Worth using is the self-service 'Forgot password' facilities both on the camera and the NVR.had set a passwor a while ago when I installed the HDD, but I forgot it.
I've just published a new reset tool that exploits this vulnerabilityto achieve the reset. It should work on firmwares that are too new to use the old reset code method, but old enough to not have this backdoor patched yet.
I've edited the first post of this thread with details and the download link.
A common cause for this type of symptom is when external access is allowed to the cameras and an internet bot messes with the camera by exploiting the 'Hikvision backdoor' vulnerability that's in that version of firmware. There are also brickerbots that try to brick the camera, not just change the password.An annoying random event.
Firmware versions after 5.4.41 are not vulnerable to the Hikvision backdoor, and don't spontaneously have their passwords reset.But, the bigger question is are the new Hikvision cams having this reset problem as well?
A common cause for this type of symptom is when external access is allowed to the cameras and an internet bot messes with the camera by exploiting the 'Hikvision backdoor' vulnerability that's in that version of firmware. There are also brickerbots that try to brick the camera, not just change the password.
External access would be possible if 'port forwarding' has been explicitly configured on your router so you can access when away from home, or inadvertently when UPnP is enabled on the router, and the camera, where it is enabled by default.
If you don't think there should be any external access, you can easily check using a service such as ShieldsUp! GRC | ShieldsUP! — Internet Vulnerability Profiling
Do the full port scan,. not the UPnP check.
Firmware versions after 5.4.41 are not vulnerable to the Hikvision backdoor, and don't spontaneously have their passwords reset.
It might be interesting, next time this password problem occurs, to extract a copy of the configuration file, using the backdoor vulnerability.
This does not require a password to do.
Simply put this URL in your browser, replacing the IP address with that of the camera :
http://<camera_IP_address>/System/configurationFile?auth=YWRtaW46MTEK
Then zip up the file and attach it here.
We can decrypt and decode it and extract the password.
Alternatively, a common password that the hackerbots set is 1111aaaa
If that works for you - it's a reasonable confirmation the camera has been hacked.
Those instructions are reasonably OK.I think it could be this method: How to reflash the firmware on Hikvision cameras (Hikvision TFTP procedure) - Security Cameras Reviews
For clearing the configuration via the tftp update in case of a lost password it's probably best to stick with the same firmware version as is currently installed.Will the TFTP method work on the latest software should the box have the latest one on it?