Server/Site upgrade December 14th - 16th



View unanswered posts | View active topics


Reply to topic  [ 990 posts ]  Go to page Previous  1 ... 35, 36, 37, 38, 39, 40, 41 ... 66  Next
Author Message
  
 Post subject: Re: Dahua firmware
PostPosted: Sat Jul 19, 2014 6:44 pm 
Registered User

Joined: Jul 2014
Posts: 1

Offline
Hey there. I did a dumb thing, and I updated the firmware on my Dahua hdb3200c with the Q-See firmware. It is actually older and LESS functional. Of course, it also locked out any way to easily go BACK to Dahua firmware. I think.

Is there an easy fix for this? [-o<


Top
 Profile  
Reply with quote  

  
 Post subject: Re: Dahua firmware
PostPosted: Thu Jul 31, 2014 2:11 pm 
Registered User

Joined: Dec 2013
Posts: 46

Offline
Hello,

Does any one know where to get a NTSC version of this firmware ? General_IPC-HX5(4)XXX_Eng_P_Stream3_V2.420.0000.0.R.20140419.bin

I seemed to hit a wall, where my cameras are shutting down, after synology upgrade.


Top
 Profile  
Reply with quote  

  
 Post subject: Re: Dahua firmware
PostPosted: Mon Aug 04, 2014 10:30 pm 
Registered User

Joined: Aug 2014
Posts: 1

Offline
I want to update new firmware HCVR5104H ,it come with v.2.616 . Please give me new firmware , thank you.


Top
 Profile  
Reply with quote  

  
 Post subject: Re: Dahua firmware
PostPosted: Sun Aug 10, 2014 10:51 pm 
Registered User

Joined: Jul 2012
Posts: 13

Offline
Anyway the OP could keep the first post with all firmware files linked?


Top
 Profile  
Reply with quote  

  
 Post subject: Re: Dahua firmware (my TELNET contribution)
PostPosted: Tue Aug 19, 2014 3:36 am 
Registered User

Joined: May 2013
Posts: 15

Offline
Hallo,

i've been in the forums as a passive member for quite a while and now i like
to contribute some little information to this forum.

I noticed that with the v2.4x baseline firmware releases the well known
telnet access root/vizxv is gone :x

For me as a linux guy i wasn't happy with it at all so i took some
time to reverse enginieer the firmware of my HFW4200s camera.

I manage to analyse the telnet authorization
part in the firmware. The /etc/passwd is still the same so
the old password should work as always but the engineers
at dahua changed the authorization so this file is never read
for login. First i was able to patch the busybox binary to
accept any passwords but a couple of hours later i was
able to enter a valid password.

In fact the secret login/password consists of a valid
user with administrator privileges to the web interface
(e.g. admin) and a password with a 'secret' prefix.

Long story short as in my case with login 'admin' and password 'admin'
my telnet login is like this:

login: admin
password: 7ujMko0admin

So the prefix '7ujMko0' is the important part here.

Finally i'm able to telnet login to my cameras again :D

Can any of you double check on that?

Happy telnet login!

Regards,

hdo


Top
 Profile  
Reply with quote  

  
 Post subject: Re: Dahua firmware
PostPosted: Tue Aug 19, 2014 8:19 am 
Registered User

Joined: Aug 2014
Posts: 4

Offline
Very nice work! I just tried it, for the hell of it, on my dahua nvr (NVR-4216 running V3.200.0000.2.R.20140418) and it worked perfect. Very good detective work!


Top
 Profile  
Reply with quote  

  
 Post subject: Re: Dahua firmware
PostPosted: Tue Aug 19, 2014 8:27 am 
User avatar
Registered User

Joined: May 2014
Posts: 644
Location: iTuneDVR@yandex.ru

Offline
2 hdo26

Great job, but to me it was already known since December of 2013.
I extracted the prefix disassembled firmware ;)

I was wondering when will someone come to that.
That's why I have to repack the firmware and change the prefix from prying eyes!

But at the same time I had the sense not to advertise it, and used it to help others as it can also hit the wrong hands!

Congratulations.
You opened the next hole to the outside;)

_________________
Motivations on http://www.iTuneDVR.ru


Last edited by iTuneDVR on Tue Aug 19, 2014 8:30 am, edited 1 time in total.

Top
 Profile  
Reply with quote  

  
 Post subject: Re: Dahua firmware
PostPosted: Tue Aug 19, 2014 8:30 am 
Registered User

Joined: Aug 2014
Posts: 4

Offline
Wouldn't disabling external telnet access do the same thing, or is that password able to be used elsewhere?

Either way, it's not like it's just a default password, it's just a default password prefix. Which is a hell of a lot better than the same password on everyone's device.


Top
 Profile  
Reply with quote  

  
 Post subject: Re: Dahua firmware
PostPosted: Tue Aug 19, 2014 8:33 am 
User avatar
Registered User

Joined: May 2014
Posts: 644
Location: iTuneDVR@yandex.ru

Offline
markstubb wrote:
Wouldn't disabling external telnet access do the same thing, or is that password able to be used elsewhere?

Either way, it's not like it's just a default password, it's just a default password prefix. Which is a hell of a lot better than the same password on everyone's device.


Possible to rebuild the firmware and change the prefix or remove telnet.
This prefix standard for all models.
That's why I have it and I change ;)

_________________
Motivations on http://www.iTuneDVR.ru


Top
 Profile  
Reply with quote  

  
 Post subject: Re: Dahua firmware
PostPosted: Tue Aug 19, 2014 8:36 am 
Registered User

Joined: Aug 2014
Posts: 4

Offline
I gotcha, but if you already have a complex password, having the prefix doesn't make a whole lot of difference, IMO


Top
 Profile  
Reply with quote  

  
 Post subject: Re: Dahua firmware
PostPosted: Tue Aug 19, 2014 8:40 am 
Registered User

Joined: May 2013
Posts: 15

Offline
Great, you could have saved me a couple of hours of my freetime :mrgreen:

Guess you're under NDA or something?

As for me i don't have any connections to the manufacturer and i dislike
companies who don't release the GPL source code of their products.
So i don't mind releasing this information to the public.

BTW What is iTuneDVR doing? Unfortunately i can't read russian :?

hdo

iTuneDVR wrote:
2 hdo26

Great job, but to me it was already known since December of 2013.
I extracted the prefix disassembled firmware ;)

I was wondering when will someone come to that.
That's why I have to repack the firmware and change the prefix from prying eyes!

But at the same time I had the sense not to advertise it, and used it to help others as it can also hit the wrong hands!

Congratulations.
You opened the next hole to the outside;)


Top
 Profile  
Reply with quote  

  
 Post subject: Re: Dahua firmware
PostPosted: Tue Aug 19, 2014 8:43 am 
Registered User

Joined: May 2013
Posts: 15

Offline
@iTuneDVR

Another topic regarding serial output.

On my HFW4200s i can only see the u-boot message. All messages coming from the kernel is suppressed.
Do you know how to get them displayed? (dmesg, boot messages)

EDIT: FIXED: You have to remove the dh_keyboard=1 variable in u-boot to enable boot messages (thanks for the hint!)

Quote:
1..2..3..boot_from:normal


U-Boot 2010.06-svn283 (Aug 14 2013 - 18:13:53)
I2C: ready
DRAM: 254 MiB
NAND: 128 MiB
state:ff,err_count:01
Net: Detected MACID:90:02:a9:2e:cc:b0
PHY:0x00221513,addr:0x00

TFTP from server 192.168.254.254; our IP address is 192.168.1.108; sending through gateway 192.168.1.1
Filename 'upgrade_info_7db780a713a4.txt'.
Load address: 0xc5000000
Loading: *
Retry count exceeded; starting again
Fail to get info file!
Init error!
TFTP from server 192.168.254.254; our IP address is 192.168.1.108; sending through gateway 192.168.1.1
Filename 'failed.txt'.
Load address: 0xc2000000
Loading: *
Retry count exceeded; starting again

NAND read: device 0 offset 0xc80000, size 0x00580000
5767168 bytes read: OK
## Booting kernel from Legacy Image at c2000000 ...
Image Name: Linux-2.6.38.8
Created: 2014-04-19 2:26:07 UTC
Image Type: ARM Linux Kernel Image (uncompressed)
Data Size: 2546748 Bytes = 2.4 MiB
Load Address: c0208000
Entry Point: c0208000
Verifying Checksum ... OK
Loading Kernel Image ...OK
OK

Starting kernel ...

1..2..3..boot_from:normal


U-Boot 2010.06-svn283 (Aug 14 2013 - 18:13:53)
I2C: ready
DRAM: 254 MiB
NAND: 128 MiB
state:ff,err_count:02
Net: Detected MACID:90:02:a9:2e:cc:b0
PHY:0x00221513,addr:0x00

TFTP from server 192.168.254.254; our IP address is 192.168.1.108; sending through gateway 192.168.1.1
Filename 'upgrade_info_7db780a713a4.txt'.
Load address: 0xc5000000
Loading: *
Retry count exceeded; starting again
Fail to get info file!
Init error!
TFTP from server 192.168.254.254; our IP address is 192.168.1.108; sending through gateway 192.168.1.1
Filename 'failed.txt'.
Load address: 0xc2000000
Loading: *
Retry count exceeded; starting again

NAND read: device 0 offset 0xc80000, size 0x00580000
5767168 bytes read: OK
## Booting kernel from Legacy Image at c2000000 ...
Image Name: Linux-2.6.38.8
Created: 2014-04-19 2:26:07 UTC
Image Type: ARM Linux Kernel Image (uncompressed)
Data Size: 2546748 Bytes = 2.4 MiB
Load Address: c0208000
Entry Point: c0208000
Verifying Checksum ... OK
Loading Kernel Image ...OK
OK

Starting kernel ...

nothings comes after that :(



Last edited by hdo26 on Wed Aug 20, 2014 2:05 am, edited 1 time in total.

Top
 Profile  
Reply with quote  

  
 Post subject: Re: Dahua firmware
PostPosted: Tue Aug 19, 2014 8:50 am 
Registered User

Joined: Dec 2013
Posts: 46

Offline
Worked on HDW-4200S and HDW-4300S


Top
 Profile  
Reply with quote  

  
 Post subject: Re: Dahua firmware
PostPosted: Tue Aug 19, 2014 8:58 am 
User avatar
Registered User

Joined: May 2014
Posts: 644
Location: iTuneDVR@yandex.ru

Offline
hdo26 wrote:
BTW What is iTuneDVR doing? Unfortunately i can't read russian :?


Now you have a unique with opportunities to learn Russian;)
I also have no formal connection with Dahua.
I just get the firmware and learn the content.
With this problem I encountered with Dahua IPC2100, when preparing a firmware update.
Even then, I decided with this task.

hdo26 wrote:
On my HFW4200s i can only see the u-boot message. All messages coming from the kernel is suppressed.
Do you know how to get them displayed? (dmesg, boot messages)


hdo26 wrote:
For me as a linux guy i wasn't happy with it at all so i took some
time to reverse enginieer the firmware of my HFW4200s camera.


You linux guy, is not it? ;)
Yes, I know the answer to your question, but why do you need it.
Can you just tell me what are you looking in log message?

_________________
Motivations on http://www.iTuneDVR.ru


Top
 Profile  
Reply with quote  

  
 Post subject: Re: Dahua firmware
PostPosted: Tue Aug 19, 2014 9:02 am 
Registered User

Joined: Aug 2014
Posts: 4

Offline
iTuneDVR wrote:
But at the same time I had the sense not to advertise it, and used it to help others as it can also hit the wrong hands!


This is a pretty backhanded thing to say. IMO, knowing a password prefix makes any secure password no less secure. If anything, it makes it more secure to the uninitiated who don't know the prefix. And for those who DO know the prefix, and they know/cracked the admin password, then they would have probably gotten into the box eventually anyway.

@hdo26 - I think he's trying to give you **** about divulging this prefix. Still not 100% sure why, though. Security through obscurity is not security.

I, for one, would like to say thanks!


Top
 Profile  
Reply with quote  

Display posts from previous:  Sort by  
Reply to topic  [ 990 posts ]  Go to page Previous  1 ... 35, 36, 37, 38, 39, 40, 41 ... 66  Next


Who is online

Users browsing this forum: Bing [Bot], Google Adsense [Bot] and 12 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  

It is currently Fri Dec 14, 2018 12:59 pm

The contents of this webpage are copyright © 2003-2016 CCTVForum.com. All Rights Reserved.