Amcrest Cameras have a static SSL key embedded in their firmware.
daebc544e1e3440209c6bcb3abd076b2
Unpacking the firmware of any given (4 tested) Amcrest Camera shows that they use the same SSL Keys.
For example, on the Amcrest_IPC-HX1X3X-LEXUS_Eng_N_AMCREST_V2.420.AC01.3.R.20180206 firware we can see hard coded SSL private keys and CAs. If we run binwalk we can see this in the folder
_Amcrest_IPC-HX1X3X-LEXUS_Eng_N_AMCREST_V2.420.AC01.3.R.20180206.bin.extracted/_user-x.squashfs.img.extracted/squashfs-root/bin/ssl
openssl x509 -in cacert.pem -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:34:39:30:36:38:35:39:33:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Product Root CA, C=US, ST=Taxas, L=Houston, O=Amcrest Technologies LLC, OU=Amcrest
Validity
Not Before: Mar 27 07:25:35 2017 GMT
Not After : Mar 27 07:25:35 2021 GMT
Subject: CN=Product Root CA, C=US, ST=Taxas, L=Houston, O=Amcrest Technologies LLC, OU=Amcrest
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:99:26:51:d4:6c:1d:88:28:cd:9a:ef:7d:f0:72:
37:5a:9a:12:58:4a:26:3f:ed:4a:51:5e:35:71:18:
32:fd:87:05:0c:06:a3:6d:25:20:3c:c1:42:c2:93:
4d:75:00:09:0d:5c:37:cc:65:5b:ca:b3:81:4b:94:
d6:ef:ce:fc:a6:52:aa:07:02:c8:89:2c:6b:f3:a8:
17:15:84:ef:5e:a6:c3:ef:b2:cc:24:df:8e:4f:67:
24:df:75:87:ba:60:f1:8a:05:5d:2e:bf:7d:89:d5:
c4:7e:05:8f:02:80:6b:ce:c5:f5:b7:15:0f:ec:d7:
bf:8a:c4:8c:97:9b:a4:79:47:d3:3e:7a:a1:bd:5d:
a2:9a:2a:41:25:b2:db:01:d7:a8:6d:52:1e:10:37:
80:4d:90:3b:b1:b3:31:73:37:b2:4e:48:84:08:01:
4c:f1:58:b1:c6:02:06:85:88:98:43:d0:f1:c6:d1:
f3:67:7f:37:7b:66:13:bc:41:22:6f:f5:13:7d:fb:
8f:92:f2:db:90:32:3f:21:fc:a8:41:94:a4:cc:ac:
27:d0:31:08:56:ea:17:30:5b:b8:bf:83:d1:92:b6:
ee:4f:c0:a7:4e:80:3e:12:24:e9:67:56:a3:7c:7f:
c2:1d:9d:7d:3e:db:64:22:9c:41:bd:9d:e6:34:dd:
a6:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
AD:2D:97:7F:1F:FE:09:77:A7:96:FE:12:E7:3C:C6:B4:C1:FC:EC:BF
Signature Algorithm: sha256WithRSAEncryption
8d:72:fa:37:14:64:9b:d8:f2:04:d3:87:3d:0a:4b:dd:3b:c1:
b8:06:00:24:27:db:4d:8b:20:2e:bb:b8:68:99:06:73:06:45:
d8:50:48:49:12:71:04:67:66:3a:b3:78:6f:d9:59:f1:80:fb:
97:8f:e0:eb:58:02:aa:43:ce:37:f9:09:d0:4a:82:e2:61:e4:
19:bc:2e:b3:8f:13:87:f3:30:3f:eb:4d:07:5a:77:a5:f5:05:
5a:c8:0e:c1:b7:68:c3:a8:f1:2a:75:21:e9:d2:02:74:e5:c4:
c8:f0:e6:23:92:9f:eb:ad:ac:f4:d4:32:a4:eb:10:fe:49:90:
f3:85:f3:00:07:a4:2b:95:c2:d4:02:c2:21:42:aa:d5:a6:63:
68:14:a1:02:0d:1f:f7:6b:aa:4b:6c:09:63:97:37:84:0a:af:
96:a6:d2:a0:f7:48:8a:50:ac:0b:b3:47:8d:e8:f2:e9:a1:5f:
bb:27:3b:09:6a:82:a9:28:d2:a1:fa:44:9f:96:65:a1:de:6c:
da:c4:f5:99:c8:b3:ad:a4:0d:63:ef:09:c2:bc:bb:54:c7:8c:
8a:53:c4:e4:af:76:ac:61:a3:a9:51:b8:08:34:e5:37:50:1c:
c0:58:3d:ea:50:e4:6c:8c:57:fb:c8:45:40:6d:ed:0c:a5:15:
a3:43:59:61
-----BEGIN CERTIFICATE-----
MIIDsjCCApqgAwIBAgIKMTQ5MDY4NTkzNTANBgkqhkiG9w0BAQsFADB+MRgwFgYD
VQQDDA9Qcm9kdWN0IFJvb3QgQ0ExCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUYXhh
czEQMA4GA1UEBwwHSG91c3RvbjEhMB8GA1UECgwYQW1jcmVzdCBUZWNobm9sb2dp
ZXMgTExDMRAwDgYDVQQLDAdBbWNyZXN0MB4XDTE3MDMyNzA3MjUzNVoXDTIxMDMy
NzA3MjUzNVowfjEYMBYGA1UEAwwPUHJvZHVjdCBSb290IENBMQswCQYDVQQGEwJV
UzEOMAwGA1UECAwFVGF4YXMxEDAOBgNVBAcMB0hvdXN0b24xITAfBgNVBAoMGEFt
Y3Jlc3QgVGVjaG5vbG9naWVzIExMQzEQMA4GA1UECwwHQW1jcmVzdDCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJkmUdRsHYgozZrvffByN1qaElhKJj/t
SlFeNXEYMv2HBQwGo20lIDzBQsKTTXUACQ1cN8xlW8qzgUuU1u/O/KZSqgcCyIks
a/OoFxWE716mw++yzCTfjk9nJN91h7pg8YoFXS6/fYnVxH4FjwKAa87F9bcVD+zX
v4rEjJebpHlH0z56ob1dopoqQSWy2wHXqG1SHhA3gE2QO7GzMXM3sk5IhAgBTPFY
scYCBoWImEPQ8cbR82d/N3tmE7xBIm/1E337j5Ly25AyPyH8qEGUpMysJ9AxCFbq
FzBbuL+D0ZK27k/Ap06APhIk6WdWo3x/wh2dfT7bZCKcQb2d5jTdpmUCAwEAAaMy
MDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUrS2Xfx/+CXenlv4S5zzGtMH8
7L8wDQYJKoZIhvcNAQELBQADggEBAI1y+jcUZJvY8gTThz0KS907wbgGACQn202L
IC67uGiZBnMGRdhQSEkScQRnZjqzeG/ZWfGA+5eP4OtYAqpDzjf5CdBKguJh5Bm8
LrOPE4fzMD/rTQdad6X1BVrIDsG3aMOo8Sp1IenSAnTlxMjw5iOSn+utrPTUMqTr
EP5JkPOF8wAHpCuVwtQCwiFCqtWmY2gUoQINH/drqktsCWOXN4QKr5am0qD3SIpQ
rAuzR43o8umhX7snOwlqgqko0qH6RJ+WZaHebNrE9ZnIs62kDWPvCcK8u1THjIpT
xOSvdqxho6lRuAg05TdQHMBYPepQ5GyMV/vIRUBt7QylFaNDWWE=
-----END CERTIFICATE-----
openssl x509 -in cacert.pem -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:34:39:30:36:38:35:39:33:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Product Root CA, C=US, ST=Taxas, L=Houston, O=Amcrest Technologies LLC, OU=Amcrest
Validity
Not Before: Mar 27 07:25:35 2017 GMT
Not After : Mar 27 07:25:35 2021 GMT
Subject: CN=Product Root CA, C=US, ST=Taxas, L=Houston, O=Amcrest Technologies LLC, OU=Amcrest
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:99:26:51:d4:6c:1d:88:28:cd:9a:ef:7d:f0:72:
37:5a:9a:12:58:4a:26:3f:ed:4a:51:5e:35:71:18:
32:fd:87:05:0c:06:a3:6d:25:20:3c:c1:42:c2:93:
4d:75:00:09:0d:5c:37:cc:65:5b:ca:b3:81:4b:94:
d6:ef:ce:fc:a6:52:aa:07:02:c8:89:2c:6b:f3:a8:
17:15:84:ef:5e:a6:c3:ef:b2:cc:24:df:8e:4f:67:
24:df:75:87:ba:60:f1:8a:05:5d:2e:bf:7d:89:d5:
c4:7e:05:8f:02:80:6b:ce:c5:f5:b7:15:0f:ec:d7:
bf:8a:c4:8c:97:9b:a4:79:47:d3:3e:7a:a1:bd:5d:
a2:9a:2a:41:25:b2:db:01:d7:a8:6d:52:1e:10:37:
80:4d:90:3b:b1:b3:31:73:37:b2:4e:48:84:08:01:
4c:f1:58:b1:c6:02:06:85:88:98:43:d0:f1:c6:d1:
f3:67:7f:37:7b:66:13:bc:41:22:6f:f5:13:7d:fb:
8f:92:f2:db:90:32:3f:21:fc:a8:41:94:a4:cc:ac:
27:d0:31:08:56:ea:17:30:5b:b8:bf:83:d1:92:b6:
ee:4f:c0:a7:4e:80:3e:12:24:e9:67:56:a3:7c:7f:
c2:1d:9d:7d:3e:db:64:22:9c:41:bd:9d:e6:34:dd:
a6:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
AD:2D:97:7F:1F:FE:09:77:A7:96:FE:12:E7:3C:C6:B4:C1:FC:EC:BF
Signature Algorithm: sha256WithRSAEncryption
8d:72:fa:37:14:64:9b:d8:f2:04:d3:87:3d:0a:4b:dd:3b:c1:
b8:06:00:24:27:db:4d:8b:20:2e:bb:b8:68:99:06:73:06:45:
d8:50:48:49:12:71:04:67:66:3a:b3:78:6f:d9:59:f1:80:fb:
97:8f:e0:eb:58:02:aa:43:ce:37:f9:09:d0:4a:82:e2:61:e4:
19:bc:2e:b3:8f:13:87:f3:30:3f:eb:4d:07:5a:77:a5:f5:05:
5a:c8:0e:c1:b7:68:c3:a8:f1:2a:75:21:e9:d2:02:74:e5:c4:
c8:f0:e6:23:92:9f:eb:ad:ac:f4:d4:32:a4:eb:10:fe:49:90:
f3:85:f3:00:07:a4:2b:95:c2:d4:02:c2:21:42:aa:d5:a6:63:
68:14:a1:02:0d:1f:f7:6b:aa:4b:6c:09:63:97:37:84:0a:af:
96:a6:d2:a0:f7:48:8a:50:ac:0b:b3:47:8d:e8:f2:e9:a1:5f:
bb:27:3b:09:6a:82:a9:28:d2:a1:fa:44:9f:96:65:a1:de:6c:
da:c4:f5:99:c8:b3:ad:a4:0d:63:ef:09:c2:bc:bb:54:c7:8c:
8a:53:c4:e4:af:76:ac:61:a3:a9:51:b8:08:34:e5:37:50:1c:
c0:58:3d:ea:50:e4:6c:8c:57:fb:c8:45:40:6d:ed:0c:a5:15:
a3:43:59:61
-----BEGIN CERTIFICATE-----
MIIDsjCCApqgAwIBAgIKMTQ5MDY4NTkzNTANBgkqhkiG9w0BAQsFADB+MRgwFgYD
VQQDDA9Qcm9kdWN0IFJvb3QgQ0ExCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUYXhh
czEQMA4GA1UEBwwHSG91c3RvbjEhMB8GA1UECgwYQW1jcmVzdCBUZWNobm9sb2dp
ZXMgTExDMRAwDgYDVQQLDAdBbWNyZXN0MB4XDTE3MDMyNzA3MjUzNVoXDTIxMDMy
NzA3MjUzNVowfjEYMBYGA1UEAwwPUHJvZHVjdCBSb290IENBMQswCQYDVQQGEwJV
UzEOMAwGA1UECAwFVGF4YXMxEDAOBgNVBAcMB0hvdXN0b24xITAfBgNVBAoMGEFt
Y3Jlc3QgVGVjaG5vbG9naWVzIExMQzEQMA4GA1UECwwHQW1jcmVzdDCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJkmUdRsHYgozZrvffByN1qaElhKJj/t
SlFeNXEYMv2HBQwGo20lIDzBQsKTTXUACQ1cN8xlW8qzgUuU1u/O/KZSqgcCyIks
a/OoFxWE716mw++yzCTfjk9nJN91h7pg8YoFXS6/fYnVxH4FjwKAa87F9bcVD+zX
v4rEjJebpHlH0z56ob1dopoqQSWy2wHXqG1SHhA3gE2QO7GzMXM3sk5IhAgBTPFY
scYCBoWImEPQ8cbR82d/N3tmE7xBIm/1E337j5Ly25AyPyH8qEGUpMysJ9AxCFbq
FzBbuL+D0ZK27k/Ap06APhIk6WdWo3x/wh2dfT7bZCKcQb2d5jTdpmUCAwEAAaMy
MDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUrS2Xfx/+CXenlv4S5zzGtMH8
7L8wDQYJKoZIhvcNAQELBQADggEBAI1y+jcUZJvY8gTThz0KS907wbgGACQn202L
IC67uGiZBnMGRdhQSEkScQRnZjqzeG/ZWfGA+5eP4OtYAqpDzjf5CdBKguJh5Bm8
LrOPE4fzMD/rTQdad6X1BVrIDsG3aMOo8Sp1IenSAnTlxMjw5iOSn+utrPTUMqTr
EP5JkPOF8wAHpCuVwtQCwiFCqtWmY2gUoQINH/drqktsCWOXN4QKr5am0qD3SIpQ
rAuzR43o8umhX7snOwlqgqko0qH6RJ+WZaHebNrE9ZnIs62kDWPvCcK8u1THjIpT
xOSvdqxho6lRuAg05TdQHMBYPepQ5GyMV/vIRUBt7QylFaNDWWE=
-----END CERTIFICATE-----
as well as
_Amcrest_IPC-HX1X3X-LEXUS_Eng_N_AMCREST_V2.420.AC01.3.R.20180206.bin.extracted/_user-x.squashfs.img.extracted/squashfs-root/bin/amcssl
openssl x509 -in cacert.pem -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 925100063 (0x3723e81f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=CA, ST=ON, L=Ottawa, O=Camcloud, OU=Camcloud, CN=Dan Burkett
Validity
Not Before: Apr 2 12:44:49 2015 GMT
Not After : Aug 18 12:44:49 2042 GMT
Subject: C=CA, ST=ON, L=Ottawa, O=Camcloud, OU=Camcloud, CN=Dan Burkett
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ff:73:6c:6c:e1:de:b4:7d:a8:13:cf:66:3a:36:
22:30:11:f1:c4:44:33:68:b0:15:b0:0c:5a:41:10:
17:48:40:66:5d:db:d0:9e:5e:c9:85:ae:87:18:63:
40:2b:ad:d6:64:92:1c:23:99:fb:82:70:84:c1:cd:
6a:98:8a:0a:6e:de:9c:c8:34:97:c3:f6:95:51:42:
29:1f:2e:c5:92:9f:7e:f3:d8:7d:60:3b:ef:d3:3f:
34:3a:06:a5:9f:86:16:c3:ae:9b:6d:76:a3:dc:91:
84:e1:57:aa:ee:73:69:0b:6b:e6:65:72:1b:30:9b:
dd:86:0b:78:c0:81:55:e3:53:4b:5f:ef:8c:2e:ac:
c0:d7:b6:ea:5e:10:05:6a:bd:63:e7:53:5b:64:b6:
15:36:b5:08:8f:40:4f:aa:08:59:51:76:b5:73:a7:
0e:8e:f6:bf:a1:50:83:1d:4f:66:2a:77:ef:63:04:
56:c0:d9:ce:0d:18:c9:24:9c:43:11:8a:c1:95:27:
6e:bc:72:7c:ce:d0:d0:85:da:13:8c:fd:cc:56:a0:
45:82:5a:d3:c3:2f:cf:38:c1:b9:7a:1d:9b:2f:6a:
cf:6d:b8:c7:e3:b0:03:24:56:81:01:84:21:32:9c:
f6:11:6f:8e:47:2e:9c:5a:a8:b5:83:e6:bc:12:90:
80:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:D4:87:CC:D7:70:3B:64:FF:6E:AE:C4:B1:37:3E:0C:1A:86:0B:CF
Signature Algorithm: sha256WithRSAEncryption
da:9e:50:c8:2d:f0:f5:3b:f6:71:75:bd:e5:e2:8d:f3:30:3e:
ed:88:91:d7:7b:55:9f:24:7b:de:7b:49:14:28:23:9f:de:fe:
1f:60:fb:68:a3:25:92:e5:e8:f5:e9:5b:06:58:24:ea:70:4f:
7d:2a:d7:86:46:c8:5e:95:13:65:66:e8:51:54:8e:b9:bc:de:
92:82:39:1e:f7:d1:95:58:03:7b:3d:1b:e7:29:9c:03:4c:d2:
2a:5c:63:9d:9f:5f:b2:58:92:40:b2:aa:c2:94:fd:10:4c:4f:
c2:19:1b:34:c1:8e:3c:14:be:3f:f3:be:2c:f6:5e:04:bf:f8:
13:b5:aa:e0:05:e5:a7:2f:c6:36:1c:bf:c1:d7:34:70:86:bc:
86:b5:ca:d1:b4:85:03:af:74:8b:ae:79:ad:94:63:27:17:99:
53:5c:6e:35:92:90:82:dd:80:c6:a0:c8:ba:f7:08:3c:5c:46:
7f:8c:b7:6f:7a:e6:66:91:86:89:0b:29:28:1c:79:3e:66:8e:
7c:6a:3f:e1:b5:5e:56:06:ac:8e:7d:6a:fb:91:94:46:b9:1d:
31:0f:a0:35:67:9f:70:c1:f7:ab:8b:4a:88:f3:20:10:10:e1:
e2:da:4c:db:3f:50:d7:dd:9e:27:bf:9a:b2:4c:7d:4c:6c:56:
7d:8a:76:54
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIENyPoHzANBgkqhkiG9w0BAQsFADBnMQswCQYDVQQGEwJD
QTELMAkGA1UECBMCT04xDzANBgNVBAcTBk90dGF3YTERMA8GA1UEChMIQ2FtY2xv
dWQxETAPBgNVBAsTCENhbWNsb3VkMRQwEgYDVQQDEwtEYW4gQnVya2V0dDAeFw0x
NTA0MDIxMjQ0NDlaFw00MjA4MTgxMjQ0NDlaMGcxCzAJBgNVBAYTAkNBMQswCQYD
VQQIEwJPTjEPMA0GA1UEBxMGT3R0YXdhMREwDwYDVQQKEwhDYW1jbG91ZDERMA8G
A1UECxMIQ2FtY2xvdWQxFDASBgNVBAMTC0RhbiBCdXJrZXR0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/3NsbOHetH2oE89mOjYiMBHxxEQzaLAVsAxa
QRAXSEBmXdvQnl7Jha6HGGNAK63WZJIcI5n7gnCEwc1qmIoKbt6cyDSXw/aVUUIp
Hy7Fkp9+89h9YDvv0z80Ogaln4YWw66bbXaj3JGE4Veq7nNpC2vmZXIbMJvdhgt4
wIFV41NLX++MLqzA17bqXhAFar1j51NbZLYVNrUIj0BPqghZUXa1c6cOjva/oVCD
HU9mKnfvYwRWwNnODRjJJJxDEYrBlSduvHJ8ztDQhdoTjP3MVqBFglrTwy/POMG5
eh2bL2rPbbjH47ADJFaBAYQhMpz2EW+ORy6cWqi1g+a8EpCAeQIDAQABoyEwHzAd
BgNVHQ4EFgQUqdSHzNdwO2T/bq7EsTc+DBqGC88wDQYJKoZIhvcNAQELBQADggEB
ANqeUMgt8PU79nF1veXijfMwPu2Ikdd7VZ8ke957SRQoI5/e/h9g+2ijJZLl6PXp
WwZYJOpwT30q14ZGyF6VE2Vm6FFUjrm83pKCOR730ZVYA3s9G+cpnANM0ipcY52f
X7JYkkCyqsKU/RBMT8IZGzTBjjwUvj/zviz2XgS/+BO1quAF5acvxjYcv8HXNHCG
vIa1ytG0hQOvdIuuea2UYycXmVNcbjWSkILdgMagyLr3CDxcRn+Mt2965maRhokL
KSgceT5mjnxqP+G1XlYGrI59avuRlEa5HTEPoDVnn3DB96uLSojzIBAQ4eLaTNs/
UNfdnie/mrJMfUxsVn2KdlQ=
-----END CERTIFICATE-----
openssl x509 -in cacert.pem -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 925100063 (0x3723e81f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=CA, ST=ON, L=Ottawa, O=Camcloud, OU=Camcloud, CN=Dan Burkett
Validity
Not Before: Apr 2 12:44:49 2015 GMT
Not After : Aug 18 12:44:49 2042 GMT
Subject: C=CA, ST=ON, L=Ottawa, O=Camcloud, OU=Camcloud, CN=Dan Burkett
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ff:73:6c:6c:e1:de:b4:7d:a8:13:cf:66:3a:36:
22:30:11:f1:c4:44:33:68:b0:15:b0:0c:5a:41:10:
17:48:40:66:5d:db:d0:9e:5e:c9:85:ae:87:18:63:
40:2b:ad:d6:64:92:1c:23:99:fb:82:70:84:c1:cd:
6a:98:8a:0a:6e:de:9c:c8:34:97:c3:f6:95:51:42:
29:1f:2e:c5:92:9f:7e:f3:d8:7d:60:3b:ef:d3:3f:
34:3a:06:a5:9f:86:16:c3:ae:9b:6d:76:a3:dc:91:
84:e1:57:aa:ee:73:69:0b:6b:e6:65:72:1b:30:9b:
dd:86:0b:78:c0:81:55:e3:53:4b:5f:ef:8c:2e:ac:
c0:d7:b6:ea:5e:10:05:6a:bd:63:e7:53:5b:64:b6:
15:36:b5:08:8f:40:4f:aa:08:59:51:76:b5:73:a7:
0e:8e:f6:bf:a1:50:83:1d:4f:66:2a:77:ef:63:04:
56:c0:d9:ce:0d:18:c9:24:9c:43:11:8a:c1:95:27:
6e:bc:72:7c:ce:d0:d0:85:da:13:8c:fd:cc:56:a0:
45:82:5a:d3:c3:2f:cf:38:c1:b9:7a:1d:9b:2f:6a:
cf:6d:b8:c7:e3:b0:03:24:56:81:01:84:21:32:9c:
f6:11:6f:8e:47:2e:9c:5a:a8:b5:83:e6:bc:12:90:
80:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:D4:87:CC:D7:70:3B:64:FF:6E:AE:C4:B1:37:3E:0C:1A:86:0B:CF
Signature Algorithm: sha256WithRSAEncryption
da:9e:50:c8:2d:f0:f5:3b:f6:71:75:bd:e5:e2:8d:f3:30:3e:
ed:88:91:d7:7b:55:9f:24:7b:de:7b:49:14:28:23:9f:de:fe:
1f:60:fb:68:a3:25:92:e5:e8:f5:e9:5b:06:58:24:ea:70:4f:
7d:2a:d7:86:46:c8:5e:95:13:65:66:e8:51:54:8e:b9:bc:de:
92:82:39:1e:f7:d1:95:58:03:7b:3d:1b:e7:29:9c:03:4c:d2:
2a:5c:63:9d:9f:5f:b2:58:92:40:b2:aa:c2:94:fd:10:4c:4f:
c2:19:1b:34:c1:8e:3c:14:be:3f:f3:be:2c:f6:5e:04:bf:f8:
13:b5:aa:e0:05:e5:a7:2f:c6:36:1c:bf:c1:d7:34:70:86:bc:
86:b5:ca:d1:b4:85:03:af:74:8b:ae:79:ad:94:63:27:17:99:
53:5c:6e:35:92:90:82:dd:80:c6:a0:c8:ba:f7:08:3c:5c:46:
7f:8c:b7:6f:7a:e6:66:91:86:89:0b:29:28:1c:79:3e:66:8e:
7c:6a:3f:e1:b5:5e:56:06:ac:8e:7d:6a:fb:91:94:46:b9:1d:
31:0f:a0:35:67:9f:70:c1:f7:ab:8b:4a:88:f3:20:10:10:e1:
e2:da:4c:db:3f:50:d7:dd:9e:27:bf:9a:b2:4c:7d:4c:6c:56:
7d:8a:76:54
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIENyPoHzANBgkqhkiG9w0BAQsFADBnMQswCQYDVQQGEwJD
QTELMAkGA1UECBMCT04xDzANBgNVBAcTBk90dGF3YTERMA8GA1UEChMIQ2FtY2xv
dWQxETAPBgNVBAsTCENhbWNsb3VkMRQwEgYDVQQDEwtEYW4gQnVya2V0dDAeFw0x
NTA0MDIxMjQ0NDlaFw00MjA4MTgxMjQ0NDlaMGcxCzAJBgNVBAYTAkNBMQswCQYD
VQQIEwJPTjEPMA0GA1UEBxMGT3R0YXdhMREwDwYDVQQKEwhDYW1jbG91ZDERMA8G
A1UECxMIQ2FtY2xvdWQxFDASBgNVBAMTC0RhbiBCdXJrZXR0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/3NsbOHetH2oE89mOjYiMBHxxEQzaLAVsAxa
QRAXSEBmXdvQnl7Jha6HGGNAK63WZJIcI5n7gnCEwc1qmIoKbt6cyDSXw/aVUUIp
Hy7Fkp9+89h9YDvv0z80Ogaln4YWw66bbXaj3JGE4Veq7nNpC2vmZXIbMJvdhgt4
wIFV41NLX++MLqzA17bqXhAFar1j51NbZLYVNrUIj0BPqghZUXa1c6cOjva/oVCD
HU9mKnfvYwRWwNnODRjJJJxDEYrBlSduvHJ8ztDQhdoTjP3MVqBFglrTwy/POMG5
eh2bL2rPbbjH47ADJFaBAYQhMpz2EW+ORy6cWqi1g+a8EpCAeQIDAQABoyEwHzAd
BgNVHQ4EFgQUqdSHzNdwO2T/bq7EsTc+DBqGC88wDQYJKoZIhvcNAQELBQADggEB
ANqeUMgt8PU79nF1veXijfMwPu2Ikdd7VZ8ke957SRQoI5/e/h9g+2ijJZLl6PXp
WwZYJOpwT30q14ZGyF6VE2Vm6FFUjrm83pKCOR730ZVYA3s9G+cpnANM0ipcY52f
X7JYkkCyqsKU/RBMT8IZGzTBjjwUvj/zviz2XgS/+BO1quAF5acvxjYcv8HXNHCG
vIa1ytG0hQOvdIuuea2UYycXmVNcbjWSkILdgMagyLr3CDxcRn+Mt2965maRhokL
KSgceT5mjnxqP+G1XlYGrI59avuRlEa5HTEPoDVnn3DB96uLSojzIBAQ4eLaTNs/
UNfdnie/mrJMfUxsVn2KdlQ=
-----END CERTIFICATE-----
To reproduce, download a firmware image from https://amcrest.com/firmwaredownloads
One will find a .bin file.
Install binwalk.
Run binwalk -Me amcrestfirmware.bin
navigate to
_user-x.squashfs.img.extracted/squashfs-root/bin/ssl/
and
_user-x.squashfs.img.extracted/squashfs-root/bin/amcssl/