Dahua API

[Alexandre Baiocco]

Hi, I'm trying to use the method of getting people counting data from my IPC Dahua camera via the API. But I was unsuccessful.

I have already activated people counting and heat map on the camera that has the default IP, but when using the API I am not able to do so. Can anyone help me?
I'm using this doc

 

[Alexandre Baiocco]

I am using the default ips for testing purposes. use the examples in the docs and it still doesn't work with the 404 error. I'm using the example on the 407 page (I updated the date but it didn't work either)

 

[steve1225]

cgi-bin not cgibin

 

[TonyR]

+1^^^.
i was typing that same response when my 13 15 yr old Win 7 PC lost its ever-lovin' mind!

EDIT: Correction...15 y/o, not 13! Wow, time flies.

 

[Alexandre Baiocco]

Can somemone help?
I'm trying to take theresponse from the dahua cam api, but just work in the navigator. Doesn't work in postman, or python

 

[steve1225]

READ yours error messages...

First You have:
Unverified HTTPS request. Add certificate..

Dahua cam/NVR (as all IoT devices) are using unsigned SSL certificates.. You must import into Windows/Mac/Linux system HTTPS certificate, which You can download from NVR Security module..

Or don't use https:// address, but only http:// one..

Next You got:
Falha ao acessar a URL. Código de status: 401

If You look into google 'http code 401' You will find that code is: 401 Unauthorized access..

So You login/password is incorrect or You use wrong method to encode it..

 

[Alexandre Baiocco]

I did it, I found a way through the manual and some information from the internet using digest auth!

I'll leave the code below for those who need it next time.

import hashlib
import requests
from requests.auth import HTTPDigestAuth

# Parameters
username = "admin"
password = "autvix123456"
url = "http://192.168.1.108/cgi-bin/magicBox.cgi?action=getLanguageCaps%20HTTP/1.1"

# Get the initial challenge
response = requests.get(url, auth=HTTPDigestAuth(username, password), verify=False)

# Check if the challenge requires digest authentication
if response.status_code == 401:
    headers = response.headers
    auth_header = headers.get('www-authenticate', '')
    
    # Extract parameters from the WWW-Authenticate header
    # This parsing might need adjustment based on the actual header format
    import re
    match = re.search(r'realm="([^"]+)"', auth_header)
    realm = match.group(1) if match else ""
    match = re.search(r'nonce="([^"]+)"', auth_header)
    nonce = match.group(1) if match else ""
    match = re.search(r'qop="([^"]+)"', auth_header)
    qop = match.group(1) if match else ""
    
    # Generate HA1, HA2, and Response
    HA1 = hashlib.md5(f"{username}:{realm}:{password}".encode()).hexdigest()
    HA2 = hashlib.md5(f"GET:{url}".encode()).hexdigest()
    response_digest = hashlib.md5(f"{HA1}:{nonce}:00000001:0a4f113b:{qop}:{HA2}".encode()).hexdigest()
    
    # Send the authenticated request
    headers = {
        'Authorization': f'Digest username="{username}", realm="{realm}", nonce="{nonce}", uri="{url}", response="{response_digest}", qop="{qop}", nc=00000001, cnonce="0a4f113b"'
    }
    final_response = requests.get(url, headers=headers, verify=False)
    
    if final_response.status_code == 200:
        print("Access successful!")
        print(final_response.json())
    else:
        print(f"Failed to access the URL. Status code: {final_response.status_code}")
else:
    print(response.content)
    print(f"Failed to obtain challenge. Status code: {response.status_code}")