R0 / DS-2CD2x32 BrickfixV2 brick recovery and full upgrade tool - enhanced.

I was able to use this to fix my DS-2CD2332-I I had flashed to 5.45 after forgetting it was the chinese version camera. I upgraded all my 5.25 cameras to 5.45. I was hoping this would fix DST issues. The problem I have is that if you change the dst Start or End time it never survives a reboot and always reverts back to the defaults as below. Anyone know of a fix for this?



1635976971086.png
 
  • Like
Reactions: moomoo55
Not sure man this time issue very frustrating, tried everything. Resetting. Updating. Etc etc.I even setup time server thingy on my network/server, sh%t still lost and showing I don't even know what time zone. I gave up, Now I'm just going by the DW recorded time.
 
grmilbrand said:
can I have the link to this file. I've tried so many that aren't working!
Click to expand...
Is this the link you are looking for :

R0 / DS-2CD2x32 BrickfixV2 brick recovery and full upgrade tool - enhanced.

Successful on R0 v5.2.5 build 141201 which I bricked, used the brickfixv2EN version. Firmware used V5.4.5_Build170123. Ran pcap against the intf (for more info) Issues I had: ensure all other intfs on PC are disabled (as TFTP seems to grab all my others first). several power cycle attempts...
ipcamtalk.com ipcamtalk.com
 
I was able to get BrickFixV2 applied but that always takes me back to Min_System.
I get success in installing a bunch of different versions of firmware, but it never will ping or show up in SADP afterwards. How long should I wait?
 
grmilbrand said:
I was able to get BrickFixV2 applied but that always takes me back to Min_System.
Click to expand...
Yes, the brickfixV2 firmware is a modified min-system, without the downgrade block and with the ability to re-write the flash partition that holds values such as the language, and with the ability to do a direct update to the 5.4.5 firmware.
This is all handled by the in-built fixup script.

grmilbrand said:
I can ping 192.0.0.64 but nothing shows up in SADP ?
Click to expand...
The min-system runtime environment should show up in SADP as firmware version 4.0.8

grmilbrand said:
Maybe I need to use the Hiktools language fix?
Click to expand...
That only changes the language flag in the firmware header - it does not change the language of the camera.

When the brickfixV2 script applies the suitably-modified-for-language mtdblock6 - the camera language is changed.
 
alastairstevenson said:
Yes, the brickfixV2 firmware is a modified min-system, without the downgrade block and with the ability to re-write the flash partition that holds values such as the language, and with the ability to do a direct update to the 5.4.5 firmware.
This is all handled by the in-built fixup script.


The min-system runtime environment should show up in SADP as firmware version 4.0.8


That only changes the language flag in the firmware header - it does not change the language of the camera.

When the brickfixV2 script applies the suitably-modified-for-language mtdblock6 - the camera language is changed.
Click to expand...

Ok, so it seems my camera is all ready to be upgradeable. I followed all the steps. Changed the MTD_06 to fix the camera to a 26 98 changed the language block to an 01 and figured out the checksum value as 63 0D
that has been applied to the camera.

I've applied a multitude of versions of digicap.dav files thru both using the /dav/fixup.sh and also the lines:
# tftp -r digicap.dav -g 192.0.0.128
# upgrade

once I unplug & repower with reset button pressed for 30 seconds, the camera dissappears from both 192.0.0.64 and SADP to not be seen again until I reapply the BrickFix Min_System. Is my camera SOL?
 

Attachments

  • Capture.PNG
    Capture.PNG
    35.9 KB · Views: 18
i've tried
  • 5.16 140612
  • 5.2.0 140721
  • 5.30 Downgrader
  • 5.4.5 (on page 1 of this thread)
  • a '5.2.5' i found
  • another 'custom 5.2.5'
  • 5.3.0 150513 (wasn't successful with this one "mismatch")
  • 5.3.0 151016
 
grmilbrand said:
this shows the 5.4.5 upload was successful,
Click to expand...
Yes, the transcript in your screenshot looks normal.

grmilbrand said:
after restart, I get nothing. no ping or SADP
Click to expand...
One possibility is a partial flash failure that's stopping the device from running normally.
There have been a couple of posts about devices that have failed in that way after an update.
But either way, it seems like the hardware is misbehaving.

If you wanted to spend more time exploring that, or confirming the problem, you'd need to connect to the serial console of the device.
This would need these 2 items :
A wired 4-pin 1.5mm ZH JST connector, usually sold in 10-packs.
A serial TTL to USB convertor, such as a PL2303TA-based device or similar.
 
I'm also one of the unlucky ones. After the success with the initial TFTP of the brickfixv2 It will ping 1-3 times on boot and if tftp is running i will see the test line then nothing else and the ping dies.

I also have another indicator. Although the port shows UP on my HP Switch the mac-address isn't registering.
 
Unfortunately SADP shows nothing, I was never able to get into telnet after the initial breakfix tftp. I tried the 192.168.1.64 as well but nothing.
I've seen the replies regarding trying serial but I'm out of steam with this thing at least for now.

With my original message I just mainly wanted to pass on that it doesn't register a mac address with my switch, anytime I have seen that happen with other devices it's game over but who knows.
 
  • Sad
Reactions: alastairstevenson
so guys i'm going to throw in the towel. It is too complex for me. I have been coming here repeatedly for years looking for solutions.
This is what ssh comes out of
then you tell me
Thank you.
Paul
 

Attachments

silvycam said:
so guys i'm going to throw in the towel. It is too complex for me. I have been coming here repeatedly for years looking for solutions.
Click to expand...
What are you trying to do, what do you want to change?

The DS-2CD2135F-IS is not an R0 series camera, so the brickfixV2 method of debricking / language changing is not suitable for it.

What does 'prtHardInfo' show as the SSH prompt?
 
alastairstevenson said:
What are you trying to do, what do you want to change?

The DS-2CD2135F-IS is not an R0 series camera, so the brickfixV2 method of debricking / language changing is not suitable for it.

What does 'prtHardInfo' show as the SSH prompt?
Click to expand...
I would just like to bring her back to life! I can only connect to it via ssh currently. I was hoping there was a way.
 
silvycam said:
I can only connect to it via ssh currently.
Click to expand...
There isn't enough info in dmesg to show why the normal bootup is not completing normally.

To get more detail, you'd need to connect to the device serial console.
To do this, 2 items are needed :
A 4-pin 1.5mm wired ZH JST connector, usually sold in 10-packs.
A USB to serial TTL adaptor, such as a PL2303TA-based device.
 
  • Like
Reactions: silvycam
First off, big thanks to alastairstevenson.
Fixed six DS-2cd2232-IM with no problems with your debrick tool. Thanks to everyone who asked questions also, it helps alot. quick Something that helped me with long boot loop was another thread where someone had checked for water damage whlie fixing rj45 plug and they removed the lens ribbon to check for any damage inside.. I just happened to look for a reset button on a different brand DS-2cd2232-IM and removed the lens ribbon. i redid the ribbon, (found it easiest to put it on camera first then the lens) and it showed fw5.2.5. and now running 5.4.5. Worth checking if all else is failing, It worked for me :)

One question I have , has anyone use the fw IPC_R0_EN_STD_5.4.800_210813? It is on the hikvisioneurope portal but I search and found nothing on it here or anywhere else. Has anyone tried it? Is there any reason to or not to upgrade to it. I am happy with 5.4.5 but worry it might fix a another backdoor. I am a little shy of loading anything without asking with the update game they play LOL.

Thanks again to all and Stay healthy and safe. Merry Christmas!
 
  • Like
Reactions: alastairstevenson
xolenozo said:
Fixed six DS-2cd2232-IM with no problems with your debrick tool.
Click to expand...
Great! Well done.

xolenozo said:
has anyone use the fw IPC_R0_EN_STD_5.4.800_210813? It is on the hikvisioneurope portal but I search and found nothing on it here or anywhere else. Has anyone tried it?
Click to expand...
I've seen that also, have not tried it, and wondered why it appeared as the @bashis PoC tool showed that an R0 with 5.4.0 160530 was not vulnerable to the CVE-2021-36260 exploit.
I keep that firmware version as it has the 'Hikvision backdoor' vulnerability so I can use the camera as a trojan horse to extract NVR admin passwords.
And initially, R0 models didn't appear on Hikvision's original affected table, since removed and put behind a page requiring a login. Which I didn't wish to do ...
But use-ip has it listed, though it's not clear if that is because it was in the original Hikvision table or has been added since.

Firmware - Hikvision declare new vulnerabilities in mass email blast sent Saturday 18th September 2021

Yesterday evening I received an email from Hivision detailing a critical vulnerability in a number of their products and a link to new firmware. The advisory is: Here It appears I have two camera models affected by this, as they match the document, but the link to new firmware produces no...
www.use-ip.co.uk www.use-ip.co.uk
 
I went ahead and loaded the 5.4.8 fw on to a DS-2CD2232-IM with china serial #, (just one of six for now). So far no problems over 24hrs. I will let you know if there is any problems down the line.

I always wonder if the updates are protecting us from a backdoor or creating a backdoor? I am not too worried about it. I am just starting out with IPCams so I went with used ebay cameras where the price of 6 used was the same as 1 new, ran some cat 5e and only have 2 rules, don't point the cameras at anything you don't want others to see and protect the home network. Not sure how I'm going to do that yet but am still in the research phase. my internet is tops out at 1.5mb but have fiber box on the house and just waiting for final install of 1gig internet so that will open the cloud options or my own ftp.

Thanks again for everything you and everyone else do here.
 
  • Like
Reactions: alastairstevenson
You must log in or register to reply here.
Top Bottom