Dahua Enable Telnet
- Thread starter nayr
- Start date
Little more info. Latest FW: DH_IPC-HX5X3X-Rhea_Eng_P_Stream3_V2.460.0000.14.R.20170720.bin
Mode: IPC-HB5330.
Firmware is signed using RSA key, files inside also checked on upgrade. Nothing can be done. Inspecting right now, instead of telnet, there is SSH option in Security where you enable SSH on WebIF. Password trick same as on older models with padded string on front of password.
Mode: IPC-HB5330.
Firmware is signed using RSA key, files inside also checked on upgrade. Nothing can be done. Inspecting right now, instead of telnet, there is SSH option in Security where you enable SSH on WebIF. Password trick same as on older models with padded string on front of password.
Code:
#shell
Domain Accounts:
Domain Accounts not avaliable
#
alastairstevenson
Staff member
Ouch! Bummer.
Sounds like they hired an ex-Hikvision developer.
Another challenge to the smart inquisitive people.
could you have a remote guide for me , after all ,when using the ssh , my computer can't log in the camera by ssh . skype fengyundym ,for further guide for experience .tks.
In telnet try: killall upgraded then upgraded and connect to the camera via ConfigTool on port 3800.
If that doesn't work the TFTP method always does but is obviously more complicated.. Dahua IPC unbricking / recovery over serial UART and TFTP
Can someone elaborate on how this is done? When trying to start a Telnet connection, I never get the chance to enter a name/password; it gives a "cannot connect" immediately. When looking through the firmware files of the firmware that I have installed, there is a file already present called "telnetd" located at romfs-x.squashfs.img/sbin .......When opening the "telnetd" file in a text editor, it says "../bin/busybox"......
Does this mean telnetd is already present? If not, how would I add it back to the firmware file so that I can reinstall the firmware?
Which camera / firmware ? I could probably put it in there (or already have: Dahua Firmware Mod Kit + Modded Dahua Firmware )
The way I do it is compile a custom telnet server "utelnetd" for the cameras architecture, put it into romfs /sbin and put /sbin/utelnetd -p 2300 -l /bin/login & into romfs /etc/init.d/rcS before the line /usr/etc/imod
Well once you enabled telnet, use putty to login to the telnet server on the camera.
There you get prompted with a login, instructions in the OP of this thread.
After you've logged in you have a root shell on the cameras linux system. And that's where you put those commands in.
killall upgraded = kills all processes with the name upgraded, in case it's already running
upgraded = runs the program called upgraded (if it exists and is in PATH)
I suggest that so you can see what it says, if there are any errors ^
If you've never touched linux before then messing around with embedded linux on ip cameras might not be the best thing to start with ^^
Also, why do you want to downgrade your camera?
Wouldn't an upgrade be a better idea?
If you need telnet on the newer firmware I can patch it for you, if I'm correct that SD52C225U-HNI | Dahua Technology - Dahua Technology is your camera.
Edit: One reason I can think of that your camera won't let you flash older firmware is that the new firmware has signature verification while the old one doesn't and does not come with a sign.img
Wouldn't an upgrade be a better idea?
If you need telnet on the newer firmware I can patch it for you, if I'm correct that SD52C225U-HNI | Dahua Technology - Dahua Technology is your camera.
Edit: One reason I can think of that your camera won't let you flash older firmware is that the new firmware has signature verification while the old one doesn't and does not come with a sign.img
Attached is the firmware I'm using. If you would be willing to add it, I would greatly appreciate it. Or perhaps see if it's already there and I'm doing something wrong...Having very little Linux experience, it's all greek to me!
Are you sure that's the correct firmware for your camera? Probably why you can't flash it is because it's the wrong firmware?
The Firmware tab on SD52C225U-HNI | Dahua Technology - Dahua Technology says that this camera is using SD-Eos firmware, you linked SD-Mao.
I think I'm getting crossed up with the other poster...lol. My cam is SD49225T-HN which uses SD_Mao_Rhea that I posted above. It flashes fine on my cam and have been using this firmware for months....It just doesn't seem to support Telnet access...Trying to get Telnet support added to it.
Okay, that was my fault, I got the two of you mixed up.
So Miles wants to flash DH_SD-Eos_EngSpnFrn_N_Stream3_V2.420.0001.0.R.20161220 on his SD52C225U-HNI.
Though I'd suggest just setting up an NFS share, FTP sucks.
Would that be a possibility for you?
And wxman wants telnet access to his SD49225T-HN.
The firmware you posted looks old though, how about DH_SD-Mao-Rhea_Eng_P_Stream3_IVS_V2.600.0000.2.R.20170905 from here: SD49225T-HN | Dahua Technology - Dahua Technology ?
So Miles wants to flash DH_SD-Eos_EngSpnFrn_N_Stream3_V2.420.0001.0.R.20161220 on his SD52C225U-HNI.
Though I'd suggest just setting up an NFS share, FTP sucks.
Would that be a possibility for you?
And wxman wants telnet access to his SD49225T-HN.
The firmware you posted looks old though, how about DH_SD-Mao-Rhea_Eng_P_Stream3_IVS_V2.600.0000.2.R.20170905 from here: SD49225T-HN | Dahua Technology - Dahua Technology ?
Correct. The reason I'm wanting the old firmware is because the new firmware (v2.6 from last month) has a number of bugs in it. Another poster upgraded to that a few days ago and was having all sorts of problems. The one I posted from November of last year has been fairly stable for me, so I'm a bit scared to chance the newer one just yet.
My suggestion is to use Linux with XFS or ZFS (depending on how many disks / RAID) so you can split up HDDs into smaller blocks and export those through NFS (Network File System - it's a protocol).
For syncing I'd use syncthing, free software and self hosted.
But not everyone can be an expert so try this:
There seem to be some implementations of NFS for windows, I've never used them but you can try your luck:
WinNFSd
Networking Software for Windows
Free Network File Server (FreeNFS) for Windows
( NFS For Windows )
And others if you google "windows nfs server"
In the Dahua WebUI go to the Storage tab and instead of FTP select NAS, there you can enter your NFS servers IP address and the path of the share (that you've set up).
You can also use SmartPSS to search and play back recordings from your camera this way.
Alright, I'll try to patch it today.
Okay, here is the firmware for @wxman : https://i.botox.bz/General_SD-Mao-Rhea_Eng_N_Stream3_IVS_V2.422.0000.1.R.20161130.bin
Telnet is on port 2300
Telnet is on port 2300
NFS is not a filesystem, it's a protocol for transmitting files, just like FTP - but way better.
So you want to downgrade from DH_SD-Eos_Eng_P_Stream3_V2.600.0000.3.R.20170630 to DH_SD-Eos_EngSpnFrn_N_Stream3_V2.420.0001.0.R.20161220, correct?
20170630 has signature verification.
20161220 DOES NOT.
This is why you can't downgrade the firmware. The old firmware lacks a signature and the new firmware requires it.
So you have to flash the firmware through the TFTP recovery method or using serial UART.
Do you have a serial UART converter? If not read on ...
I need some info to make the correct package for your camera.
So I need you to follow this tutorial: Dahua IPC unbricking / recovery over serial UART and TFTP
with this package: /home/david/DahuaRecovery/Dahua_TFTPBackup_printenv.zip
The window from Console.bat should hopefully print out a bunch of info which I need to make the proper package to flash the old firmware.
Do note however that this process is risky and could brick your camera and I really advise you to give NFS a try before, it might just make you happy.
Thank you so much for your help. Haven't had a chance to try it out yet, but will try to tonight and let you know how it works....
I just looked through the files on your edited file and comparing with your earlier notes to (hopefully) get a better understanding of how you did it. I see in the romfs-x.squashfs.img /sbin directory, I see a new file "utelnetd".....and under the /etc/init.d/ directory, I see you've edited the file "rcS" by adding the line "/sbin/utelnetd -p 2300 -l /bin/login &"....
If I decide to go with the newer firmware in the future and want telnet access, would I just copy and paste that exact same "utelnetd" file and put it into the new firmware's romfs /sbin directory and add the same "/sbin/utelnetd -p 2300 -l /bin/login &" line to the /etc/init.d/rcS file? Or would a custom utelnetd file and/or script need to be made for the new firmware?
Also, since the newer firmware has some kind of "signature" thing that prevents downgrading, would it be possible to transfer signature files to the old firmware in order to make the old firmware become signed? or is that something that's not transferable?
Again, forgive my ignorance. I've never had any sort of Linux training, so I'm still trying to understand the basic concepts of what things mean.
Some cameras use different libc or have different processors so the same compile of utelnetd will not work on all cameras.
For example eos uses uclibc while these ones use armhf gnu libc.
Also if you edit any file the signature changes and you have to flash through u-boot / recovery.
But as long as it's just a different firmware for the same exact camera, then the same utelnetd will work?
So if I patched the new firmware (that has signature) then I could not load this firmware through the web interface like normal?
My hesitation to try the new firmware is because another poster had problems with it. I would be willing to try it if I could easily downgrade back to the old firmware if I had the same problems...If I'm understanding correctly, there's no way (other than a serial cable connection) to downgrade the signed firmware to older non-signed? Not even a TFTP connection alone could downgrade it to an unsigned firmware?