R0 / DS-2CD2x32 BrickfixV2 brick recovery and full upgrade tool - enhanced.

[alastairstevenson]

I got all 8 of my cameras updated and still working with my 7108. Everything is happy!

Hey, Neil, well done!
That's a good number - I bet you were well practised at the end.

 

[alastairstevenson]

- how do you reboot into mini system mode for telnet access? Just a power cycle??

When the brickfix toolV2 is applied (it's wrapped as normal firmware), it activates and drops the payload on the first power cycle after installation, and then automatically initiates a reboot into the min-system recovery mode ready for the /dav/fixup.sh script execution that runs the fixup process.

- will this work for authorized by Hikvision reseller not Hikvision cameras like LTS or GNS??

To be honest - I don't know, that's not something I've had the chance to try.
And I don't recall any posts trying it on OEM models.
Maybe a forum member who has done this will chime in ...

 

[Bizentech]

Thank you! I’ll play around with the non OEM Hik cams and see. Will this work for 2CD2145F? Idk if the camera is an R0 or not. I have an original 2CD2142FWD if it’s pretty much the same, maybe I can get the correct Hex digits from that and paste it to the 2145?

P.S. the 2145F is not bricked so I assume the 0x64 line would show a correct device type instead of FF?

 

[alastairstevenson]

Will this work for 2CD2145F? Idk if the camera is an R0 or not.

No - that's a R6 series camera - the 'hardware signature data' is stored quite differently from R0 series, it's not in a flash partition.

Thank you! I’ll play around with the non OEM Hik cams and see.

You need to be very sure that they are based on the R0 series, DS-2CD2x32 Hikvision cameras.
Be cautious.

 

[Bizentech]

Well the cams are not bricked so I suppose I’ll wait for an R6 unbrick/convert to upgradable fix. I could donate an R6 version cam if this would speed up the process (PM me). I’m anxious for a fix.
I made the mistake of buying CN cams and think one is hacked :/
To add to that, the CN firmware claim 264+ but I don’t see that option

 

[Cookie Monster]

I have a DS-2CD2342WD-I turret camera which was hacked and which I can no longer access. Have tried using the password reset tool but without success. I was hoping that the Brickfix tool would be my saviour, but after reading the thread and watching the YouTube video, it seems that my camera is one that it will not work with. Correct me if I’m wrong ?

Is there any solution, or is my camera now completely useless ?

Any help would be much appreciated.

 

[alastairstevenson]

I was hoping that the Brickfix tool would be my saviour, but after reading the thread and watching the YouTube video, it seems that my camera is one that it will not work with. Correct me if I’m wrong ?

You are correct - the DS-2CD2343WD is an R6 series camera - the brickfix tool is for R0 series cameras. *edit* DS-2CD2342

Is there any solution, or is my camera now completely useless ?

Does the camera show up in SADP, and if so, what firmware version and IP address is listed? Does it match the LAN range?
If it's just a password reset that's needed, and the camera is an English/upgradeable model, using the Hikvision tftp updater to apply the same firmware will clear the configuration and allow you to either use the old, default passwords (12345 123456789abc) or 'activate' with a new password depending on the version.
Firmware here : DOWNLOAD PORTAL
Hikvision tftp updater too and instructions at the second link here : Custom Firmware Downgrader 5.3.0 Chinese to 5.2.5 English

 

[alastairstevenson]

Well the cams are not bricked so I suppose I’ll wait for an R6 unbrick/convert to upgradable fix.

It might be safest to leave as-is, and not expose them to the internet by 'port forwarding'.
I do have an R6 camera (DS-2CD2042) but it's EN/updateable so not very interesting to experiment on.
I did do some modded firmware to inhibit the 'network-deamon' (sic) network checker program that's caused problems for some people, but that's all.

 

[Bizentech]

I may be drifting off topic with this question, but if not port forwarding, then what are my options?
P.S. I do not have ports open for individual cameras (Except separate RTSP ports for 5 cams), only ports open are on the NVR and managed switches for remote config. I cannot access individual cameras or their GUI remotely

 

[Cookie Monster]

You are correct - the DS-2CD2343WD is an R6 series camera - the brickfix tool is for R0 series cameras. *edit* DS-2CD2342

Does the camera show up in SADP, and if so, what firmware version and IP address is listed? Does it match the LAN range?
If it's just a password reset that's needed, and the camera is an English/upgradeable model, using the Hikvision tftp updater to apply the same firmware will clear the configuration and allow you to either use the old, default passwords (12345 123456789abc) or 'activate' with a new password depending on the version.
Firmware here : DOWNLOAD PORTAL
Hikvision tftp updater too and instructions at the second link here : Custom Firmware Downgrader 5.3.0 Chinese to 5.2.5 English

Yes the camera shows up in SADP. Software 5.4.41 Build 170309. IP Addreess 192.168.1.108 Should I try the downgrader on this ?

 

[alastairstevenson]

That firmware has the backdoor fixed, so the password reset that relies on it won't work.
If the camera is upgradeable, applying the exact same firmware using the tftp updater will reset the configuration.
Don't use the downgrader - that's for a different series of camera.

 

[Cookie Monster]

Thanks again. Can you please advise where I find the TFTP updater and the process I need to follow.

 

[alastairstevenson]

In the Hikvision stickies, find the 5.3.0 to 5.2.5 downgrader. In the second link are the tftp updater and instructions. But not the firmware, that's for a different camera.

 

[Cookie Monster]

I cannot get this to work.... I downloaded the upgrader and extracted the files into a folder named 'TFTP'

Reading the instructions as follows.....

1. Rename the firmware to digicap.dav

-- Renamed 'EN downgrade_digicap.dav to digicap.dav

2. Put the firmware under the same folder of this TFTP

-- Put this and all other files in a folder named 'TFTP'

3. Set the IP of computer as 192.0.0.128

-- Changed IP address of PC

4. Camera's IP can be anyone.

-- Did not change this

5. Run the tftpserv.exe

-- Ran the application

6. Power off and power on the Camera. The device will search the new firmware and upgrade it automatically.

-- Unplugged PoE cable and plugged back in. And waited
-- The TFTP Server Log does not proceed any further than...[2018-01-16 22:16:50] TFTP Server[192.0.0.128] initialized


Do you have any indication of what I may be doing wrong?

Thanks.

 

[whoslooking]

Your camera and the PC need to be connected together via a network switch, if its not a POE switch you will need a 12v Power supply for the camera.
Also make sure that you gave tftp netwok access or it wont work either.

 

[alastairstevenson]

Do you have any indication of what I may be doing wrong?

Important:

Don't use the downgrader - that's for a different series of camera.

In the second link are the tftp updater and instructions. But not the firmware, that's for a different camera.

Firmware here : DOWNLOAD PORTAL

You can use the 5.4.5 version of the firmware from the link above- 5.4.41 was rushed out to fix the 'Hikvision backdoor'.

Also make sure that you gave tftp netwok access or it wont work either.

As @whoslooking suggests - the Windows firewall needs to allow the camera to communicate with the tftp updater that's running on the PC.
When you first ran the tftp updater you should have seen a Windows firewall alert popup - if you didn't click 'OK' the firewall will block access.
But either way - check the Windows firewall Advanced settings' 'Inbound allow rules' to confirm there is an entry for tftpserve.exe

 

[Cookie Monster]

Thanks again for your replies and help. I'm sure I'll get there in the end. The camera is on my computer desk attached directly to the network switch (under my desk), as is my PC. So everything should be OK there.

I'll try disabling the firewall while this runs to see if that helps.

I assume that I am using the correct application ? From this sticky... Custom Firmware Downgrader 5.3.0 Chinese to 5.2.5 English

and using the 2nd link titled 'Dropbox - Custom downgrader' ?

Cheers

 

[alastairstevenson]

I assume that I am using the correct application ? From this sticky... Custom Firmware Downgrader 5.3.0 Chinese to 5.2.5 English

and using the 2nd link titled 'Dropbox - Custom downgrader' ?

Yes, that's correct, the download files starting tftp...

I'll try disabling the firewall while this runs to see if that helps.

Yes, that would save messing with the rather cryptic configuration rules.

I'm sure I'll get there in the end.

You should do, assuming the camera does the usual probe for the tftp updater.
Good luck!

 

[Cookie Monster]

Still no success Turned off the firewall, and started running TFTP as previous. The log advanced as it should, but I never got the final "Device [192.0.0.64] system update completed!" in spite of waiting over 10 minutes. The camera shows in SADP with an IP of 192.168.1.64 but it refuses to connect in a browser.
This site can’t be reached
192.168.1.64 refused to connect.

Software version in SADP is now showing as 4.0.8 Build 150325 from the previous 5.4.41 Build 170309

I'm at a loss of what to do now. Any suggestions ? Or just chuck it in the bin

Thanks again.

 

[ovexi]

I'm happy to report that I've just revived a bricked DS-2CD3132F-IWS and upgraded to v5.4.5
I used the devType for DS-2CD2132-I and the latest firmware for R0 / DS-2CDx32 cameras from Hikvision website.

Thanks again Alastair! You are the man!