A simple demonstration allowing an attacker to passively monitor behavior in and around a Ring camera owner's home.
This tool is intended solely for educational and research purposes. Its goal is to demonstrate privacy vulnerabilities that exist even in strongly-encrypted video traffic. It is NOT a tool for unauthorized monitoring or stalking.
To prevent misuse, this tool is intentionally designed to be used only on your local network with your own Ring cameras. It requires a pre-captured PCAP file (e.g., from Wireshark) and the specific IP addresses of the camera and monitoring device.
If you find this demonstration invasive, use that insight to evaluate the privacy of your cloud-connected devices.
Before running the tool, ensure you have the following installed:
- Python 3.10+: Download from python.org.
Important
Windows users: Ensure "Add Python to PATH" is checked during installation.
- Wireshark (TShark): The script uses the TShark engine to analyze network data. Download from wireshark.org.
Important
Windows users: Ensure the TShark component is selected during installation.
Important
macOS users: Ensure you allow the installer to "Install ChmodBPF" and "Add Wireshark to the system path."
If you have uv and go-task installed, setup is a single command:
task dependency:installIf you prefer a manual installation, follow these steps:
- Open PowerShell and navigate to your project folder:
cd path\to\MonitoRing
- Create and activate a virtual environment:
python -m venv venv .\venv\Scripts\activate - Install dependencies:
pip install -r requirements.txt
- Open Terminal and navigate to your project folder:
cd path/to/MonitoRing - Create and activate a virtual environment:
python3 -m venv venv source venv/bin/activate - Install dependencies:
pip install -r requirements.txt
Note
For additional information regarding Virtual Environment, please refer to Python - Virtual Environments and Packages
Ensure your virtual environment is activated (you should see (venv) in your terminal prompt).
task runpython MonitoRing-0.2.pyWhen started, the script will prompt for the following:
- File Path: The path to your captured
.pcapfile. You can drag and drop the file into the terminal. - Camera IP Address: The local IP of the Ring camera (e.g.,
192.168.1.50). - Threshold (KB/s): The data rate threshold to trigger detection. Press Enter to use the default
500 KB/s.
- "TShark not found": On Windows, you may need to specify the TShark path manually at the top of the script:
import pyshark pyshark.tshark.tshark.get_tshark_path = lambda: r"C:\Program Files\Wireshark\tshark.exe"
- Permission Denied (macOS): If you encounter BPF device permission errors, run:
sudo chown $USER /dev/bpf*
- Empty Results: Ensure the IP address matches what is shown in the "Source" or "Destination" columns when inspecting the PCAP file in the Wireshark GUI.