Menu
What's new

Bought a box of used hikvision cameras

alastairstevenson

alastairstevenson

Staff member
Joined
Oct 28, 2014
Messages
15,970
Reaction score
6,795
Location
Scotland
dompel said:
One is 5.4.5 so I guess there's nothing we can do.
Click to expand...
I don't believe that presumed R0 series firmware has the very widespread CVE-2021-36260 CE vulnerability - so that isn't an attack vector.
But you will be able to reset the device to Inactive by using the Hikvision tftp updater to re-apply the 5.4.5 firmware.
It's not too hard to do if you think it's worth doing.

TFTPServ

Hikvision IP Camera Emergency Firmware Recovery TFTP. Check this thread for info on how to use this tool to un-brick your Hikvision camera.
www.ipcamtalk.com www.ipcamtalk.com
 
dompel

dompel

n3wb
Joined
Dec 3, 2022
Messages
12
Reaction score
16
Location
USA
alastairstevenson said:
No problem, the admin password is
0214Perdy100

Maybe if you are lucky, this might also work for some of the other unknowns.
Click to expand...
Thanks! Recovered another DS-2CD2232-I5 thanks to this. I've got 3 in my crap pile now. The TFTP thing sounds like it might be more trouble than its worth.
 
alastairstevenson

alastairstevenson

Staff member
Joined
Oct 28, 2014
Messages
15,970
Reaction score
6,795
Location
Scotland
dompel said:
The TFTP thing sounds like it might be more trouble than its worth.
Click to expand...
Basically -
Set the PC IP address to 192.0.0.128
Have the firmware file in the same folder as tftpserv.exe
Start the program.
Power on the camera.
With both PC and camera connected to their own LAN ports.
The camera probes and connects, downloads and applies the firmware, resets to defaults.
Job done.
 
C

comeservices

n3wb
Joined
Dec 5, 2022
Messages
8
Reaction score
0
Location
jamaica
alastairstevenson said:
No problem, the admin password is
0214Perdy100

Maybe if you are lucky, this might also work for some of the other unknowns.
Click to expand...
Goodday,bought some used DS-2CD1321-I20190305AAWRC96540263 ,need them to attach to my system..they are active and i dont know the password.how could i go about reseting them
 
C

comeservices

n3wb
Joined
Dec 5, 2022
Messages
8
Reaction score
0
Location
jamaica
comeservices said:
Goodday,bought some used DS-2CD1321-I20190305AAWRC96540263 ,need them to attach to my system..they are active and i dont know the password.how could i go about reseting them
Click to expand...
i tried hikvision tftp,set computer to 192.0.0.128 ,download ,extract the firmware,place it in folder,start tftp.stuck on intializing. but nothing happens
 
alastairstevenson

alastairstevenson

Staff member
Joined
Oct 28, 2014
Messages
15,970
Reaction score
6,795
Location
Scotland
comeservices said:
i tried hikvision tftp
Click to expand...
This works best with both PC and camera wired to their own LAN ports (no WiFi), and with the camera powered by 12v (not PoE).
Is that how you have it set up?

edit And maybe temporarily disable the Windows firewall in case it's blocking the probes.
Doe the PC have any network-protection AV running?
 
scottr1204

scottr1204

n3wb
Joined
Mar 4, 2024
Messages
1
Reaction score
0
Location
Perth Australia
alastairstevenson said:
For firmware of 5.4.0 or earlier, for most models, there is a Hikvision backdoor vulnerability that can be used to extract the camera admin password.

Suggestion to try :
Power the camera, use SADP to see the camera IP address.
Set the PC IP address to be in the same range as used by the camera.
Pull a copy of the configuration file with a browser (ideally IE but should work with others) using this URL:

http://<camera_IP_address>/System/configurationFile?auth=YWRtaW46MTEK

Zip the file and attach here and it can be decrypted and decoded to reveal the admin password.
Click to expand...
Hoping you are still on this thread and see this....

I'm having the same issue but with older firmware on my cameras of v5.3.o and NVR V3.0.19 (I don't know what any of this means)

If I am to follow your advice and get the configuration file, would you be able to decode it and get my passwords? Cheers.
 
You must log in or register to reply here.
Top