RTSP_Discover: Quick and dirty RTSP protocol discovery


In some security testing work, I recently needed to validate 554 ports that were active on the systems. Of course as you know, that port is the default port that the RTSP protocol usually resides on, and is what NMAP and other tools report it as. As you may or may not know, RTSP is prone to brute forcing and some other nefarious exploits.

To facilitate validating whether or not the 554 port was actually RTSP, I developed a quick script that runs the DESCRIBE and OPTIONS RTSP standard verbs. If the port is RTSP one or more of these should return information, if not then you will usually get a network timeout or some other network error.

The information returned from those verbs should also aid in any further testing or security auditing. As always remember these tools have been developed for testing purposes only and any nefarious usage is not acceptable.

You can find the new RTSP_Discover tool at:

https://github.com/Tek-Security-Group/rtsp_discover

Leave a comment

Your email address will not be published. Required fields are marked *