Jump to content
Aaron407

Help with Determining http URL Address

Recommended Posts

Hi everybody,

 

I'm a new member to the board, mostly because I can't seem to figure out URL formatting for accessing my cameras.

 

I picked up a cheap chinese IP camera (I know, first mistake...) with virtually no documentation. They came with a link to the standard CMS software, which I can use to access the stream without any issue. The stream is stable and uses the standard media port (8086 in my case). I can also find the stream using the Android vmEyeSuper HD app, with a strong and stable stream with the same local IP and port number. They work even when RTSP is disabled in the camera.

 

The problem is that I can't get iSpy to access through that port, presumably due to not knowing how to format the url. I have tried all of the generic formats for http, but nothing wants to connect. I can connect via RTSP and ONVIF, but I have found that there are many stream disconnections and poor FPS, while the stream in the CMS application stays strong at the same time, presumably with HTTP access.

 

What I'm trying to determine is what URL either CMS or vmEyeSuper HD are actually using for accessing the camera. I have dug into it through wireshark, but that only shows the IP address and port for the request, but not the full call address. Can anyone suggest how to determine this URL? I've been banging my head against the wall for days trying to figure it out, but haven't had any luck.

 

Any help would be greatly appreciated!

Share this post


Link to post
Share on other sites

Hello. Have you tried logging on to your router to check and see if any new local IP addresses have populated the client list? That info along with the right port should work at least locally and that could be a start.

Share this post


Link to post
Share on other sites
Hello. Have you tried logging on to your router to check and see if any new local IP addresses have populated the client list? That info along with the right port should work at least locally and that could be a start.

Thanks for the offer to help. That's the thing, I know the IP address and the port with certainty. The CMS software can scan IP addresses, and sees the correct one with the correct port, and connects to it without issue. I can enter that same IP address and port number into vMEyeSuper HD, and it connects beautifully as well. I just need to know what complete URL either the app or the CMS software are using to access the stream since none of the typical ones that I've tried in iSpy are working.

 

Any other ideas? I'm open to trying pretty much anything to track this down.

Share this post


Link to post
Share on other sites
Hello. Have you tried logging on to your router to check and see if any new local IP addresses have populated the client list? That info along with the right port should work at least locally and that could be a start.

Thanks for the offer to help. That's the thing, I know the IP address and the port with certainty. The CMS software can scan IP addresses, and sees the correct one with the correct port, and connects to it without issue. I can enter that same IP address and port number into vMEyeSuper HD, and it connects beautifully as well. I just need to know what complete URL either the app or the CMS software are using to access the stream since none of the typical ones that I've tried in iSpy are working.

 

Any other ideas? I'm open to trying pretty much anything to track this down.

 

Maybe will help

http://www.donationcoder.com/Software/Mouser/urlsnooper/index.html

Share this post


Link to post
Share on other sites

Thanks! I was very optimistic about that application, but, unfortunately, it ended up not helping. I can see every full URL request from iSpy, but it doesn't show anything in terms of requests from the other programs. Any other ideas?

Share this post


Link to post
Share on other sites
Thanks! I was very optimistic about that application, but, unfortunately, it ended up not helping. I can see every full URL request from iSpy, but it doesn't show anything in terms of requests from the other programs. Any other ideas?

 

Hello. On a PC at the location of the IP camera type into your search engine, "what is my IP" That should return to you the public IP address which is the address you want to use when you are away from the camera. if that still is not working then you may have to check the router and somehow forward the IP camera port so the connection works both inside and outside the network.

Share this post


Link to post
Share on other sites
Thanks! I was very optimistic about that application, but, unfortunately, it ended up not helping. I can see every full URL request from iSpy, but it doesn't show anything in terms of requests from the other programs. Any other ideas?

 

Hello. On a PC at the location of the IP camera type into your search engine, "what is my IP" That should return to you the public IP address which is the address you want to use when you are away from the camera. if that still is not working then you may have to check the router and somehow forward the IP camera port so the connection works both inside and outside the network.

 

Nothing personal GadgetA

but you misunderstand OP request

Share this post


Link to post
Share on other sites

Any markings/numbers/logos on the camera/web interface that could shed any light on the manufacturer/model of the camera? Serial number is probably the only number you don't wanna reveal here, all others, such as firmware numbers, product numbers etc. should be fine and could help identify the camera.

Share this post


Link to post
Share on other sites

Thanks for the responses guys. The camera does have a label as noted below, but it hasn't really helped me to track anything down.

 

SGB Model: SG-5036?8

2.0MP SONY CMOS IP CAMERA

SYSTEM: NTSC

POWER: DC12V

MADE IN TAIWAN

 

300218_1.jpg

300218_2.jpg

 

Beyond that, the only other labeling on the camera is a sticker with the default local IP address, and a “logo” of sorts stating “IR COLOR CCD CAMERA DIGITAL”. All settings for the camera seem to have to be made through the CMS software, but I haven't been able to find a firmware version for the camera itself.

 

I would assume from the "SGB" ahead of the model number that it would be considered the manufacturer, but I haven't been able to find an associated website. iSpy also doesn't have SGB listed as a make.

 

As for the ip address post, thanks, but I do indeed have that side covered, and it's just finding the http stream URL that is causing me grief.

Share this post


Link to post
Share on other sites

There is a way that's worked for me, but it has a learning curve.

 

Using the application NMAP https://nmap.org/ along with a script called rtsp-url-brute https://nmap.org/nsedoc/scripts/rtsp-url-brute.html will check most known RTSP URL's against a selected device (I've used it to discover correct URL's in a number of cases).

 

Using the windows version with the Zenmap GUI makes it a little easier, but it still takes a little google-fu and experimenting to learn.

 

Another way that you may be able to discover a valid URL is to use Wireshark https://www.wireshark.org/ to capture packet data while connecting the camera using the original supplied software. (Also requires a bit of learning, though).

Share this post


Link to post
Share on other sites

Thanks, I'll definitely look into that. In terms of Wireshark, I have used it in the past for other applications, but I didn't dive in too deep. Since the URL Snooper application uses the same backend (winpcap), I figured that it would find the same results, but maybe I'm wrong. I'll have more digging to do anyway.

Share this post


Link to post
Share on other sites

One other thing worth mentioning- The URL snooper or Wireshark needs to be running on the same machine as the old software, or you will need to configure a managed switch with a monitor port to allow the network traffic to go to a separate PC, to be able capture the traffic between the camera and viewing software.

Share this post


Link to post
Share on other sites

Yeah, it's on the same machine as the CMS capture software. There is also an option in URL Snooper for it to look beyond the computer (I believe "promiscuous" is the term they use), but I haven't needed it.

Share this post


Link to post
Share on other sites

Sorry, one question regarding Nmap and the script. It looks like the script only applies to RTSP streams. I can access those, whereas I'm trying to find the HTTP stream being used by the CMS software (which I know is an HTTP address as it is using the media port rather than the RTSP one). Is there anything similar for HTTP media URLs? I took a quick look through the scripts on the webpage, but didn't see one that would fit.

Share this post


Link to post
Share on other sites

I don't think there is anything that works quite the same way for HTTP request (the brute script for HTTP is more about authentication than streaming options).

 

You may have to rely on Wireshark to look at the raw packet information. Keep in mind that even if it is using the same port, it may not be a normal HTTP formatted stream, it could be TFTP or other protocols you need to look into.

 

If you can post a chunk of .pcap file somewhere, we could look at it and see what it's doing (if you are looking at filtered results just by source or destination, you might be missing information, if it's using multicast addresses or other protocols).

 

Make sure you cut out other personal info, though, using Wireshark was how I found out my E-mail login used to go out in plaintext...

Share this post


Link to post
Share on other sites

I ran wireshark when starting up the CMS software, and sifted through the raw packet data for all packets between the computer and IP camera, in both directions. I found some of what appeared to be smaller negotiation packets which included parameter data, but they didn't include any actual URLs. I'm not familiar with multicast, but, if it might not be tied to the same two addresses, I definitely might have missed something. If I can figure out how to export the log with any unnecessary data stripped out, I'll definitely post it.

 

Thanks for sticking with me on this, I appreciate it.

Share this post


Link to post
Share on other sites

Sorry for the delay in responding. I used wireshark and captured a lot of packets between the camera and the capture computer when running the CMS software. I dug through every packet and found that some seemed to include parameter data for a stream or interface, but they were not in a URL format and seemed to be completely unformatted. Unfortunately, I'm not sure exactly how to strip out personal information from the .pcap file, so I'm hesitant to post it publicly (that, and it's about 100 MB in size right now).

 

This problem ended up costing me. At 12:40am on June 26th, we had a brief power outage. The CMS software shows that the camera disconnected and reconnected 30 seconds later, presumably through the HTTP stream. However, iSpy didn't reconnect, and later that day someone stole an off-road vehicle out of our shed. The camera obviously hadn't reconnected to be able to catch them on video, so I'm pretty much SOL and seriously disappointed by our loss. It was a dune buggy that my young kids and I had used extensively to explore our new 80 acre land parcel over the last couple of years, and I had put about 60 hours into restoring it. Sad day, although they got to meet a police officer.

 

Anyway, I'm going to try connecting a camera directly to a computer's ethernet port and see if I can capture anything more with wireshark and URL snooper. I'm going to scan right from camera startup as well to see if it might be broadcasting anything that could provide any clues. I need to figure this out, or we will continue to feel uneasy living away from neighbors who now can't keep a watchful eye on our place.

Share this post


Link to post
Share on other sites

Well, I tried using URL snooper with a direct connection, but it didn't find anything. I then used wireshark and managed to get a couple of captures when launching the CMS monitoring program.

 

Unfortunately, I'm not sure how to interpret the data as the packet information doesn't contain cleanly formatted data. As such, I'm also not sure how much sensitive data might be buried in the capture.

 

So, rather than post it publicly, is there anyone who would be so kind as to sift through a couple of my captures and see if there's anything usable? I can see when communication starts between the two devices, and see frames that might be useful, but don't know how to interpret it. If anyone is interested, please let me know through PM and I'll send you links to the two capture files.

 

Thanks in advance for any help!

Share this post


Link to post
Share on other sites

After a lot more digging, I'm starting to think that the program and the web interface don't actually use a typical http stream address for accessing the camera stream. I've dug through wireshark for more hours than I'd like to admit, and I can see the connection happening, but it's passing numerous other parameters through rather than requesting from a specifically formatted address. I have monitored wireshark while using the CMS software, the web interface, and with the manufacturer's android app, and it appears that they use javascript to effectively log into the camera and pull the stream rather than a full http address. I'm not sure where to go from here other than garbaging the cameras and going with something more stable.

 

What really bothers me is that I can see the stable streams in CMS, the web applet, and the android app while the RTSP stream is falling apart and resulting in disconnects in iSpy. Maybe I should bail on iSpy and go with another monitoring platform. Does anyone have any suggested alternatives?

Share this post


Link to post
Share on other sites

BlueIris is about 60 bucks but has a trial version. It supports a lot of cameras.

Milestone has a free version.

Share this post


Link to post
Share on other sites

Well, I updated the firmware, but it didn't seem to make any difference. Then I changed the h.264 profile to "high", and, strangely, it has become very stable. So, I updated the other identical camera with the same firmware, and it has now fallen apart. Constant disconnects in iSpy, and it has a bunch of numbers on the left side of the screen (see attachment). Reflashing and rebooting haven't helped. I guess I got what I paid for with these cameras.

Front_0_20170927125436.thumb.jpg.0dcaded85a5afc8c9848d79a82c7c5c3.jpg

Share this post


Link to post
Share on other sites

I come bearing closure

 

I discovered that the one camera becoming stable was actually due to iSpy, for some reason, falling back to the low resolution secondary stream. Putting it back to the main stream had it full of disconnections again. I was able to do a reset of the GUI parameters on the one camera, which removed the odd overlaid numbers from the side of the screen. Putting both cameras with their main streams into iSpy again, though, worked terribly as they were both continually dropping out.

 

So, I installed the demo version of Blue Iris. It recognized the cameras right away, connected, and never lost them. That software is a piece of beauty, so I paid the $60CAD for a license. Free iSpy vs. Blue Iris - I guess I got what I paid for. Anyway, things seem to be working well now, and I might even add a few cameras now that I have a solid monitoring solution.

 

Thanks for all of the help throughout this fight of mine. I should have switched to Blue Iris months ago and saved myself a lot of headaches.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×