From b59ec9a3635cf7c0295dd429b8774312db2eb57c Mon Sep 17 00:00:00 2001 From: ItsIgnacioPortal <5990@protonmail.com> Date: Thu, 27 Nov 2025 22:03:52 -0300 Subject: [PATCH] feat(wordlist): Added RSTP camera wordlist Closes #1214 Related to #1266 Co-authored-by: S.B <30941141+s-b-repo@users.noreply.github.com> --- Fuzzing/README.md | 5 ++ Fuzzing/rstp.txt | 193 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 198 insertions(+) create mode 100644 Fuzzing/rstp.txt diff --git a/Fuzzing/README.md b/Fuzzing/README.md index 44bc6781..281df376 100644 --- a/Fuzzing/README.md +++ b/Fuzzing/README.md @@ -13,6 +13,11 @@ * SHA-3-256 * BLAKE2b +## rstp.txt + +Use for: Fuzzing for RSTP camera paths. + + ## URI-XSS.fuzzdb.txt Use for: Fuzzing for [XSS vulnerabilities in URIs](https://www.youtube.com/watch?v=NJulOqWjA9k) diff --git a/Fuzzing/rstp.txt b/Fuzzing/rstp.txt new file mode 100644 index 00000000..4367f9f9 --- /dev/null +++ b/Fuzzing/rstp.txt @@ -0,0 +1,193 @@ +0/video1 +1 +1.AMP +1/1:1/main +1/cif +1/stream1 +11 +12 +4 +CAM_ID.password.mp2 +CH001.sdp +GetData.cgi +H264 +HighResolutionVideo +HighResolutionvideo +Image.jpg +LowResolutionVideo +MJPEG.cgi +MediaInput/h264 +MediaInput/h264/stream_1 +MediaInput/mpeg4 +ONVIF/MediaInput +ONVIF/channel1 +PSIA/Streaming/channels/0?videoCodecType=H.264 +PSIA/Streaming/channels/1 +PSIA/Streaming/channels/1?videoCodecType=MPEG4 +PSIA/Streaming/channels/h264 +Possible +ROH/channel/11 +Streaming/Channels/1 +Streaming/Channels/101 +Streaming/Channels/102 +Streaming/Channels/103 +Streaming/Channels/2 +Streaming/Unicast/channels/101 +Streaming/channels/101 +Video?Codec=MPEG4&Width=720&Height=576&Fps=30 +VideoInput/1/h264/1 +access_code +access_name_for_stream_1_to_5 +av0_0 +av0_1 +av2 +avn=2 +axis-media/media.amp +axis-media/media.amp?videocodec=h264&resolution=640x480 +cam +cam/realmonitor +cam/realmonitor?channel=1&subtype=00 +cam/realmonitor?channel=1&subtype=01 +cam/realmonitor?channel=1&subtype=1 +cam0_0 +cam0_1 +cam1/h264 +cam1/h264/multicast +cam1/mjpeg +cam1/mpeg4 +cam1/onvif-h264 +cam4/mpeg4 +camera.stm +cgi-bin/viewer/video.jpg?resolution=640x480 +ch0 +ch0.h264 +ch01.264 +ch0_0.h264 +ch0_unicast_firststream +ch0_unicast_secondstream +channel1 +dms.jpg +dms?nowprofileid=2 +h264 +h264.sdp +h264/ch1/sub/ +h264/media.amp +h264Preview_01_main +h264Preview_01_sub +h264_vga.sdp +image.jpg +image.mpg +image/jpeg.cgi +img/media.sav +img/video.asf +img/video.sav +ioImage/1 +ipcam.sdp +ipcam/stream.cgi?nowprofileid=2 +ipcam_h264.sdp +jpg/image.jpg?size=3 +live +live.sdp +live/av0 +live/ch0 +live/ch00_0 +live/ch00_1 +live/ch1 +live/ch2 +live/h264 +live/mpeg4 +live0.264 +live1.264 +live1.sdp +live2.sdp +live3.sdp +live_h264.sdp +live_mpeg4.sdp +livestream +livestream/ +media +media.amp +media/media.amp +media/video1 +media/video2 +media/video3 +medias1 +mjpeg.cgi +mjpeg/media.smp +mp4 +mpeg4 +mpeg4/1/media.amp +mpeg4/media.amp +mpeg4/media.amp?resolution=640x480 +mpeg4/media.smp +mpeg4cif +mpeg4unicast +mpg4/rtsp.amp +multicaststream +now.mp4 +nph-h264.cgi +nphMpeg4/g726-640x +nphMpeg4/g726-640x480 +nphMpeg4/nil-320x240 +onvif-media/media.amp +onvif/live/2 +onvif1 +onvif2 +play1.sdp +play2.sdp +profile +recognizer +rtpvideo1.sdp +rtsp_tunnel +rtsph264 +rtsph2641080p +stream1 +stream2 +streaming/mjpeg +synthesizer +tcp/av0_0 +ucast/11 +unicast/c1/s1/live +user.pin.mp2 +user_defined +user=admin_password=tlJwpbo6_channel=1_stream=0.sdp?real_stream +video +video.3gp +video.cgi +video.cgi?resolution=VGA +video.cgi?resolution=vga +video.h264 +video.mjpg +video.mp4 +video.pro1 +video.pro2 +video.pro3 +video/mjpg.cgi +video1 +video1+audio1 +video2.mjpg +videoMain +videoinput_1:0/h264_1/onvif.stm +videostream.cgi?rate=0 +vis +wfov +rtsp/stream1 +rtsp/stream2 +rtsp/live.sdp +rtsp/channel/0 +rtsp/channel/1 +rtsp/channel/2 +rtsp/main +rtsp/sub +rtsp/h264 +rtsp/mpeg4 +rtsp/av0_0 +rtsp/av0_1 +rtsp/unicast +rtsp/multicast +rtsp/profile1 +rtsp/profile2 +rtsp/profile3 +rtsp/streaming/channels/101 +rtsp/streaming/channels/102 +rtsp/streaming/channels/103