Meisort Y203S

Discussion in 'IP Cameras' started by Dimitris St, Dec 13, 2017.

Share This Page

  1. Dimitris St

    Dimitris St n3wb

    Joined:
    Dec 13, 2017
    Messages:
    8
    Likes Received:
    0
    Hello guys,
    i bought this camera
    to use it as a baby monitor.
    The problem is that i can only watch in from my mobile phone and not from a PC because it does not provide an rtsp address/linux username and password or a configuration programm , i can only connect from a smart phone via a chinese application named Home Care.
    Has anyone any idea how to bypass this problem and use the IP camera from a PC?
     
  2. fenderman

    fenderman Staff Member

    Joined:
    Mar 9, 2014
    Messages:
    29,350
    Likes Received:
    8,713
    you cant...send back that junk...
     
  3. mat200

    mat200 IPCT Contributor

    Joined:
    Jan 17, 2017
    Messages:
    3,899
    Likes Received:
    2,023
    Hi and Welcome Dimitris,

    With the numerous cloud cameras coming out, the vendors want to lock you out of any non-cloud use.

    If you plan to keep the camera and want to access it without using their cloud service you will need to look for a way to "jail break" it - I have seen a number of such projects on github - so perhaps looking there to see what you can find a project and notes which maybe useful.

    Of course the easiest option is probably buying a camera which already has rtsp readily available.
     
    Dimitris St likes this.
  4. Dimitris St

    Dimitris St n3wb

    Joined:
    Dec 13, 2017
    Messages:
    8
    Likes Received:
    0

    I see, i will take a look there , thank you for your advice my friend
     
  5. foreyk

    foreyk n3wb

    Joined:
    Dec 26, 2017
    Messages:
    7
    Likes Received:
    3
    there's a way to access to via web which the using adobe flash under another app (not "Home Care" which their app is the same under different features ("Home Care" app doesn't do the email notification). this device has been build embedded firmware with different brand name like "Digoo","Closeli", which they do want you to be subscribe to a could service locking you in P2P using Amazon CouldCam program. Chinese company label their device with P2P but doesn't explain what is or how it work and once you got the unit that's where you find out you need their cloud service to make best out of the cam when you see it work under their trial service included.
     
    Dimitris St likes this.
  6. Dimitris St

    Dimitris St n3wb

    Joined:
    Dec 13, 2017
    Messages:
    8
    Likes Received:
    0
    Thanks for your replay my friend.
    So i can use it differently with another software?And how?
     
  7. foreyk

    foreyk n3wb

    Joined:
    Dec 26, 2017
    Messages:
    7
    Likes Received:
    3
    Here one way of what you can do (remember there other app using the same, but I test and work this one). Install "Digoo Cloud" (preferred from your google paly if you use android)(You will notice is the same icon like "Home Care", but green) do the same registration as you did with "Home Care" and you will notice that the app is the same except is had email notification setup (Extra ) but is host by eyeplusiot.com, then confirm your account email. now you have access to Secure Login to your live camera and everything you have in your app . cheer.. hack
     
    Last edited: Dec 26, 2017
  8. fenderman

    fenderman Staff Member

    Joined:
    Mar 9, 2014
    Messages:
    29,350
    Likes Received:
    8,713
    dont install any of this junk china spyware on your phone...avoid these crap cameras at all costs.
     
  9. fenderman

    fenderman Staff Member

    Joined:
    Mar 9, 2014
    Messages:
    29,350
    Likes Received:
    8,713
    no you cannot...that is direct from china p2p spyware.
     
  10. foreyk

    foreyk n3wb

    Joined:
    Dec 26, 2017
    Messages:
    7
    Likes Received:
    3
    Yes, that's posible they use their software to spy, however I just give Dimitris St a way to be able to use it, as Dimitris St already installed their software "Home Care" from the Y203s instructions and Dimitris St want a way to see it via Web. That is what I provided. It's up to Dimitris St to keep it or dump it. Anyway just trying to help other, but most important provide the real about this system, so others can make a decision to avoid them or risk with them.
     
    Last edited: Dec 26, 2017
  11. fenderman

    fenderman Staff Member

    Joined:
    Mar 9, 2014
    Messages:
    29,350
    Likes Received:
    8,713
    you are not giving him a way to use it because you misunderstood his question and you didnt warn him about the security risks.
    READ is post again, he wants to stream to a PC via RTSP, your "solution" does not allow this. This cameras are low end crap and should be avoided by EVERYONE.
     
    foreyk and Dimitris St like this.
  12. foreyk

    foreyk n3wb

    Joined:
    Dec 26, 2017
    Messages:
    7
    Likes Received:
    3
    Well. Thanks for your clarification, since I didn't said anything about the security risk. Again ..you are right... Everyone should avoid them. No argument here about that, so hope those who lookin to buy one and read this will avoid this devices.
     
    Dimitris St likes this.
  13. Dimitris St

    Dimitris St n3wb

    Joined:
    Dec 13, 2017
    Messages:
    8
    Likes Received:
    0
    By the way eyeplusiot.com works, its not RTSP that i wanted but its a way to look at my camera via PC (sadly through Internet again) without installing this crappy Software on my phone.
    So it's something.
    Thanks for the info man.
     
  14. Overbum

    Overbum n3wb

    Joined:
    Jan 8, 2018
    Messages:
    2
    Likes Received:
    4
    rtsp://ip_camera:8001
    login admin
    password: admin
    Check this

    Meisort camera ports can be looked over nmap request
    nmap -AT4 ip_camera
     
    Dimitris St likes this.
  15. Dimitris St

    Dimitris St n3wb

    Joined:
    Dec 13, 2017
    Messages:
    8
    Likes Received:
    0
    First of all thanks for the reply friend.
    First i tried nmap -AT4 192.168.1.9 and i got

    Starting Nmap 7.60 ( Nmap: the Network Mapper - Free Security Scanner ) at 2018-01-09 16:40 GTB Standard Time
    Nmap scan report for 192.168.1.9 (192.168.1.9)
    Host is up (0.035s latency).
    Not shown: 995 closed ports
    PORT STATE SERVICE VERSION
    23/tcp open telnet
    | fingerprint-strings:
    | GenericLines:
    | CAMERA login:
    | CAMERA login: IP CAMERA login:
    | GetRequest:
    | HTTP/1.0
    | CAMERA login:
    | Help:
    | HELP
    | CAMERA login:
    | NCP:
    | DmdT^@^@^@
    | ^@^@^@^A^@^@^@^@^@
    | NULL:
    | CAMERA login:
    | RPCCheck:
    | ^@^@(r
    | SIPOptions:
    | OPTIONS sip:nm SIP/2.0
    | Via: SIP/2.0/TCP nm;branch=foo
    | From: <sip:nm@nm>;tag=root
    | <sip:nm2@nm2>
    | Call-ID: 50000
    | CSeq: 42 OPTIONS
    | Max-Forwards: 70
    | Content-Length: 0
    | Contact: <sip:nm@nm>
    | Accept: application/sdp
    | CAMERA login:
    | tn3270:
    | ^@IBM-3279-4-E
    |_ ^YIP CAMERA login:
    843/tcp open unknown
    | fingerprint-strings:
    | DNSStatusRequest, GenericLines, GetRequest, HTTPOptions, Help, JavaRMI, LANDesk-RC, LDAPBindReq, LPDString, NCP, RTSPRequest, TerminalServer, X11Probe, afp:
    |_ <cross-domain-policy> <allow-access-from domain="*" to-ports="*" /> </cross-domain-policy>
    5050/tcp open mmcc?
    7103/tcp open tcpwrapped
    8001/tcp open rtsp
    | fingerprint-strings:
    | FourOhFourRequest:
    | HTTP/1.1 404 Not Found
    | Server: TAS-Tech IPCam
    | Date: Wed, 9 Jan 118 14:40:25 GMT
    | Content-Length: 9
    | Cache-Control: no-cache
    | Found
    | GetRequest:
    | HTTP/1.1 404 Not Found
    | Server: TAS-Tech IPCam
    | Date: Wed, 9 Jan 118 14:40:20 GMT
    | Content-Length: 9
    | Cache-Control: no-cache
    | Found
    | HTTPOptions:
    | HTTP/1.1 405 Method Not Allowed
    | Server: TAS-Tech IPCam
    | Date: Wed, 9 Jan 118 14:40:30 GMT
    | Content-Length: 18
    | Cache-Control: no-cache
    | Method Not Allowed
    | RTSPRequest:
    | RTSP/1.0 200 OK
    | CSeq: 0
    | Server: TAS-Tech Streaming Server V100R001
    |_ Public: DESCRIBE, SET_PARAMETER, SETUP, TEARDOWN, PAUSE, PLAY
    |_rtsp-methods: DESCRIBE, SET_PARAMETER, SETUP, TEARDOWN, PAUSE, PLAY
    3 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at Nmap Fingerprint Submitter 2.0 :
    ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
    SF-Port23-TCP:V=7.60%I=7%D=1/9%Time=5A54D456%P=i686-pc-windows-windows%r(N
    SF:ULL,20,"\xff\xfd\x01\xff\xfd\x1f\xff\xfb\x01\xff\xfb\x03\r\r\nIP\x20CAM
    SF:ERA\x20login:\x20")%r(GenericLines,46,"\xff\xfd\x01\xff\xfd\x1f\xff\xfb
    SF:\x01\xff\xfb\x03\r\r\nIP\x20CAMERA\x20login:\x20\r\n\r\nIP\x20CAMERA\x2
    SF:0login:\x20IP\x20CAMERA\x20login:\x20")%r(tn3270,31,"\xff\xfd\x01\xff\x
    SF:fd\x1f\xff\xfb\x01\xff\xfb\x03\r\r\n\^@IBM-3279-4-E\xfb\^YIP\x20CAMERA\
    SF:x20login:\x20")%r(GetRequest,32,"\xff\xfd\x01\xff\xfd\x1f\xff\xfb\x01\x
    SF:ff\xfb\x03\r\r\nGET\x20/\x20HTTP/1\.0\r\n\r\nIP\x20CAMERA\x20login:\x20
    SF:")%r(RPCCheck,19,"\xff\xfd\x01\xff\xfd\x1f\xff\xfb\x01\xff\xfb\x03\r\r\
    SF:n\x80\^@\^@\(r\xfe\^\]")%r(Help,26,"\xff\xfd\x01\xff\xfd\x1f\xff\xfb\x0
    SF:1\xff\xfb\x03\r\r\nHELP\r\nIP\x20CAMERA\x20login:\x20")%r(SIPOptions,FF
    SF:,"\xff\xfd\x01\xff\xfd\x1f\xff\xfb\x01\xff\xfb\x03\r\r\nOPTIONS\x20sip:
    SF:nm\x20SIP/2\.0\r\nVia:\x20SIP/2\.0/TCP\x20nm;branch=foo\r\nFrom:\x20<si
    SF:p:nm@nm>;tag=root\r\nTo:\x20<sip:nm2@nm2>\r\nCall-ID:\x2050000\r\nCSeq:
    SF:\x2042\x20OPTIONS\r\nMax-Forwards:\x2070\r\nContent-Length:\x200\r\nCon
    SF:tact:\x20<sip:nm@nm>\r\nAccept:\x20application/sdp\r\n\r\nIP\x20CAMERA\
    SF:x20login:\x20")%r(NCP,49,"\xff\xfd\x01\xff\xfd\x1f\xff\xfb\x01\xff\xfb\
    SF:x03\r\r\nDmdT\^@\^@\^@\x08\x20\x08\x08\x20\x08\x08\x20\x08\x08\x20\x08\
    SF:x08\x20\x08\x08\x20\x08\x08\x20\x08\x08\x20\x08\x08\x20\x08\x08\x20\x08
    SF:\^@\^@\^@\^A\^@\^@\^@\^@\^@");
    ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
    SF-Port843-TCP:V=7.60%I=7%D=1/9%Time=5A54D456%P=i686-pc-windows-windows%r(
    SF:GenericLines,5B,"<cross-domain-policy>\x20<allow-access-from\x20domain=
    SF:\"\*\"\x20to-ports=\"\*\"\x20/>\x20</cross-domain-policy>\0")%r(GetRequ
    SF:est,5B,"<cross-domain-policy>\x20<allow-access-from\x20domain=\"\*\"\x2
    SF:0to-ports=\"\*\"\x20/>\x20</cross-domain-policy>\0")%r(HTTPOptions,5B,"
    SF:<cross-domain-policy>\x20<allow-access-from\x20domain=\"\*\"\x20to-port
    SF:s=\"\*\"\x20/>\x20</cross-domain-policy>\0")%r(RTSPRequest,5B,"<cross-d
    SF:eek:main-policy>\x20<allow-access-from\x20domain=\"\*\"\x20to-ports=\"\*\"
    SF:\x20/>\x20</cross-domain-policy>\0")%r(DNSStatusRequest,5B,"<cross-doma
    SF:in-policy>\x20<allow-access-from\x20domain=\"\*\"\x20to-ports=\"\*\"\x2
    SF:0/>\x20</cross-domain-policy>\0")%r(Help,5B,"<cross-domain-policy>\x20<
    SF:allow-access-from\x20domain=\"\*\"\x20to-ports=\"\*\"\x20/>\x20</cross-
    SF:domain-policy>\0")%r(X11Probe,5B,"<cross-domain-policy>\x20<allow-acces
    SF:s-from\x20domain=\"\*\"\x20to-ports=\"\*\"\x20/>\x20</cross-domain-poli
    SF:cy>\0")%r(LPDString,5B,"<cross-domain-policy>\x20<allow-access-from\x20
    SF:domain=\"\*\"\x20to-ports=\"\*\"\x20/>\x20</cross-domain-policy>\0")%r(
    SF:LDAPBindReq,5B,"<cross-domain-policy>\x20<allow-access-from\x20domain=\
    SF:"\*\"\x20to-ports=\"\*\"\x20/>\x20</cross-domain-policy>\0")%r(LANDesk-
    SF:RC,5B,"<cross-domain-policy>\x20<allow-access-from\x20domain=\"\*\"\x20
    SF:to-ports=\"\*\"\x20/>\x20</cross-domain-policy>\0")%r(TerminalServer,5B
    SF:,"<cross-domain-policy>\x20<allow-access-from\x20domain=\"\*\"\x20to-po
    SF:rts=\"\*\"\x20/>\x20</cross-domain-policy>\0")%r(NCP,5B,"<cross-domain-
    SF:policy>\x20<allow-access-from\x20domain=\"\*\"\x20to-ports=\"\*\"\x20/>
    SF:\x20</cross-domain-policy>\0")%r(JavaRMI,5B,"<cross-domain-policy>\x20<
    SF:allow-access-from\x20domain=\"\*\"\x20to-ports=\"\*\"\x20/>\x20</cross-
    SF:domain-policy>\0")%r(afp,5B,"<cross-domain-policy>\x20<allow-access-fro
    SF:m\x20domain=\"\*\"\x20to-ports=\"\*\"\x20/>\x20</cross-domain-policy>\0
    SF:");
    ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
    SF-Port8001-TCP:V=7.60%I=7%D=1/9%Time=5A54D458%P=i686-pc-windows-windows%r
    SF:(GetRequest,8A,"HTTP/1\.1\x20404\x20Not\x20Found\r\nServer:\x20TAS-Tech
    SF:\x20IPCam\r\nDate:\x20Wed,\x209\x20Jan\x20118\x2014:40:20\x20GMT\r\nCon
    SF:tent-Length:\x209\r\nCache-Control:\x20no-cache\r\n\r\nNot\x20Found")%r
    SF:(FourOhFourRequest,8A,"HTTP/1\.1\x20404\x20Not\x20Found\r\nServer:\x20T
    SF:AS-Tech\x20IPCam\r\nDate:\x20Wed,\x209\x20Jan\x20118\x2014:40:25\x20GMT
    SF:\r\nContent-Length:\x209\r\nCache-Control:\x20no-cache\r\n\r\nNot\x20Fo
    SF:und")%r(HTTPOptions,9D,"HTTP/1\.1\x20405\x20Method\x20Not\x20Allowed\r\
    SF:nServer:\x20TAS-Tech\x20IPCam\r\nDate:\x20Wed,\x209\x20Jan\x20118\x2014
    SF::40:30\x20GMT\r\nContent-Length:\x2018\r\nCache-Control:\x20no-cache\r\
    SF:n\r\nMethod\x20Not\x20Allowed")%r(RTSPRequest,87,"RTSP/1\.0\x20200\x20O
    SF:K\r\nCSeq:\x200\r\nServer:\x20TAS-Tech\x20Streaming\x20Server\x20V100R0
    SF:01\r\nPublic:\x20DESCRIBE,\x20SET_PARAMETER,\x20SETUP,\x20TEARDOWN,\x20
    SF:pAUSE,\x20PLAY\r\n\r\n");
    MAC Address: 00:0C:43:90:A4:9E (Ralink Technology)
    Device type: general purpose
    Running: Linux 2.6.X|3.X
    OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3
    OS details: Linux 2.6.32 - 3.10
    Network Distance: 1 hop

    TRACEROUTE
    HOP RTT ADDRESS
    1 34.66 ms 192.168.1.9 (192.168.1.9)

    OS and Service detection performed. Please report any incorrect results at Nmap OS/Service Fingerprint and Correction Submission Page .
    Nmap done: 1 IP address (1 host up) scanned in 59.55 seconds


    RTSP request
    rtsp://192.168.1.9:8001
    login admin
    password: admin
    does not work, any ideas ?
     
  16. Overbum

    Overbum n3wb

    Joined:
    Jan 8, 2018
    Messages:
    2
    Likes Received:
    4
    admin admin or admin without password is standard for rtsp for these cameras. Also check direct list rtsp://ip:8001/0/avN
     
  17. Dimitris St

    Dimitris St n3wb

    Joined:
    Dec 13, 2017
    Messages:
    8
    Likes Received:
    0
    Oh my god , it worked!!!!
    rtsp://192.168.1.3:8001/0/avN
    admin
    no password

    YOU ARE A GOD MAN, thank you!!!
     
  18. peterv6i

    peterv6i n3wb

    Joined:
    Feb 13, 2018
    Messages:
    1
    Likes Received:
    0
    Thank you for this...
    I have the same camera. Does somebody know how to "drive" this camera over http? (how to control other functions over http? moving the lens (head), focus, switch night vision on/off etc..)
     
    Last edited: Feb 13, 2018
  19. Dbs

    Dbs n3wb

    Joined:
    Feb 17, 2018
    Messages:
    1
    Likes Received:
    0
    I've just bought the same camera too. Not too impressed with forcing through the app at all so may well go back, but, it does work with this android app: TinyCam. I use the app for my other easy-n ip camera and have been impressed with its capabilities. Just scan your network ftom within tinycam to find the camera and edit camera details to add the above username and password. This works out of the box (no need to setup via the chinese app) and gives you control of the camera. You should be able to forward port 554 from your router to the ipcam ip address to enable wan access but i wouldn't advise doing so without at least finding out how to change the admin password and verifying any other possible security flaws. I'm still likely to send the camera back unless there is a way to edit the underlying camera settings (which tinycam doesn't cover).
     
  20. davidcgu

    davidcgu n3wb

    Joined:
    Feb 19, 2018
    Messages:
    2
    Likes Received:
    0
    Working great to capture video via rtsp as shown previously:

    rtsp://192.168.1.3:8001/0/avN
    admin

    However will be great to know any way to control locally the camera with some commands via websockets or some program capable to handle out of the one from the manufacturer.

    Looking forward someone who was able to do something on this direction.

    Regards
     
Tags: