Show Me

Simple home camera / monitoring app (NOT INTENDED FOR ACTUAL USAGE, look at Security concerns)

Setup

Setup venv if needed (i.e. python3 -m venv showme) then:

pip install -r requirements.txt

Customize .env as needed

cd into /src

python app.py

Go to localhost:5000

To run it in systemd, edit showme.service (WorkingDirectory and ExecStart specifically) Copy it to etc/systemd/system then start/stop the service

sudo systemctl start showme.service
sudo systemctl stop showme.service

Exploit is worked out

Do NOT use this app in production! It is only built as a proof of concept. There are no security measures in place.

Notably:

This app cannot tell who or how many devices are connected and streaming (TODO)
Related to above point, authentication and authorization is not implemented (TODO)
Flask is a wrapper around Werkzeug which allows access to console as debug tool
- It can potentially allow RCE

Name		Name	Last commit message	Last commit date
Latest commit History 11 Commits
src		src
.env		.env
.gitignore		.gitignore
.python-version		.python-version
Dockerfile		Dockerfile
readme.org		readme.org
requirements.txt		requirements.txt
showme.service		showme.service
using_werkzeug_exploit.org		using_werkzeug_exploit.org