Have I found a Backdoor to IP Camera Video Stream????

[CheckBaby123]

I am not a hacker. I am an end user who values his security and privacy.
I recently bought a Chinese Ip Camera off Ebay. It is a Going X3-HF6B20M. http://www.ebay.com/itm/131897496502?_trksid=p2057872.m2749.l2649&ssPageName=STRK:MEBIDX:IT
This is my first IP camera and I have been in learning mode trying different NVR software. Trying to setup a camera with ONVIF, FFMPEG,Mpeg, or Jpeg can be challenging for a newbie.
I am learning about url strings like /videofeed, videostream.asf, etc.
I came across a program called ONVIF Manager which seems to be an analyzer program for onvif cameras.
I have been using iSpy and H265Web NVR programs. I wanted to scan my camera to see how many types and kinds of video streams are being used.
The program ONVIF Manager automatically scanned my camera on startup. On one of the pages I found this url access string.

rtsp://192.168.9.215:554/user=admin_password=DivDbUd2_channel=1_stream=0.sdp

I can open this stream up in VLC player and I can use this string in Ispy and H264WEB to view the camera.

admin is the default username.
I have setup a password on the camera. The login password is secret. The password I set is NOT """ DivDbUd2 """ as indicated in the rtsp url above.
This string password DivDbUd2 seems to allow anyone to view the camera video feed. I can't login to the camera parameters or configurations with this DivDbUd2 password.
As It stands, I believe this Ip camera to be unsecure.
This camera is advertised as P2P. The P2P capability seems to be in the CMS software program that came with the camera rather than in the camera firmware.

Is this a common problem or have I stumbled across a backdoor so the Chinese can access my camera and do some voyeurism?

 

[ramleaf]

Yeah, it's normal, those chinese cameras are completely garbage.
Some of them may have a decent hardware but the firmware is so bad it makes them unusable.
If you're on time you should return that camera and buy something more reliable like Dahua or Hikvision, but if you want to keep it do not expose it to the internet.

 

[CheckBaby123]

Yeah, it's normal, those chinese cameras are completely garbage.
Some of them may have a decent hardware but the firmware is so bad it makes them unusable.
If you're on time you should return that camera and buy something more reliable like Dahua or Hikvision, but if you want to keep it do not expose it to the internet.

Do you think it's garbage or is it intentional and deliberate malfeasance by the manufacturer creating a backdoor for the Peoples Republic of China??

 

[fenderman]

Do you think it's garbage or is it intentional and deliberate malfeasance by the manufacturer creating a backdoor for the Peoples Republic of China??

Its simply garbage....not because of this issue, but in general.
Lots of cams have this issue, even from more reputable brands...if you care about the security, you would not be exposing your cameras to the internet, but rather using vpn...then, you can leave all your passwords default...as it wont matter...

 

[Q™]

Do you think it's garbage or is it intentional and deliberate malfeasance by the manufacturer creating a backdoor for the Peoples Republic of China??

Yep. That camera's going to blow up and kill your family when we finally go to war with China; ditch it now before it's too late.

 

[RBen]

Hi OP, I'm not sure what router you are using but it might be fairly easy to block your camera from accessing the internet. The only thing that I miss by doing that is ntp (time server)

 

[nayr]

you can always run a local NTP Server, http://www.timesynctool.com/

 

[Q™]

you can always run a local NTP Server, http://www.timesynctool.com/

Excellent suggestion; the "NetTime" time server utility is an outstanding tiny piece of software which one runs on one's LAN to serve the current time to any local LAN client which is configured to connect to it. A+++ IMO.

 

[Mel!]

I have a cheap 720p ip camera doubtlessly based on the same chipset and firmware since it uses the same url format and the software is cms , as are these:- https://www.ipcamtalk.com/showthread.php/1812-Review-TOP-201-Super-Mini-720P-HD-IP-Cam-(The-Cheapest-IP-Cam-So-Far-!!)

The camera is completely insecure from anyone with access to your local network. Your router's firewall should block remote access other than by P2P, since the camera makes an outbound connection to the P2P server.

The DivDbUd2 password from the url is a hash generated from the admin password, so it will change when you change the password.

Onvif Device Manager needs access to the ONVIF port to obtain the rtsp stream url with the password hash, so it would be unwise to port forward the onvif port on this camera to enable remote access. As the hash isn't very long, I'd advise against port forwarding the rtsp ports as well. The Password itself is a maximum of only 20 characters and as far as I know the camera has no protections against brute force password attacks.

My camera also has a snapshot url on port 80, that doesn't require a password, so it would be very unwise to port forward that port too, not to mention the other ports it uses.

The default settings on mine have upnp disabled so it can't open ports itself. The manufacture and chinese government would presumably use the P2P access if they want to spy on you as that is more difficult to block, since you'd need to set up a firewall rule to block it.

I have a firewall rule on my router that only allows the camera internet access to the ip address and port of the time server I configured it to use.

If I wanted remote access on anything I want to keep private, then I'd uses a program like ISpy running on a PC on my lan to act as a secure gateway, or else use VPN

 

[Zorac]

you can always run a local NTP Server, http://www.timesynctool.com/

some routers have ntp servers too.

 

[CheckBaby123]

I have a cheap 720p ip camera doubtlessly based on the same chipset and firmware since it uses the same url format and the software is cms , as are these:- https://www.ipcamtalk.com/showthread.php/1812-Review-TOP-201-Super-Mini-720P-HD-IP-Cam-(The-Cheapest-IP-Cam-So-Far-!!)

The camera is completely insecure from anyone with access to your local network. Your router's firewall should block remote access other than by P2P, since the camera makes an outbound connection to the P2P server.

The DivDbUd2 password from the url is a hash generated from the admin password, so it will change when you change the password.

Onvif Device Manager needs access to the ONVIF port to obtain the rtsp stream url with the password hash, so it would be unwise to port forward the onvif port on this camera to enable remote access. As the hash isn't very long, I'd advise against port forwarding the rtsp ports as well. The Password itself is a maximum of only 20 characters and as far as I know the camera has no protections against brute force password attacks.

My camera also has a snapshot url on port 80, that doesn't require a password, so it would be very unwise to port forward that port too, not to mention the other ports it uses.

The default settings on mine have upnp disabled so it can't open ports itself. The manufacture and chinese government would presumably use the P2P access if they want to spy on you as that is more difficult to block, since you'd need to set up a firewall rule to block it.

I have a firewall rule on my router that only allows the camera internet access to the ip address and port of the time server I configured it to use.

If I wanted remote access on anything I want to keep private, then I'd uses a program like ISpy running on a PC on my lan to act as a secure gateway, or else use VPN

Thanks for being a breath of fresh air Mel. It's like the the adults finally showed up. You seem very knowledgeable about this specific camera.
1. I want my dedicated NVR to capture and encode the camera feed. The best way to save on cpu load is to capture the stream and encode it in the same format that the camera is sending it. What format does this camera stream in? H264?
2. I want to research the P2P section. I didn't see that option built in. Just off the top of my head. If I set a static IP on the camera and did not specify a gateway address would that prevent ET from phoning home? I will access the camera through Ispy or H264Web software monitoring program. BUT JUST IN CASE the Chinese are peeping on me. I will put this in the camera's field of view

 

[fenderman]

Hi everyone,

I just stumble on this forum while searching something about chinese ip cameras....
Im not used to subscribe on forums, but i felt like answering about what i read here.
I bought An ip camera from amazon.de, as i live in Belgium. I couldnt install the cam right away, like i had 2 left hands.
When i managed i was very pleased with the functionaliteit and also the image quality. But it was supposedly also 1080p..... still i had a look on aliexpress, my top of the line chinese webshop with many amazing deals.
I ordered An EXACT same looking ip cam on the outside but An 720p. Finally i had both cams running on the app EYE4, both being IDENTICAL, maybe the chinese One slightly better. The image quality is amazingly well.
But e big difference is, on amazon.de where it was NEXGADGET i payed 70€, the One from china was VSTARCAM and was sended to me for 28€. So whatever anyone tells me, i have my ownproof that its all the same shit. Sure there will be some sllight difference, but never worth the high price you pay this chinese kind of toys. Chinese or so called brand quality.... maybe you got bad luck at first, but i have nothing bad to say about aliexpress. For who cares, i can send a snapshot of the stream i get from this cheap cam

You bought two garbage cameras and clearly dont understand the difference between good cameras and junk...spend time reading the forum and learning...not all cameras are created equal..