Jump to content
Sign in to follow this  
matcunni

Chinese Hi3520D - Admin account lost (?) + Possible solutions

Recommended Posts

Hello! I am extremely frustrated with my uncle's NVR so I will try to post a "failed" walkthrough of what I've done (for future generations with this problem (?)) and some questions just in case it's not a loss cause as I've already concluded (being very new to this space)..

The NVR is Chinese generic. The board model is Hi3520D_V318_0408

711865057_WhatsAppImage2019-05-21at18_14_59.thumb.jpg.337850583c66cd045f1eceb58183fca3.jpg

 

The problem is not the usual "Lost admin password" but "Lost admin account"

I don't know how did my uncle to delete the administrator account and, of course, he doesn't know either.

The thing is that there's nothing in the user field, and there isn't any way of writing something there.

If you click the arrow next to the user field, nothing happens (I've read somewhere of people who got gibberish users after a firmware update, and the solution was selecting those users nevertheless and entering the default password, but in my case the user list is empty)

You can do absolutely nothing without logging in.  Any menu option you click brings the login promt to the screen.

I've already tried 4 different "master reset" software found as Hi3520D solution. But having no user, none of them worked.

534646792_WhatsAppImage2019-05-21at18_15_09.thumb.jpg.2ed945bdeeacca27722ddfc8ab3036b0.jpg

I've searched as good as I could a way to hard reset this board, but I couldn't find any, neither could find a pair of pins who looked like they could be bridged to achieve this.

According to my uncle, the default user when he accesed directly from the NVR was "system" and the default password was empty. No user with no password doesn't work.

I've tried several default passwords from the NVR interface 

I've tried to acces the system from the web interface with a lot of the common default combinations, but I just keep getting login failed.

I found a document called HiSilicon DVR hack where someone exposes a list of vulnerabilities of this chipset family

With that guide I've run a full scan with NMAP and found this:

nmap.PNG.b8cd175d29505c2435cde3b40dcc668a.PNG

 

I've tried to access by telnet with user root, pass xc3511 as they do in that thread with no success.

I've downloaded a linux distro (Kali linux), and run a telnet attack with THC HYDRA and a dictionary of default telnet user/passwords that I found in github, plus some user/password combinations that I found in my way.

passcomb.txt

I've tried another attack like that but with "brutus" and the web HTTP interface, with default users and passwords I found for NVR systems and IP cameras.

I've tried an exploit I found for NVR web interfaces that uses a curl command and a cookie to bypass the authentication page.

None of them worked.

Well, I think I'm not forgetting anything. If someone has another idea I'm all ears.

B plan:

I started looking for another board to replace the one that I have. I've found one that's has the same chipset  and looks like it could work.

3.PNG.11ee30234d1a38c7571e0bfdeadbaafe.PNG

But The one I have has a little wifi board attached with an antenna.

Is it possible to connect just the wifi board that I have to a board like the one I pasted above? Or do I need a board that has some firmware including a wifi antenna? or necessarily do I need a board which comes with a wifi antenna?

Please any help/comment would be really appreciated.

Matt

Share this post


Link to post
Share on other sites

Hi. Like Larry says. Is it going to be cost effective?  Nvrs from any manufacturer are cheap now 

the other problem is not knowing we’re your data is going with the no name brands. Some ISPs are now starting to block China connections. 

Buy a brand name and then have tech support 

Share this post


Link to post
Share on other sites
6 hours ago, larry said:

How much is that board and the necessary extra parts verses buying a new NVR?

Hi, that board costs 18USD including shipping to my country.

The cheapest generic NVR without brand, nor cameras (in my country) costs 75USD. I'm not considering buying a full system abroad because importation taxes and shipping starts to matter when size and value increases.

Buying a complete new system is what I'm trying to avoid.

Thanks for answering both

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×