fenderman
Staff member
- Mar 9, 2014
- 36,892
- 21,407
lol..a hacker who could inject that into your network is not coming to steal your TV..this is not TV or the movies..
They can take out all your cams with spray paint
7 Dahau cameras lost connectivity
- Thread starter shmookles
- Start date
They can take out all your cams with spray paint
I don't know if it's any help but one of my neighbours bought some Dahua IPC-HDW4431C-A cameras and one of those was working fine for a few weeks and then BI lost connectivity and the admin page couldn't be accessed. After some quick diags you could see the camera was stuck in a boot loop.
We popped it apart and bridged the reset connection pins for a couple of minutes to clear the config partition and then it came back up on the default IP and stayed up and is working fine after taking a new config.
If you haven't already it may be worth trying that - I noticed on the Aliexpress advert for that specific camera it says not to use H265 and Smart Codec on as it will damage the camera and reboot after 10 seconds - this cam was set for H264 so it shouldn't have been that but maybe there was a bug in the firmware which specific settings trigger. From memory it was on June / July 2016 firmware.
We popped it apart and bridged the reset connection pins for a couple of minutes to clear the config partition and then it came back up on the default IP and stayed up and is working fine after taking a new config.
If you haven't already it may be worth trying that - I noticed on the Aliexpress advert for that specific camera it says not to use H265 and Smart Codec on as it will damage the camera and reboot after 10 seconds - this cam was set for H264 so it shouldn't have been that but maybe there was a bug in the firmware which specific settings trigger. From memory it was on June / July 2016 firmware.
Was thinking that the SSDP could be triggering the capabilities discovery tool(ONVIF/WS-Discovery) on the cameras, which if they were running CPU heavy on there config would get you in a timeout loop on the Sonia server, by just running out of resources.
I have used some DAHUA camera that are very CPU sensitive based on config settings. I have an 4431K-AS-I6 that is very unresponsive when IVS is enabled.
It could also be possible that the rouge service was requesting reflection on those SSDP request without knowing it, if the SSDP request were hitting 1900/UDP or something. That would then be a self inflicted DDOS.
That would be unlikely as responses to SSDP searches should be unicast and not multicast.
I have used some DAHUA camera that are very CPU sensitive based on config settings. I have an 4431K-AS-I6 that is very unresponsive when IVS is enabled.
It could also be possible that the rouge service was requesting reflection on those SSDP request without knowing it, if the SSDP request were hitting 1900/UDP or something. That would then be a self inflicted DDOS.
That would be unlikely as responses to SSDP searches should be unicast and not multicast.
Last edited:
jadnokia
n3wb
- Jun 1, 2017
- 1
- 0
Based on my test, seems cameras only reboot when they have a valid gateway, if you point gateway address to a non online ip it works fine.
Later i updated the firmware, and that problem just disapeared (it happen with all the hfw4431s i have)
I used this DH_IPC-HX5X3X-Rhea_Eng_P_Stream3_V2.460.0000.7.R.20170306.bin
Later i updated the firmware, and that problem just disapeared (it happen with all the hfw4431s i have)
I used this DH_IPC-HX5X3X-Rhea_Eng_P_Stream3_V2.460.0000.7.R.20170306.bin
One word to brickerbot and hdw5231r-z. brickerbot seems to use a telnet brute force attac. These cams has disabled telnet and there is no known way to enable it on the new firmwares without customizing and reflashing it. So I mean a brickerbot attack is also really unlikely possible.