Hikvision DS-2CD2x32-I (R0) brick-fix tool / full upgrade method / fixup roundup.

[miror]

So I have to adjust it according to your instructions?

 

[alastairstevenson]

No, these are not instructions for that different series of cameras, these are for R0 series, DS-2CD2x32-I
For your camera the 'hardware signature' data is not stored in the flash memory of the camera.

 

[miror]

Mohl bych použít nástroj hiktools05R1 k vytvoření nového firmwaru? Po dobu dvou týdnů se fotoaparát přepne na tovární nastavení, jsem z toho špatně


EDIT:I just read that:Hiktools does not work on firmware above 5.30

 

[td0g]

Hi, my DS-2CD2135F-IS came with v5.3.6 build 151221, and now it displays "HACKED" at the bottom of the screen in IVMS4500, although it seems to work fine otherwise. Can you go to 5.4.0 from this firmware?

 

[alastairstevenson]

Can you go to 5.4.0 from this firmware?

Presumably you are exposing the camera to the internet by 'port forwarding' and someone out there is exploiting the Hikvision backdoor.

although it seems to work fine otherwise.

Be aware that as a consequence, the camera can be used as a foothold into your LAN and the other devices on it.

Can you go to 5.4.0 from this firmware?

That firmware is still vulnerable - 5.4.41 is the earliest fixed version.
Available here, section 03 - for CN cameras that will have CN menus. 海康威视是以视频为核心的物联网解决方案提供商
But if your camera is running 'hacked to English' firmware, updating will likely cause it to revert to Chinese.

 

[td0g]

Presumably you are exposing the camera to the internet by 'port forwarding' and someone out there is exploiting the Hikvision backdoor.

Be aware that as a consequence, the camera can be used as a foothold into your LAN and the other devices on it.


That firmware is still vulnerable - 5.4.41 is the earliest fixed version.
Available here, section 03 - for CN cameras that will have CN menus. 海康威视是以视频为核心的物联网解决方案提供商
But if your camera is running 'hacked to English' firmware, updating will likely cause it to revert to Chinese.

Thanks for the info, I did take it offline as soon as I noticed, I have another one of the same model with 5.4.0 FW that has not been hacked as far as I know, that's why I thought it was fixed int hat version. I guess I could just default it and then run it through a software NVR to keep it hidden. I'm pretty sure my cameras are hacked to english firmware as it came from Amazon with a warning not to upgrade it. So there is no way to get an english version of the fixed FW at this time?

 

[miror]

I forbade UPnP on the camera and the routers, and yet again someone hack my camera, can you advise what to set or disable?
One more question, there is a chance that my camera (DS-2CD2145F-IWS) will be newly modified firmware.Thank you

 

[alastairstevenson]

I forbade UPnP on the camera and the routers, and yet again someone hack my camera, can you advise what to set or disable?

Unless you have explicitly enabled some 'port forwarding' on your router that should keep it safe.
Check for any open ports by doing a full port scan using ShieldsUp! GRC | ShieldsUP! — Internet Vulnerability Profiling

One more question, there is a chance that my camera (DS-2CD2145F-IWS) will be newly modified firmware.

Sorry, but I don't understand the question.

 

[td0g]

I did notice on mine even without UPNP enabled and no port forwards, the camera somehow hijacked the default port 80, when I would browse to my public IP expecting to hit my router I would instead get the camera until I changed it to a different port.

 

[alastairstevenson]

I did notice on mine even without UPNP enabled and no port forwards, the camera somehow hijacked the default port 80,

There has to be a configuration setting that would enable that, both in the camera and the router, or possibly even some malware.

I would browse to my public IP expecting to hit my router

That is a particularly high risk thing to do - enable WAN access to the router HTTP admin port.
Many routers are easily exploited, such that malware can be planted on devices on your LAN for malicious purposes.

 

[td0g]

Oh it's almost certainly malware given the source of the camera. I have noticed this with Watchnet NVRs also. There's nothing to hijack on that LAN besides the camera so I don't really care.

 

[miror]

Unless you have explicitly enabled some 'port forwarding' on your router that should keep it safe.
Check for any open ports by doing a full port scan using ShieldsUp! GRC | ShieldsUP! — Internet Vulnerability Profiling

Sorry, but I don't understand the question.

It will be possible to modify frimwer so that it is in English. I have open ports 21, 22, 23, 81, 554, is it bad?

 

[alastairstevenson]

It will be possible to modify frimwer so that it is in English.

I do not know, for that 2145 camera, sorry.

I have open ports 21, 22, 23, 81, 554, is it bad?

Yes, pretty bad, quite a high risk.

 

[erensfd]

Sweet! Thanks for all the information. I successfully upgraded one of my DS-2CD2032_I with Chinese serial from 5.2.5 to 5.4.5 (5.2.5 => 5.3 => 5.4 => 5.4.5) after modding the mtdblock6. I did not need to make any changes on mtdblock1. Lately this camera has been randomly resetting itself to factory settings, so I hope that will get resolved.

I have another DS-2CD2032_I, and a DS-2CD2132F-IS dome camera to upgrade next, both currently at 5.2.5. I will report back.

 

[td0g]

Sweet! Thanks for all the information. I successfully upgraded one of my DS-2CD2032_I with Chinese serial from 5.2.5 to 5.4.5 (5.2.5 => 5.3 => 5.4 => 5.4.5) after modding the mtdblock6. I did not need to make any changes on mtdblock1. Lately this camera has been randomly resetting itself to factory settings, so I hope that will get resolved.

I have another DS-2CD2032_I, and a DS-2CD2132F-IS dome camera to upgrade next, both currently at 5.2.5. I will report back.

Does that version have an english option?

 

[erensfd]

Does that version have an english option?

I had the custom 5.2.5 with English menus, thanks to whoslooking's post from a couple years ago.

 

[alastairstevenson]

Does that version have an english option?

I'm not sure I understand the question.
If it's the firmware you are referring to - it's all English and Multilanguage.

I successfully upgraded one of my DS-2CD2032_I with Chinese serial from 5.2.5 to 5.4.5 (5.2.5 => 5.3 => 5.4 => 5.4.5) after modding the mtdblock6. I did not need to make any changes on mtdblock1

Well done! Another good result, and a less insecure camera.

 

[erensfd]

Sweet! Thanks for all the information. I successfully upgraded one of my DS-2CD2032_I with Chinese serial from 5.2.5 to 5.4.5 (5.2.5 => 5.3 => 5.4 => 5.4.5) after modding the mtdblock6. I did not need to make any changes on mtdblock1. Lately this camera has been randomly resetting itself to factory settings, so I hope that will get resolved.

I have another DS-2CD2032_I, and a DS-2CD2132F-IS dome camera to upgrade next, both currently at 5.2.5. I will report back.

I was able to upgrade the other two cameras, too. The only minor hiccup was that the DS-2CD2132F-IS reset the password to 12345abc after upgrading to 5.3. It took me a while to figure that out.

 

[alastairstevenson]

I was able to upgrade the other two cameras, too

Great! Odd about the password though, that's unusual.

 

[td0g]

I'm not sure I understand the question.
If it's the firmware you are referring to - it's all English and Multilanguage.


Well done! Another good result, and a less insecure camera.

My question was is there now a working 5.4.5 for Chinese cameras that has english menus?