Hikvision camera - unable to log in all of a sudden

[Naptown]

I have a Hikvision DS-2CD3132-I camera that I have used for about 3 years. They are running V5.2.5 build 141201. This was purchased on ebay along with several others and it is clearly a gray market camera. I shouldn't have to state why I bought them, but my budget didn't allow for me to purchase legit cameras at the time. My plan was to get as much out of them as I could and then start replacing them 1 by 1 with quality cameras.

The other day 1 camera didn't come up on my phone. Later in the day, I power cycled it and dug further. It appears to be working but I just cannot log into it via the ip address. It's like the login credentials have been changed. I tried to change it via the SADP tool but I get something along the line of "device rejected." I can see that it kept the static id that I gave it, I just cannot log into it...

Being gray market, I remember the ad stating not to update the firmware. I haven't tried anything else but was hoping some of you may have some input on this! I want to reiterate, I understand I caused this issue on myself for purchasing a non-supported camera instead of purchasing through a reputable source.

 

[TonyR]

You might try @bp2008 's Hikvision camera admin password reset tool .

 

[alastairstevenson]

It's likely that the camera has been hacked.
There are various things that can be done -
Extracting the changed password by using the 'Hikvision backdoor'
Converting the camera to English and fully updating to more secure firmware.

But as a simple first step, try these passwords which have been commonly used by the hackbots :
1111aaaa
asdf1234

 

[Naptown]

It's likely that the camera has been hacked.
There are various things that can be done -
Extracting the changed password by using the 'Hikvision backdoor'
Converting the camera to English and fully updating to more secure firmware.

But as a simple first step, try these passwords which have been commonly used by the hackbots :
1111aaa
asdf1234

Perfect. I'll try this 1st step when I get home tonight.

 

[Naptown]

It's likely that the camera has been hacked.
There are various things that can be done -
Extracting the changed password by using the 'Hikvision backdoor'
Converting the camera to English and fully updating to more secure firmware.

But as a simple first step, try these passwords which have been commonly used by the hackbots :
1111aaaa
asdf1234

Wow, to my surprise, asdf1234 was the password. What does this mean!?! I changed the password to something very difficult to start...

 

[alastairstevenson]

Wow, to my surprise, asdf1234 was the password. What does this mean!?

It means -
The camera was hacked by an internet bot.
Because -
Either you are using 'port forwarding' to allow remote access to the camera. Very risky - not just to the camera, but potentially onward into your LAN and all the other devices and data on it.
Or
Both the camera and your ISP router have UPnP enabled, which allows the camera )or any other device on your LAN) to do its own 'port forwarding'.
If so - best to disable UPnP on both.

I changed the password to something very difficult to start...

That will have no effect on the ability to hack the camera.
That firmware version is vulnerable to the 'Hikvision backdoor' which gives full access to the camera without needing a password.

Being gray market, I remember the ad stating not to update the firmware. I haven't tried anything else but was hoping some of you may have some input on this!

That's a Chinese R0 camera running 'hacked to English' firmware.
It can be converted and upgraded using this method if you are tech savvy enough to give it a go :
Unbrick and fully upgrade your R0 / DS-2CD2x32 IP cameras -
R0 / DS-2CD2x32 BrickfixV2 brick recovery and full upgrade tool - enhanced.

 

[Naptown]

It means -
The camera was hacked by an internet bot.
Because -
Either you are using 'port forwarding' to allow remote access to the camera. Very risky - not just to the camera, but potentially onward into your LAN and all the other devices and data on it.
Or
Both the camera and your ISP router have UPnP enabled, which allows the camera )or any other device on your LAN) to do its own 'port forwarding'.
If so - best to disable UPnP on both.


That will have no effect on the ability to hack the camera.
That firmware version is vulnerable to the 'Hikvision backdoor' which gives full access to the camera without needing a password.


That's a Chinese R0 camera running 'hacked to English' firmware.
It can be converted and upgraded using this method if you are tech savvy enough to give it a go :
Unbrick and fully upgrade your R0 / DS-2CD2x32 IP cameras -
R0 / DS-2CD2x32 BrickfixV2 brick recovery and full upgrade tool - enhanced.

Wow, thanks. I have a lot to research. THANK YOU for your quick response and advice of what needs to be changed. I'm more savvy on pulling wires and hanging cameras than anything software related. But - I will definitely look into the BrickfixV2 upgrade before I allow this thing another internet connection. Much appreciated!