Hikvision FIRMWARE TOOLS - change language, extract files and create own firmware
- Thread starter wzhick
- Start date
alastairstevenson
Staff member
It all depends on which series of camera.
On some, that data is held in the flash memory, on others that data is held in a security chip, but in all cases there is tamper protection.
What do you aim to do?
alastairstevenson
Staff member
On the regular Hikvision R0 series, the telnet/SSH shell password for root is the web GUI admin password, except for firmware 5.4.5 where the root password is hard-coded to hiklinux for some odd reason.
Hi
Thanks for your attention.
because I have some OEM Camera and there is no any model number.
alastairstevenson
Staff member
Noob question,
What is the appropriate source to download Firmware upgrades?
I have two cameras, and I have never updated the Firmware.
XC-2342WDI - V5.3.3 build 150630
DS-2CD2332-I - V5.3.0 build 150513
I assume both are horribly dated in regards to firmware. Also to the best of knowledge, both are English (multi language) versions of the cameras. The 2332 was purchased from Nelly's and 2342 was purchased from Power Supply Center (via Amazon).
Thanks,
What is the appropriate source to download Firmware upgrades?
I have two cameras, and I have never updated the Firmware.
XC-2342WDI - V5.3.3 build 150630
DS-2CD2332-I - V5.3.0 build 150513
I assume both are horribly dated in regards to firmware. Also to the best of knowledge, both are English (multi language) versions of the cameras. The 2332 was purchased from Nelly's and 2342 was purchased from Power Supply Center (via Amazon).
Thanks,
alastairstevenson
Staff member
If these are truly English / upgradeable cameras, then a good firmware source is :
If the 2342 is a CN camera, it may brick or revert to Chinese using the EN/ML firmware.
This is an R0 series camera - DOWNLOAD PORTAL
The DS-2CD2342WD-I is an R6 series camera. I'm not 100% sure if your slightly different model number is in that series - if it is - DOWNLOAD PORTAL
If the 2342 is a CN camera, it may brick or revert to Chinese using the EN/ML firmware.
Thanks for your response alastairstevenson. Is there anyway to determine, for sure, that the camera is truly an English camera?
Thanks
Thanks
Hi, I would appriciate for the help on following issue:
I have model ds-2cd2335-i (CN) (running 5.3.3 english fw) bought on aliexpress so assuming it is hacked firmware.
Is it possible to get newer english fw version 5.4+ for it?
camera started often drop activation and issue with setup email notification.
Thanks for any help.
I have model ds-2cd2335-i (CN) (running 5.3.3 english fw) bought on aliexpress so assuming it is hacked firmware.
Is it possible to get newer english fw version 5.4+ for it?
camera started often drop activation and issue with setup email notification.
Thanks for any help.
alastairstevenson
Staff member
A good clue used to be the serial number - but I don't think it's as clear now.
What does it show?
alastairstevenson
Staff member
If this is definitely a CN camera, the EN firmware will not run on it, and will be rejected.
This series of camera has extra protection for the 'hardware info' and does not have the easy ability to change it that exists in the R0 series of cameras.
Thanks alastairstevenson!
So adding chinese fw most likely would brick it as well or I would be able to use it with google translate?
would like to know if there is any other solution rather then blok any outside traffic to it and making it just local.
Constant resets make it even locally unusable now ( wierd that it also shows iVMS kamera name as HACKED). and change of admin pass not helps with resets.
alastairstevenson
Staff member
If you're comfortable with Chinese menus, and the CN language isn't going to alienate any NVR the camera is connected to, you can administer in English all the detailed configuration with the Batch Configuration Tool : Hangzhou Hikvision Digital Technology Co. Ltd.
It works pretty well, and avoids the need for Google translate.
That's a pretty good clue that it's been messed with by an external entity.
No, the Hikvision backdoor does not require knowledge of any passwords, it's a really open backdoor.
Yes, that's what is my suspicion as well. Do you think applying IPC_G0_CN_STD_5.4.41_170710 firmware should work (on CN website that fw was listed for 2335 camera) and i can manage it after via Batch Configuration Tool? I like to use iVMS but i guess it would be not an option after that.
All i want is just fix that backdoor issue.
alastairstevenson
Staff member
I would guess that firmware will work - but you will need to be sure you are not going to get any 'language mismatch' errors with whatever you connect it to.
I have never used iVMS so I don't know if it will work like an NVR and object to the new language.
It sounds like there is a need for a G0/G1 equivalent of the R0 'enhanced mtd hack' that will allow these series of cameras to be fully updated without a brick-risk to protect against security threats.
Yes, having that mtd hack would be nice. This series looks like kind of popular, but now I regret with not getting just normal R0.
If i was able to test that "language mismatch" issue, but if there is no other option apart from loading that "CN FW", i might risk it to try.
If you do the update can you please report if iVMS still works ok. I just may live with chinese menu if I can configure camera with other tools. And can you say if there is chinese language on overlay of camera image(date, time, etc)?
alastairstevenson
Staff member
Depending on the camera model, it may not actually be running an SSH service, even behind the IP filter that the SDK tool can disable.
And even if it was - you'd only get access to the 'psh' restricted shell, which is even less useful than a chocolate teapot. In my view.
And even if it was - you'd only get access to the 'psh' restricted shell, which is even less useful than a chocolate teapot. In my view.