfjEYMBYGA1UEAwwPUHJvZHVjdCBSb290IENBMQswCQYDVQQGEwJV
UzEOMAwGA1UECAwFVGF4YXMxEDAOBgNVBAcMB0hvdXN0b24xITAfBgNVBAoMGEFt
Y3Jlc3QgVGVjaG5vbG9naWVzIExMQzEQMA4GA1UECwwHQW1jcmVzdDCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJkmUdRsHYgozZrvffByN1qaElhKJj/t
SlFeNXEYMv2HBQwGo20lIDzBQsKTTXUACQ1cN8xlW8qzgUuU1u/O/KZSqgcCyIks
a/OoFxWE716mw++yzCTfjk9nJN91h7pg8YoFXS6/fYnVxH4FjwKAa87F9bcVD+zX
v4rEjJebpHlH0z56ob1dopoqQSWy2wHXqG1SHhA3gE2QO7GzMXM3sk5IhAgBTPFY
scYCBoWImEPQ8cbR82d/N3tmE7xBIm/1E337j5Ly25AyPyH8qEGUpMysJ9AxCFbq
FzBbuL+D0ZK27k/Ap06APhIk6WdWo3x/wh2dfT7bZCKcQb2d5jTdpmUCAwEAAaMy
MDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUrS2Xfx/+CXenlv4S5zzGtMH8
7L8wDQYJKoZIhvcNAQELBQADggEBAI1y+jcUZJvY8gTThz0KS907wbgGACQn202L
IC67uGiZBnMGRdhQSEkScQRnZjqzeG/ZWfGA+5eP4OtYAqpDzjf5CdBKguJh5Bm8
LrOPE4fzMD/rTQdad6X1BVrIDsG3aMOo8Sp1IenSAnTlxMjw5iOSn+utrPTUMqTr
EP5JkPOF8wAHpCuVwtQCwiFCqtWmY2gUoQINH/drqktsCWOXN4QKr5am0qD3SIpQ
rAuzR43o8umhX7snOwlqgqko0qH6RJ+WZaHebNrE9ZnIs62kDWPvCcK8u1THjIpT
xOSvdqxho6lRuAg05TdQHMBYPepQ5GyMV/vIRUBt7QylFaNDWWE=
-----END CERTIFICATE-----




as well as

_Amcrest_IPC-HX1X3X-LEXUS_Eng_N_AMCREST_V2.420.AC01.3.R.20180206.bin.extracted/_user-x.squashfs.img.extracted/squashfs-root/bin/amcssl


 openssl x509 -in cacert.pem -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 925100063 (0x3723e81f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=CA, ST=ON, L=Ottawa, O=Camcloud, OU=Camcloud, CN=Dan Burkett
        Validity
            Not Before: Apr  2 12:44:49 2015 GMT
            Not After : Aug 18 12:44:49 2042 GMT
        Subject: C=CA, ST=ON, L=Ottawa, O=Camcloud, OU=Camcloud, CN=Dan Burkett
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ff:73:6c:6c:e1:de:b4:7d:a8:13:cf:66:3a:36:
                    22:30:11:f1:c4:44:33:68:b0:15:b0:0c:5a:41:10:
                    17:48:40:66:5d:db:d0:9e:5e:c9:85:ae:87:18:63:
                    40:2b:ad:d6:64:92:1c:23:99:fb:82:70:84:c1:cd:
                    6a:98:8a:0a:6e:de:9c:c8:34:97:c3:f6:95:51:42:
                    29:1f:2e:c5:92:9f:7e:f3:d8:7d:60:3b:ef:d3:3f:
                    34:3a:06:a5:9f:86:16:c3:ae:9b:6d:76:a3:dc:91:
                    84:e1:57:aa:ee:73:69:0b:6b:e6:65:72:1b:30:9b:
                    dd:86:0b:78:c0:81:55:e3:53:4b:5f:ef:8c:2e:ac:
                    c0:d7:b6:ea:5e:10:05:6a:bd:63:e7:53:5b:64:b6:
                    15:36:b5:08:8f:40:4f:aa:08:59:51:76:b5:73:a7:
                    0e:8e:f6:bf:a1:50:83:1d:4f:66:2a:77:ef:63:04:
                    56:c0:d9:ce:0d:18:c9:24:9c:43:11:8a:c1:95:27:
                    6e:bc:72:7c:ce:d0:d0:85:da:13:8c:fd:cc:56:a0:
                    45:82:5a:d3:c3:2f:cf:38:c1:b9:7a:1d:9b:2f:6a:
                    cf:6d:b8:c7:e3:b0:03:24:56:81:01:84:21:32:9c:
                    f6:11:6f:8e:47:2e:9c:5a:a8:b5:83:e6:bc:12:90:
                    80:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                A9:D4:87:CC:D7:70:3B:64:FF:6E:AE:C4:B1:37:3E:0C:1A:86:0B:CF
    Signature Algorithm: sha256WithRSAEncryption
         da:9e:50:c8:2d:f0:f5:3b:f6:71:75:bd:e5:e2:8d:f3:30:3e:
         ed:88:91:d7:7b:55:9f:24:7b:de:7b:49:14:28:23:9f:de:fe:
         1f:60:fb:68:a3:25:92:e5:e8:f5:e9:5b:06:58:24:ea:70:4f:
         7d:2a:d7:86:46:c8:5e:95:13:65:66:e8:51:54:8e:b9:bc:de:
         92:82:39:1e:f7:d1:95:58:03:7b:3d:1b:e7:29:9c:03:4c:d2:
         2a:5c:63:9d:9f:5f:b2:58:92:40:b2:aa:c2:94:fd:10:4c:4f:
         c2:19:1b:34:c1:8e:3c:14:be:3f:f3:be:2c:f6:5e:04:bf:f8:
         13:b5:aa:e0:05:e5:a7:2f:c6:36:1c:bf:c1:d7:34:70:86:bc:
         86:b5:ca:d1:b4:85:03:af:74:8b:ae:79:ad:94:63:27:17:99:
         53:5c:6e:35:92:90:82:dd:80:c6:a0:c8:ba:f7:08:3c:5c:46:
         7f:8c:b7:6f:7a:e6:66:91:86:89:0b:29:28:1c:79:3e:66:8e:
         7c:6a:3f:e1:b5:5e:56:06:ac:8e:7d:6a:fb:91:94:46:b9:1d:
         31:0f:a0:35:67:9f:70:c1:f7:ab:8b:4a:88:f3:20:10:10:e1:
         e2:da:4c:db:3f:50:d7:dd:9e:27:bf:9a:b2:4c:7d:4c:6c:56:
         7d:8a:76:54
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIENyPoHzANBgkqhkiG9w0BAQsFADBnMQswCQYDVQQGEwJD
QTELMAkGA1UECBMCT04xDzANBgNVBAcTBk90dGF3YTERMA8GA1UEChMIQ2FtY2xv
dWQxETAPBgNVBAsTCENhbWNsb3VkMRQwEgYDVQQDEwtEYW4gQnVya2V0dDAeFw0x
NTA0MDIxMjQ0NDlaFw00MjA4MTgxMjQ0NDlaMGcxCzAJBgNVBAYTAkNBMQswCQYD
VQQIEwJPTjEPMA0GA1UEBxMGT3R0YXdhMREwDwYDVQQKEwhDYW1jbG91ZDERMA8G
A1UECxMIQ2FtY2xvdWQxFDASBgNVBAMTC0RhbiBCdXJrZXR0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/3NsbOHetH2oE89mOjYiMBHxxEQzaLAVsAxa
QRAXSEBmXdvQnl7Jha6HGGNAK63WZJIcI5n7gnCEwc1qmIoKbt6cyDSXw/aVUUIp
Hy7Fkp9+89h9YDvv0z80Ogaln4YWw66bbXaj3JGE4Veq7nNpC2vmZXIbMJvdhgt4
wIFV41NLX++MLqzA17bqXhAFar1j51NbZLYVNrUIj0BPqghZUXa1c6cOjva/oVCD
HU9mKnfvYwRWwNnODRjJJJxDEYrBlSduvHJ8ztDQhdoTjP3MVqBFglrTwy/POMG5
eh2bL2rPbbjH47ADJFaBAYQhMpz2EW+ORy6cWqi1g+a8EpCAeQIDAQABoyEwHzAd
BgNVHQ4EFgQUqdSHzNdwO2T/bq7EsTc+DBqGC88wDQYJKoZIhvcNAQELBQADggEB
ANqeUMgt8PU79nF1veXijfMwPu2Ikdd7VZ8ke957SRQoI5/e/h9g+2ijJZLl6PXp
WwZYJOpwT30q14ZGyF6VE2Vm6FFUjrm83pKCOR730ZVYA3s9G+cpnANM0ipcY52f
X7JYkkCyqsKU/RBMT8IZGzTBjjwUvj/zviz2XgS/+BO1quAF5acvxjYcv8HXNHCG
vIa1ytG0hQOvdIuuea2UYycXmVNcbjWSkILdgMagyLr3CDxcRn+Mt2965maRhokL
KSgceT5mjnxqP+G1XlYGrI59avuRlEa5HTEPoDVnn3DB96uLSojzIBAQ4eLaTNs/
UNfdnie/mrJMfUxsVn2KdlQ=
-----END CERTIFICATE-----


 openssl x509 -in cacert.pem -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 925100063 (0x3723e81f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=CA, ST=ON, L=Ottawa, O=Camcloud, OU=Camcloud, CN=Dan Burkett
        Validity
            Not Before: Apr  2 12:44:49 2015 GMT
            Not After : Aug 18 12:44:49 2042 GMT
        Subject: C=CA, ST=ON, L=Ottawa, O=Camcloud, OU=Camcloud, CN=Dan Burkett
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ff:73:6c:6c:e1:de:b4:7d:a8:13:cf:66:3a:36:
                    22:30:11:f1:c4:44:33:68:b0:15:b0:0c:5a:41:10:
                    17:48:40:66:5d:db:d0:9e:5e:c9:85:ae:87:18:63:
                    40:2b:ad:d6:64:92:1c:23:99:fb:82:70:84:c1:cd:
                    6a:98:8a:0a:6e:de:9c:c8:34:97:c3:f6:95:51:42:
                    29:1f:2e:c5:92:9f:7e:f3:d8:7d:60:3b:ef:d3:3f:
                    34:3a:06:a5:9f:86:16:c3:ae:9b:6d:76:a3:dc:91:
                    84:e1:57:aa:ee:73:69:0b:6b:e6:65:72:1b:30:9b:
                    dd:86:0b:78:c0:81:55:e3:53:4b:5f:ef:8c:2e:ac:
                    c0:d7:b6:ea:5e:10:05:6a:bd:63:e7:53:5b:64:b6:
                    15:36:b5:08:8f:40:4f:aa:08:59:51:76:b5:73:a7:
                    0e:8e:f6:bf:a1:50:83:1d:4f:66:2a:77:ef:63:04:
                    56:c0:d9:ce:0d:18:c9:24:9c:43:11:8a:c1:95:27:
                    6e:bc:72:7c:ce:d0:d0:85:da:13:8c:fd:cc:56:a0:
                    45:82:5a:d3:c3:2f:cf:38:c1:b9:7a:1d:9b:2f:6a:
                    cf:6d:b8:c7:e3:b0:03:24:56:81:01:84:21:32:9c:
                    f6:11:6f:8e:47:2e:9c:5a:a8:b5:83:e6:bc:12:90:
                    80:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                A9:D4:87:CC:D7:70:3B:64:FF:6E:AE:C4:B1:37:3E:0C:1A:86:0B:CF
    Signature Algorithm: sha256WithRSAEncryption
         da:9e:50:c8:2d:f0:f5:3b:f6:71:75:bd:e5:e2:8d:f3:30:3e:
         ed:88:91:d7:7b:55:9f:24:7b:de:7b:49:14:28:23:9f:de:fe:
         1f:60:fb:68:a3:25:92:e5:e8:f5:e9:5b:06:58:24:ea:70:4f:
         7d:2a:d7:86:46:c8:5e:95:13:65:66:e8:51:54:8e:b9:bc:de:
         92:82:39:1e:f7:d1:95:58:03:7b:3d:1b:e7:29:9c:03:4c:d2:
         2a:5c:63:9d:9f:5f:b2:58:92:40:b2:aa:c2:94:fd:10:4c:4f:
         c2:19:1b:34:c1:8e:3c:14:be:3f:f3:be:2c:f6:5e:04:bf:f8:
         13:b5:aa:e0:05:e5:a7:2f:c6:36:1c:bf:c1:d7:34:70:86:bc:
         86:b5:ca:d1:b4:85:03:af:74:8b:ae:79:ad:94:63:27:17:99:
         53:5c:6e:35:92:90:82:dd:80:c6:a0:c8:ba:f7:08:3c:5c:46:
         7f:8c:b7:6f:7a:e6:66:91:86:89:0b:29:28:1c:79:3e:66:8e:
         7c:6a:3f:e1:b5:5e:56:06:ac:8e:7d:6a:fb:91:94:46:b9:1d:
         31:0f:a0:35:67:9f:70:c1:f7:ab:8b:4a:88:f3:20:10:10:e1:
         e2:da:4c:db:3f:50:d7:dd:9e:27:bf:9a:b2:4c:7d:4c:6c:56:
         7d:8a:76:54
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIENyPoHzANBgkqhkiG9w0BAQsFADBnMQswCQYDVQQGEwJD
QTELMAkGA1UECBMCT04xDzANBgNVBAcTBk90dGF3YTERMA8GA1UEChMIQ2FtY2xv
dWQxETAPBgNVBAsTCENhbWNsb3VkMRQwEgYDVQQDEwtEYW4gQnVya2V0dDAeFw0x
NTA0MDIxMjQ0NDlaFw00MjA4MTgxMjQ0NDlaMGcxCzAJBgNVBAYTAkNBMQswCQYD
VQQIEwJPTjEPMA0GA1UEBxMGT3R0YXdhMREwDwYDVQQKEwhDYW1jbG91ZDERMA8G
A1UECxMIQ2FtY2xvdWQxFDASBgNVBAMTC0RhbiBCdXJrZXR0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/3NsbOHetH2oE89mOjYiMBHxxEQzaLAVsAxa
QRAXSEBmXdvQnl7Jha6HGGNAK63WZJIcI5n7gnCEwc1qmIoKbt6cyDSXw/aVUUIp
Hy7Fkp9+89h9YDvv0z80Ogaln4YWw66bbXaj3JGE4Veq7nNpC2vmZXIbMJvdhgt4
wIFV41NLX++MLqzA17bqXhAFar1j51NbZLYVNrUIj0BPqghZUXa1c6cOjva/oVCD
HU9mKnfvYwRWwNnODRjJJJxDEYrBlSduvHJ8ztDQhdoTjP3MVqBFglrTwy/POMG5
eh2bL2rPbbjH47ADJFaBAYQhMpz2EW+ORy6cWqi1g+a8EpCAeQIDAQABoyEwHzAd
BgNVHQ4EFgQUqdSHzNdwO2T/bq7EsTc+DBqGC88wDQYJKoZIhvcNAQELBQADggEB
ANqeUMgt8PU79nF1veXijfMwPu2Ikdd7VZ8ke957SRQoI5/e/h9g+2ijJZLl6PXp
WwZYJOpwT30q14ZGyF6VE2Vm6FFUjrm83pKCOR730ZVYA3s9G+cpnANM0ipcY52f
X7JYkkCyqsKU/RBMT8IZGzTBjjwUvj/zviz2XgS/+BO1quAF5acvxjYcv8HXNHCG
vIa1ytG0hQOvdIuuea2UYycXmVNcbjWSkILdgMagyLr3CDxcRn+Mt2965maRhokL
KSgceT5mjnxqP+G1XlYGrI59avuRlEa5HTEPoDVnn3DB96uLSojzIBAQ4eLaTNs/
UNfdnie/mrJMfUxsVn2KdlQ=
-----END CERTIFICATE-----


To reproduce, download a firmware image from https://amcrest.com/firmwaredownloads

One will find a .bin file.
Install binwalk.
Run binwalk -Me amcrestfirmware.bin


navigate to
 _user-x.squashfs.img.extracted/squashfs-root/bin/ssl/

and

_user-x.squashfs.img.extracted/squashfs-root/bin/amcssl/





Copyright © 1995-2018 LinuxRocket.net. All rights reserved.