Recent content by funtoosko

Believing that ports are used by mobile application DMSS to enable viewing the camera feed remotely, anyway was not able to watch live camera feed. however have disabled that firewall rule as well after noticing recent break-in attempt.

There is no port forwarding/Port Mapping enabled. Firewall rule which BLOCKS all inbound traffic to NVR Management IP

There has been another attempt to break-in to my NVR again ;(. Though I have locked down most of the ports on the router/firewall P2P, uPnP - disabled on NVR & Firewall no port forwarding On Firewall All inbound traffic to NVR Management (Private IP) interface BLOCKED Only below inbound...

Hi mate, I am seeing few break-in attempts on my dahua NVR 5216 and these attempt is similar to the exploits which you discoverer , is there anywhere in the log does it captures the origin of the attack ? In the NVR logs I can only see "IP address: local login" ?

I am trying to get Push Notification working on DMSS mobile without enabling P2P on NVR, though now I receive the push notification after enabling tcp/8888 outbound on Firewall but unable to view the video clipping which trigger the notification, any idea on which port does Video clips are...

This exploit was PoC'd by @bashis and document under '-=[Loopback Vulnerability]=-CVE-2021-33045 ' The behaviors is same as I don't see the origin (IP) of the attempt as its invoking "Local Login" method. Time to upgrade my firmware !!

To make the matter worse I have reported this to Dauha local support center and their cyber crime team, but haven't heard any response yet, how could we trust and use a security system which itself can be compromised and vendor is least bothered to respond or take any initiative to investigate

Someone faced similar situation where the intruder was able to get into the NVR system possible because of weak password https://ipcamtalk.com/threads/is-my-nvr-hacked-by-someone.46355/ But in my case I dont see the IP from where these attempts were being made and logs only says Local Login.