Dahua Backdoor Uncovered

A lot of networking equipment companies (i.e. TrendNet and D-Link) were in trouble by the FTC several years due to security vulnerabilities because these companies failed to promptly issue the necessary firmware updates to patch the holes.

Good thing is that Netgear recently identified its own set of security vulnerabilities and promptly issued patches over the last couple of months.

If it wasn't for DIY'ers and Cyber Security specialists it'd be hard to convey the message, leaving multiple devices exposed, lol
 
Think this backdoor will be found to be on all their devices even the newer ones discussed here like the 5321 turret? I do not see new firmware for that yet but I guess that does not mean the issue does not exist. I'm not a programmer or hacker so is there an easy way to confirm the issue exists on any of one's own cameras if not listed?
 
nbstl68 said:
Think this backdoor will be found to be on all their devices even the newer ones discussed here like the 5321 turret? I do not see new firmware for that yet but I guess that does not mean the issue does not exist. I'm not a programmer or hacker so is there an easy way to confirm the issue exists on any of one's own cameras if not listed?
Click to expand...

look on the router/firewall for the camera's IP making connections to remote IP addresses.
 
hmjgriffon said:
look on the router/firewall for the camera's IP making connections to remote IP addresses.
Click to expand...

This is what I found on mine, anything to be concerned about?

I2WZa
 
Last edited:
With all these security flaws and backdoor issues and such my googling for more information has apparerntly triggered ads popping up for
"consumer firewall devices" such as these:


The CUJO Smart Firewall or the WatchGuard Firebox

A lot of these also have monthly\yearly subscription fees, (to \ for what?).
I really do not get what these would do for me vs. my computer's firewall or using a VPN, (which I have not yet had the time to figure out how to implement but am reading through some of the tutorial threads here.)

Are these devices something that takes care of all of this in one solution or is this a totally different issue?
 
nbstl68 said:
With all these security flaws and backdoor issues and such my googling for more information has apparerntly triggered ads popping up for
"consumer firewall devices" such as these:


The CUJO Smart Firewall or the WatchGuard Firebox

A lot of these also have monthly\yearly subscription fees, (to \ for what?).
I really do not get what these would do for me vs. my computer's firewall or using a VPN, (which I have not yet had the time to figure out how to implement but am reading through some of the tutorial threads here.)

Are these devices something that takes care of all of this in one solution or is this a totally different issue?
Click to expand...
They are a ripoff to take your money lol
 
Tomorrow should have some news, for those models any guys bought on the list(11 models), I can help you for the firmware updating. Dahua pull all device stock back, i think more models effected than they listed.
 
  • Like
Reactions: Clavas and wantafastz28
Wish I knew how to hack so I could test my own cameras before Dahua and other mfgs finally figure out and then get around to telling us which ones are affected before they get hacked and used for a DOS or something.
...Or I could get around to learning how to do the VPN thing I guess....but having (white hat) hacking skills would be cool. o_O
 
nbstl68 said:
Wish I knew how to hack so I could test my own cameras before Dahua and other mfgs finally figure out and then get around to telling us which ones are affected before they get hacked and used for a DOS or something.
...Or I could get around to learning how to do the VPN thing I guess....but having (white hat) hacking skills would be cool. o_O
Click to expand...

your home router may already have vpn built in then all you have to do is pretty much turn it on.
 
I think it may...So if I just have to turn it on, that would cut off communication to my BI phone app to view then, right? I need to find some instruction on hoe to connect remotely to the cams via my app or web site with the VPN turned on.
I thought I needed another VPN app on the phone.

I've gone through the VPN for Noobs thread but it seems it has gone beyond noob discussion IMO before getting to the simple how-tos.
Of course, I know how Google works so I really just need to explore more on my own and figure it out.
 
nbstl68 said:
I think it may...So if I just have to turn it on, that would cut off communication to my BI phone app to view then, right? I need to find some instruction on hoe to connect remotely to the cams via my app or web site with the VPN turned on.
I thought I needed another VPN app on the phone.

I've gone through the VPN for Noobs thread but it seems it has gone beyond noob discussion IMO before getting to the simple how-tos.
Of course, I know how Google works so I really just need to explore more on my own and figure it out.
Click to expand...

Best thing would be to Google the shit out of it and watch a bunch of videos on youtube. Nayr does a great job on that VPN for noobs thread but for more simple understanding and how to set it up do the Google/youtube thing.


For an example I user my Asus router as a VPN and the VPN through my iPhone.
 
It's pretty straightforward depending on the router connected to your gateway. I was able to configure it last night.
Now I want to configure VLAN as well once the switches arrive.

japjoe7 said:
Best thing would be to Google the shit out of it and watch a bunch of videos on youtube. Nayr does a great job on that VPN for noobs thread but for more simple understanding and how to set it up do the Google/youtube thing.


For an example I user my Asus router as a VPN and the VPN through my iPhone.
Click to expand...
 
nbstl68 said:
Wish I knew how to hack so I could test my own cameras before Dahua and other mfgs finally figure out and then get around to telling us which ones are affected before they get hacked and used for a DOS or something.
...Or I could get around to learning how to do the VPN thing I guess....but having (white hat) hacking skills would be cool. o_O
Click to expand...

Same here, would be best to be able to troubleshoot a problem for ourselves. :)

Same with VPN, they do a great job explaining but you have to use google/youtube to find a lot of information.

When I installed my Reolink it was sending information to China it seemed, I turned off some settings and I have not seen the IP popup any longer.

I wonder if Dahua has a backdoor how many others have it but not yet discovered? I feel reolink would have this issue.

I know nayr is all protected from one of his post but wondering if he can look into his models and if he can find out any issues.
 
one must always assume there are security issues and plan accordingly.
 
  • Like
Reactions: slowhandfan, looney2ns, BLKMGK and 1 other person
nayr said:
one must always assume there are security issues and plan accordingly.
Click to expand...

Exactly, it is the same reason why I have insurance. I just wish there was a better way to create this security. Besides the VPN what else can you do on your home network to avoid this backdoor issue? When I first installed reolink it was sending info to China and a US IP? I turned off UPnP and UID and it seemed to stop doing this.
 
TL1096r said:
Exactly, it is the same reason why I have insurance. I just wish there was a better way to create this security. Besides the VPN what else can you do on your home network to avoid this backdoor issue? When I first installed reolink it was sending info to China and a US IP? I turned off UPnP and UID and it seemed to stop doing this.
Click to expand...

firewall rules to block all traffic from the camera's IP in or out of the network. Then it don't matter what it tries to do.
 
hmjgriffon said:
firewall rules to block all traffic from the camera's IP in or out of the network. Then it don't matter what it tries to do.
Click to expand...

Yes, what firewall are you using? Can this be done through router?

I did change rules but still see IP going out to China/US and Italy. only 20KB but who knows what that information holds.
 
im using a Ubiquiti Edgerouter, yes you want to do it on your router.
 
  • Like
Reactions: SyconsciousAu
You must log in or register to reply here.
Top Bottom