Sorry, What? Me using this to hack cameras? I didnt have to use this, because i didnt need to.
Let me clarify something that many of you dont understand.
All of you got NOTHING about this public announcment.
Because of that treatment of bugholes, manufacturers has to complicate things. Say what you want. Think what you want BUT:
1. 2 years ago you didnt gave to ask HikVision for password reset tool.
2. Many of you could dig into camera by telnet or SSH without a problem
3. Many of you bought Chineese cheaper cameras on Alibaba and they worked.
3.5 You could upload Eng soft to Chinnese camera to get EN support.
4. There was no limitation of software modification (that i do, not to hack cameras btw).
5. You got SDK APi for free, you could implement it straight away.
6. You could change firmware by upgrade or downgrade without any help.
Now what you have:
1. You need Hik assistance when you forget password
2. Hikvision first disabled telnet and later added PSH and later removed SSH access completly
(many of you asked me to prepare firmware with SSH enabled btw....)
3. You still buy Chinnese cameras but without upgrade procedure possible
4. Hikvision added RSA signature to prevent software modification
5. SDK i partly closed to the public without NDA
6. You cannot downgrade firmware because of a lock-down
Because of same work in Dahua - they added Dahua Protected Shell and RSA signatures to FW so soon you will not be able to change firmware at all.
In example Ubiquity two weeks ago added RSA signature to their firmwares because some idiot published a bug and someone used it to infect thousands of devices before they were able to fix the hole.
Finally all this makes camera more closed, more closed-source and sooner or later - maybe even more expensive.
Think about me as a someone who "hack cameras" - that's great. But dont ever ask me for help like i did before. That's not fair.
