Recent content by rearanger
-
R
[MCR] Hikvision packer/unpacker for 5.3.x and newer firmware
(i assume the recent CVE vulnerability will not work on it ) What's the chipset on that camera? i notice it uses uImage . It may let you get root by using a similar method used on the G0 cams. -
R
Camera DS-2CD2346G2-I makes reboot many times per day
Check the rj45 cable. I have hikvision cams that reboot due to faulty rj45 run. Switch to a known working cable. -
R
Inadvertantly flashed Chinese DS-2CD6424FWD-20 (R6)
Not really done much with the R series -
R
Inadvertantly flashed Chinese DS-2CD6424FWD-20 (R6)
DS-2CD6xxx系列升级包.zip contains a g3 and g5 firmware ..And is the cam not a 2019 cam ? -
R
Inadvertantly flashed Chinese DS-2CD6424FWD-20 (R6)
There are many methods to get a Chinese cam to run as a European/english cam. You would need full shell access or way to repack firmware or hardware flash. Just get any version of Chinese firmware working on the cam. Then take it from there. Don't get too hung up on the version... -
R
Unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware (CVE-2021-36260)
G3 family busybox Fully loaded https://ipcamtalk.com/threads/exploring-the-hik-g3-family-and-maybe-gain-shell.54648/#post-533655 -
R
Exploring the Hik G3 Family and maybe gain shell!
G3 Busybox fully loaded -
R
Unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware (CVE-2021-36260)
install fully loaded busybox. or cat > /etc/passwd (add a script to make permanent if its for root) -
R
Unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware (CVE-2021-36260)
i Pm'd regarding having 2 admins. Also there are security issues in the web gui. You can get it to alter the ipc_db in ways that it should not allow. (i only stressed tested it to see if it would allow root access.) Certain functions and restriction regarding users can be overridden from the... -
R
ds-2cd2047g1 and a Normal looking junction box
the gland unscrews, you can buy blanker plugs. -
R
[MCR] Hikvision packer/unpacker for 5.3.x and newer firmware
also has files referencing hisilicon hi3518e chipset. R2 is supported in leechers / other unpacker , but it does not unpack this digicap.dav. The keys/encryption is different. -
R
[MCR] Hikvision packer/unpacker for 5.3.x and newer firmware
i binwalked it cause i have no style lol Have you reversed it yet too see if you can snag the keys? lol -
R
[MCR] Hikvision packer/unpacker for 5.3.x and newer firmware
keys are normally in davinci for decryption. You davinci in the .bin looks like a standard elf file (some davinci's are called davinci_bak) Yours is a straight elf file by the looks of it. Usually the keys are in there for decrypting the digicap.dav i ran a quick hex edit on the the davinci... -
R
[MCR] Hikvision packer/unpacker for 5.3.x and newer firmware
Platform id is 136 unsupported Were did you get the .bin file from ? Have you got root on the cam? if you have root/access to davinci/deamon_fsp then you can pull the keys from it.(there is a davinci in that bin file you posted) -
R
[MCR] Hikvision packer/unpacker for 5.3.x and newer firmware
That file does not look like ait has a hikvision header....